Cybersecurity · Learning by Example

Every major hack.
Explained simply.

Pick a threat type, read the full story, and walk away knowing exactly what went wrong.

All Case Studies

157 cases

Voice Cloning Bank Fraud: Your CEO's Voice Is Now a Hacking Tool

2 min readAI & Deepfake Scams

Deepfake CFO Video Call: Hong Kong Finance Worker Pays $25 Million

2 min readAI & Deepfake Scams

XZ Utils Backdoor: Two-Year Social Engineering of Open Source Maintainer

2 min readSupply Chain Attacks

Polyfill.io CDN Hijack: 100,000 Websites Serve Malicious JavaScript After Domain Sale

2 min readSupply Chain Attacks

Snowflake Credential Theft: Ticketmaster, AT&T, and 160 Others Breached via Stolen Logins

2 min readCredential Attacks

KYC Bypass with AI Deepfakes: Financial Accounts Opened with Fake Faces

2 min readAI & Deepfake Scams

LastPass Employee Deepfake Audio Attack: The CEO's Voice Is Being Cloned

2 min readSocial Engineering

Synnovis NHS: Ransomware Cancels 10,000 NHS Appointments Including Blood Transfusions

2 min readRansomware

Salt Typhoon: China Hacks US Telecom Wiretap Infrastructure

2 min readZero-Day Exploits

Change Healthcare: Ransomware Cripples US Medical Billing for Months

2 min readRansomware

Biden Robocall Deepfake: Synthetic Voice Suppresses New Hampshire Primary Voters

2 min readAI & Deepfake Scams

CrowdStrike: A Faulty Update Crashes 8.5 Million Windows Machines Worldwide

2 min readIncident Response

LockBit Takedown: Operation Cronos Disrupts the World's Most Prolific Ransomware Gang

2 min readRansomware

Scattered Spider vs MGM Resorts: No-Code Social Engineering Takes Down Vegas

2 min readSocial Engineering

Royal Mail Ransomware: LockBit Cripples UK International Post for Weeks

2 min readRansomware

FraudGPT: Subscription Service for AI-Generated Fraud, Available in Telegram

2 min readAI & Deepfake Scams

Caesars Entertainment: Pay $15M or We Publish Your Loyalty Members' Data

2 min readSocial Engineering

GitHub Actions Supply Chain: tj-actions Breach Exposes CI Secrets of 23,000 Repositories

2 min readSupply Chain Attacks

Duolingo 2.6 Million User Data Scraped via Exposed API Endpoint

2 min readCredential Attacks

MGM Resorts Social Engineering Attack

2 min readSocial Engineering

Meta GDPR Fine: €1.2 Billion for Transferring European Data to the US

2 min readIncident Response

MOVEit Zero-Day: One SQL Injection Flaw, 2,700 Organisations Breached

2 min readZero-Day Exploits

WormGPT: Jailbroken LLM Sold on Dark Web for AI-Powered Phishing Generation

2 min readAI & Deepfake Scams

3CX Supply Chain: Attack Inside an Attack — Trading Technologies Compromised First

2 min readSupply Chain Attacks

23andMe: 6.9 Million DNA Profiles Scraped via Credential Stuffing

2 min readCredential Attacks

Synthetic Identity Fraud Surge: AI Creates Frankenstein Identities Worth $6 Billion

2 min readAI & Deepfake Scams

Samsung Employees Upload Sensitive Code to ChatGPT: Confidential Data Exits the Company

2 min readInsider Threats

Pig Butchering Powered by AI Chatbots: Industrialised Romance Fraud at Scale

2 min readAI & Deepfake Scams

Citrix Bleed: Authentication Bypass in Citrix ADC Used in Ransomware Attacks

2 min readZero-Day Exploits

Microsoft Teams External Tenant Phishing: Office Tools Turned Against Employees

2 min readPhishing Attacks

AI Disinformation Farms: 1,000 Fake News Sites Generate Millions of Views for Ad Revenue

2 min readAI & Deepfake Scams

GitHub Token Theft via Travis CI: CI/CD Access Exposes Private Repository Secrets

2 min readCredential Attacks

Romance Scam Pig Butchering: $3.5 Billion in Crypto Stolen Through Manufactured Love

2 min readSocial Engineering

PyPI Malicious Packages: Thousands of Typosquatting Packages Steal Developer Credentials

