From Harvard to Qantas: Data Breaches, State Threats, and Phishing Takedowns Mark the Week in Cybersecurity

The weekly news underscored how fast risk is evolving across breaches, phishing ecosystems, and software supply chains. Leaders urged action rather than waiting and watching. 

“The quantum threat that many thought was a decade away is now projected to be closer to five years,” said Rebecca Krauthamer, CEO of QuSecure. She added that cryptography must be agile, upgradeable, and future-proof for high-impact systems such as web apps, APIs, and customer data pipelines.

Qantas Customer Data Was Published After the July Cyber Breach Impacting 5 Million People

Hackers leaked personal information of over five million Qantas customers following a third-party data breach in July. The exposed dataset contained names, travel records, and membership IDs. 

Security analysts believe the attackers exploited Salesforce integration gaps to exfiltrate sensitive information. Authorities have launched an inquiry into how external vendors handled data protection requirements.

Phishing Network GXC Team Dismantled, Network’s Suspected Leader Arrested in Spain

Spanish police arrested the alleged head of the GXC Team, a group responsible for global phishing operations. Investigators seized servers, stolen credentials, and tools used to create credential-harvesting kits. 

The group sold thousands of templates targeting banks and social media accounts. Authorities described the takedown as a significant disruption to one of Europe’s most active phishing markets.

Harvard Confirms Cl0p Data Breach Tied to Oracle EBS Vulnerability

Harvard University confirmed that Cl0p ransomware exploited a flaw in Oracle’s E-Business Suite to access internal systems. Leaked files included academic records and internal documents later posted on a dark-web leak site.

Security teams are conducting forensic analysis and deploying patches. The breach links to broader Cl0p campaigns exploiting enterprise software vulnerabilities across the education sector.

TigerJack Malware Infects Over 17,000 Developers, Steals Code and Mines Crypto

Researchers uncovered malicious VSCode extensions harboring the TigerJack malware, impacting more than seventeen thousand developers worldwide. The malware steals source code, authentication tokens, and cryptocurrency wallet credentials.

It also deploys hidden miners that exploit system resources for profit. Experts recommend code integrity checks and strict marketplace validation to prevent similar supply-chain threats.

Insider Risk Report Finds Data Loss Increasing Across Global Organizations

A global survey revealed that insider threats account for the majority of organizational data-loss incidents. Weak monitoring and insufficient access controls contribute to recurring breaches.

Hybrid work models amplify risks by dispersing sensitive data across unmanaged devices. Analysts advise continuous user behavior monitoring and employee training to reduce exposure.

F5 Cybersecurity Breach Linked to China-Backed Nation-State Threat Actors

F5 confirmed an intrusion attributed to a China-based hacking group that targeted enterprise networking equipment. The attackers exploited zero-day vulnerabilities to exfiltrate customer data. 

Evidence suggests overlapping tactics with previous espionage operations against the defense and telecommunications sectors. The company has released mitigations and urged clients to update systems immediately.

Cisco Routers Hacked for Rootkit Deployment

Security researchers found rootkits implanted on Cisco routers, giving attackers persistent access to critical networks. The campaign targeted enterprise infrastructure and telecom providers worldwide. 

The threat actors used customized firmware to avoid detection and maintain control. Cisco is investigating affected devices and advising customers to verify firmware authenticity.

Europol Dismantles Major SIM-Box Cybercrime-as-a-Service Network, Five Arrested

Europol coordinated international raids that dismantled a SIM-box operation enabling large-scale cybercrime services. Five individuals were arrested, and hundreds of devices were seized.

The network facilitated call spoofing and fraud operations across several countries. Investigators said the takedown disrupted a profitable underground communications market.

PowerSchool Hacker Sentenced to Four Years in Prison

A hacker responsible for breaching the PowerSchool education platform received a four-year federal prison sentence. The individual accessed thousands of student records and sold data on dark-web forums.

Law enforcement agencies tracked the activity through cryptocurrency transactions and digital fingerprints. Officials said the case underscores the growing legal response to cybercrimes targeting the education sector.

Evolving Phishing Campaigns Deliver HoldingHands Malware Across China, Taiwan, Japan, and Malaysia

Analysts observed new phishing waves distributing HoldingHands malware through fake business emails in East Asia. The campaign uses localized language templates and compromised servers for delivery.

Victims are tricked into downloading attachments that exfiltrate credentials and sensitive documents. Researchers warn that the threat is expanding rapidly to new sectors, including manufacturing and logistics.

Nintendo Responds to Crimson Collective Breach Claims, Denies Any Data Leak

Cybersecurity platform Hackmanac reported that a group, Crimson Collective, claimed to hack Nintendo’s internal servers. The hackers posted screenshots allegedly showing stolen files labeled “nintendo-topics.”

Nintendo told Japanese media there was unauthorized access, but denied any personal or development data exposure. Investigators are assessing whether the screenshots were authentic or part of a false claim campaign targeting major gaming firms.

Looking Ahead

Experts cautioned against repeating the same advice without operational change. Neil Carpenter, Principal Solution Architect at Minimus, argued that modern password guidance should replace outdated complexity rules. Nicole Jiang, CEO and Co-Founder of Fable Security, warned that criminals increasingly target vulnerable populations and essential services, showing how far moral boundaries have eroded. 

Together, their messages reinforce this week’s theme: measurable security gains come from pragmatic controls, smarter dependency choices, and continuous attention to human impact.