2 min readSupply Chain Attacks

Axie Infinity Ronin Bridge: A Fake Job Offer Steals $625 Million in Crypto

2 min readSocial Engineering

LastPass Breach: Lessons in Password Manager Security

2 min readData Breaches

Okta Credential Stuffing: 18,000 Customer Accounts Tested with Stolen Passwords

2 min readCredential Attacks

LastPass Changing Story: How a Breach Disclosure Evolved Over Three Months

2 min readIncident Response

Lapsus$: Teenagers Bribe Telecom Employees to Breach Microsoft, Nvidia, and Uber

2 min readSocial Engineering

Okta Breach: The Identity Provider That Protects Everyone Gets Compromised

2 min readPhishing Attacks

Twilio: SMS Phishing Harvests Employee Credentials, Reaches 163 Customer Accounts

2 min readPhishing Attacks

AI LinkedIn Fake Profiles: North Korea Uses Generated Faces to Infiltrate Tech Companies

2 min readAI & Deepfake Scams

Costa Rica National Emergency: Conti Ransomware Paralyses a Country

2 min readRansomware

GitHub Copilot Leaks Secrets: AI Autocompletion Suggests Real Credentials from Training Data

2 min readAI & Deepfake Scams

Spring4Shell: Critical RCE in Spring Framework Affects Millions of Java Applications

2 min readZero-Day Exploits

Kaseya VSA: Ransomware Delivered to 1,500 Businesses in One Hit

2 min readSupply Chain Attacks

Fortinet VPN Zero-Days: Nation-States Exploit Unpatched VPN Gateways for Years

2 min readZero-Day Exploits

Twitch Source Code Leak: 125GB of Internal Data from Credential Misuse

2 min readCredential Attacks

GriftHorse: 10 Million Android Users Billed Via Premium SMS Subscription Scam

2 min readSocial Engineering

Emotet: The World's Most Dangerous Malware Takedown

2 min readMalware & Spyware

JBS Foods: REvil Ransomware Shuts Down US Meat Processing Plants

2 min readRansomware

PHP Git Backdoor: Attackers Push Malicious Commits to PHP's Official Source

2 min readSupply Chain Attacks

Pegasus Spyware: NSO Group's Commercial Tool Used Against Journalists and Dissidents

2 min readMalware & Spyware

MSHTML Zero-Day: Nation-States Weaponise Office Documents with No Macros Required

2 min readZero-Day Exploits

Exchange ProxyLogon: 250,000 Servers Backdoored in 24 Hours via Email Server Zero-Days

2 min readZero-Day Exploits

Colonial Pipeline Ransomware Attack

2 min readRansomware

Codecov Bash Uploader Compromise: CI/CD Secrets Harvested from Thousands of Companies

2 min readSupply Chain Attacks

Facebook 533 Million Records: Published in 2021, Breached in 2019, "Old Data"

2 min readIncident Response

GoDaddy 2021: 1.2 Million WordPress Hosting Customers Exposed via Compromised Password

2 min readCredential Attacks

Verkada Security Camera Breach: Insider Sells Access to Hacker, Tesla and Cloudflare Exposed

2 min readInsider Threats

Ubiquiti Insider Whistleblower: The Breach Was Worse Than the Company Admitted

2 min readInsider Threats

Log4Shell: A Single Java Library Puts 3 Billion Devices at Risk

2 min readZero-Day Exploits

The Twitter Bitcoin Hack

2 min readSocial Engineering

Twitter 2020 Hack: Vishing Internal Employees for Admin Access

2 min readPhishing Attacks

Cosmic Lynx: The Nigerian BEC Gang That Went Upmarket

2 min readPhishing Attacks

eBay Employee Spear-Phish Leads to Harassment Campaign Against Critics

2 min readPhishing Attacks

SolarWinds Supply Chain Attack

2 min readSupply Chain Attacks

Garmin WastedLocker: Pilots Lose Navigation, Runners Lose Data for 5 Days

2 min readRansomware

Universal Health Services: Ryuk Ransomware Across 400 Hospitals

2 min readRansomware

Barbara Corcoran's $400,000 BEC: Fake Invoice Fools Real Estate Mogul's Bookkeeper

2 min readSocial Engineering

SolarWinds CISA Emergency Directive: US Government's Response to a Months-Long Intrusion

2 min readIncident Response

FIN7 BadUSB Mail Drop: Ransomware Delivered via Fake Amazon Gift Cards to Hotels

2 min readPhysical Security

Twitter's Saudi Government Spy: Two Employees on State Payroll in Twitter's SF Office

2 min readInsider Threats

Norsk Hydro: Ransomware Shuts Down Aluminium Plants Across 3 Continents

2 min readRansomware

Capital One: A Misconfigured WAF and a Former AWS Employee

2 min readData Breaches

ASUS Live Update ShadowHammer: 1 Million PCs Receive Backdoored Official Updates

2 min readSupply Chain Attacks

Tailgating Study: 74% of People Hold the Door Open for Strangers in Secure Buildings

2 min readPhysical Security

Biometric Bypass: Lifting Fingerprints from Glasses to Clone Entry Credentials

2 min readPhysical Security

GE Aviation IP Theft: Engineer Emails 8,000 Files to Personal Account Before Joining Competitor

2 min readInsider Threats

Travelex: WastedLocker Ransomware Takes Down Global Currency Exchange

2 min readRansomware

Baltimore City RobbinHood: Ransomware Locks City Government for 5 Weeks

2 min readRansomware

Collection #1: 773 Million Unique Credentials Dumped in One Post

2 min readCredential Attacks

British Airways GDPR Fine: The First Major Enforcement Sets the Tone

2 min readIncident Response

First Documented AI Voice Clone Fraud: CEO's Voice Transfers €220,000

2 min readAI & Deepfake Scams

Marriott Starwood: 500 Million Guests Exposed in a Breach Hidden Inside an Acquisition

2 min readData Breaches

Reddit SMS MFA Bypass: Attacker Intercepts Texts to Access Employee Accounts

2 min readCredential Attacks

Cambridge Analytica: 87 Million Facebook Profiles and a Quiz App

2 min readInsider Threats

EventStream npm: Malicious Code Buried in Dependency Targets Bitcoin Wallet

2 min readSupply Chain Attacks

Tesla IP Theft: Engineer Emails 26,000 Confidential Files Before Joining Competitor

2 min readInsider Threats

Cisco Insider: Former Employee Deletes 16,000 WebEx Accounts Post-Resignation

2 min readInsider Threats

ATM Jackpotting: Black Box Attack Forces ATM to Dispense All Cash

2 min readPhysical Security

Equifax Breach Response: 78 Days to Patch, 40 Days to Disclose, $700M in Fines

2 min readIncident Response

Triton/TRISIS: Malware Designed to Kill People by Disabling Safety Systems

2 min readMalware & Spyware

Fish Tank Thermometer: Casino High-Roller Database Stolen via IoT Sensor

2 min readPhysical Security

EternalBlue: NSA's Stolen Weapon Powers WannaCry, NotPetya, and Years of Attacks

2 min readZero-Day Exploits

NotPetya Recovery: Maersk Rebuilds its Entire Global IT in 10 Days

2 min readIncident Response

CCleaner Backdoor: 2.27 Million Downloads Infected via Legitimate Software Update

2 min readSupply Chain Attacks

Equifax Data Breach

2 min readData Breaches

NotPetya: $10 Billion in Damages from a Wiper Disguised as Ransomware

2 min readMalware & Spyware

WannaCry Global Ransomware Attack

2 min readRansomware

GitLab Production Database Deletion: 5 Failed Backups and a Live Stream

2 min readIncident Response

DNC Hack: Fancy Bear's Spear-Phish Decides an Election Narrative

2 min readPhishing Attacks

Google Phishing Attack on Podesta Campaign

2 min readPhishing Attacks

Uber Data Breach Cover-Up

2 min readData Breaches

Yahoo: 3 Billion Accounts — Every Single One

2 min readData Breaches

Bangladesh Bank: $81 Million Stolen via Forged SWIFT Messages

2 min readPhishing Attacks

Mirai Botnet: IoT Devices Take Down the Internet's Infrastructure

2 min readMalware & Spyware

FACC CEO Fraud: Austrian Aerospace Supplier Loses €50 Million to Fake M&A

2 min readPhishing Attacks

Hollywood Presbyterian: Hospital Pays $17,000 to Get Patient Records Back

2 min readRansomware

USB Drop Attack: 60% of People Plug In Dropped USB Drives

2 min readPhysical Security

Uber 2016 Cover-Up: Paying Hackers $100,000 via Bug Bounty to Hide a Breach

2 min readIncident Response

Dyn DDoS Response: When a Third Party's Outage Takes Down Half the Internet

2 min readIncident Response

Anthem Health: 78 Million Patient Records and a Single Phishing Email

2 min readPhishing Attacks

Carbanak / FIN7: $1 Billion Stolen from Banks via Spear-Phishing and Custom Malware

2 min readMalware & Spyware

Duqu 2.0: Kaspersky's Own Network Breached by Sophisticated Spyware

2 min readMalware & Spyware

IRS Phishing: $5.8 Billion Lost Annually to Tax Season Email Fraud

2 min readPhishing Attacks

Morgan Stanley Financial Advisor Steals 730,000 Client Records

2 min readInsider Threats

Slack 2015: Hashed Passwords Stolen, and the Attacker Left a Message

2 min readCredential Attacks

Ubiquiti Networks: $46.7 Million Wired to Hong Kong Fraudsters via Email

2 min readPhishing Attacks

Ukraine Power Grid: The First Confirmed Cyber Attack to Kill the Lights

2 min readPhishing Attacks

Sony Pictures Hack: North Korea Destroys a Studio's IT Infrastructure

2 min readMalware & Spyware

Home Depot: 56 Million Cards via Stolen HVAC Vendor Credentials

2 min readData Breaches

Heartbleed: OpenSSL Bug Exposes Private Keys and Passwords of Two-Thirds of the Internet

2 min readZero-Day Exploits

Shellshock: A 25-Year-Old Bash Bug Enables Remote Code Execution on Millions of Servers

2 min readZero-Day Exploits

Regin: GCHQ's Spyware Against a European Telecom for 10 Years

2 min readMalware & Spyware

Syrian Electronic Army Hijacks AP Twitter, Markets Crash

2 min readSocial Engineering

CryptoLocker: The Ransomware That Invented Modern Extortion

2 min readRansomware

Adobe's 153 Million Account Breach and Embarrassing Password Hints

2 min readData Breaches

Edward Snowden and the NSA: The Insider Who Changed the World

2 min readInsider Threats

NSA TAO Hardware Interdiction: Intercepting Cisco Routers in Transit

2 min readPhysical Security

Target Breach IR Failure: Security Team Saw the Alerts and Did Nothing

2 min readIncident Response

Target Point-of-Sale Breach

2 min readData Breaches

LinkedIn 2012: 117 Million Passwords Hashed With No Salt

2 min readData Breaches

Dropbox 2012: 68 Million Passwords Exposed Because an Employee Reused a Password

2 min readCredential Attacks

Flame: The 20MB Espionage Toolkit That Mapped Middle East Networks for Years

2 min readMalware & Spyware

Hotel Keycard Cloning: $300 Device Opens Every Onity Lock in the World

2 min readPhysical Security

PlayStation Network Down for 23 Days: 77 Million Accounts Exposed

2 min readData Breaches

RSA SecurID: When Two-Factor Authentication Gets Hacked

2 min readSupply Chain Attacks

Stuxnet: The World's First Cyber Weapon Destroys Iranian Centrifuges

2 min readMalware & Spyware

Stuxnet USB Delivery: Crossing the Air Gap With a Memory Stick

2 min readPhysical Security

Operation Aurora: China's Spear-Phish Against Google and 34 Companies

2 min readPhishing Attacks

Operation Aurora IE Zero-Day: China Exploits Browser Flaw to Hack Google and 34 Others

2 min readZero-Day Exploits

Global ATM Skimming: Organised Crime Installs Card Readers on Cash Machines

2 min readPhysical Security

Stuxnet's Four Zero-Days: The Most Expensive Zero-Day Stockpile Ever Deployed

2 min readZero-Day Exploits

Chelsea Manning: 750,000 Military Documents and Diplomatic Cables Released to WikiLeaks

2 min readInsider Threats

GhostNet: China Hacks Tibetan Government in Exile and 103 Countries

2 min readMalware & Spyware

Heartland Payment Systems: 130 Million Cards and a SQL Injection

2 min readData Breaches

Dumpster Dive: Hospital Records, Credit Card Statements, and Patient Files in the Trash

2 min readPhysical Security

RockYou: 32 Million Plaintext Passwords Teach the World About Password Storage

2 min readCredential Attacks

CERN Logic Bomb: IT Worker Plants Malware Set to Activate After Resignation

2 min readInsider Threats

Conficker: 15 Million Machines, One Unpatched Windows Vulnerability

2 min readMalware & Spyware

TJX Companies: 94 Million Cards Stolen Over 18 Months

2 min readData Breaches

Frank Abagnale and the Modern HP Pretexting Scandal

2 min readSocial Engineering

SQL Slammer: The Fastest-Spreading Worm in History

2 min readMalware & Spyware

Code Red Worm Infects 359,000 Servers in 14 Hours

2 min readMalware & Spyware

Kevin Mitnick: The Art of Social Engineering at Motorola, Nokia, and Fujitsu

2 min readSocial Engineering

Kevin Mitnick Tailgating: How America's Most Wanted Hacker Walked Into Secure Buildings

2 min readPhysical Security

View full archive