| 1 | 22/05/2018 | ? | Monacoin | Monacoin suffers a 51% attack. | 51% attack | V Fintech | CC | JP |
| 2 | 01/06/2018 | ? | Buffalo Wild Wings | A hacker manages to take control of the official Twitter account of Buffalo Wild Wings (@BWWings) and posts a number of crude and racist tweets, including one that claims to give out the “secret recipe” for the company’s wings. | Account Hijacking | I Accommodation and food service activities | CC | US |
| 3 | 01/06/2018 | ? | Several Rhode Island State Agencies | Rhode Island officials say several state agencies are targeted by malware. The list of victims include: the Department of Children, Youth and Families, the Department of Human Services, and the Department of Behavioral Healthcare. | Malware | O Public administration and defence, compulsory social security | CC | US |
| 4 | 02/06/2018 | ? | Several Australian citizens | Several Australian citizens are the victims of a tech support scam, through which the attackers are able to take over their webcams and upload videos to YouTube. | Account Hijacking | X Individual | CC | AU |
| 5 | 02/06/2018 | Todd Davis aka Lifelock | Holland Eye Surgery & Laser Center | Holland Eye Surgery & Laser Center notifies 42,200 patients about a hack occurred in 2016. | Unknown | Q Human health and social work activities | CC | US |
| 6 | 02/06/2018 | ? | Shiawassee County | The Shiawassee County financial administrator resigns after being caught in a phishing scam and mistakenly wiring $50,000 to an overseas bank account. | Account Hijacking | O Public administration and defence, compulsory social security | CC | US |
| 7 | 03/06/2018 | ? | ZenCash | ZenCash, an upcoming privacy coin, is the victim of a 51% attack. | 51% attack | V Fintech | CC | US |
| 8 | 03/06/2018 | ? | Booking.com users | According to multiple reports, unknown cybercriminals launch a phishing campaign targeting Booking.com customers whose information was illegally obtained, possibly by breaching certain partner hotels. | Account Hijacking | X Individual | CC | >1 |
| 9 | 04/06/2018 | ? | MyHeritage | MyHeritage, the genealogy website and DNA testing service, warns that the email addresses and hashed passwords of its customer database, approximately 92 million user accounts, have been found on a private server. | Unknown | Q Human health and social work activities | CC | US |
| 10 | 04/06/2018 | ? | New York Giants defensive end Avery Moss | Explicit videos and pictures of New York Giants defensive end Avery Moss are posted on his Twitter timeline after his account is hacked. | Account Hijacking | X Individual | CC | US |
| 11 | 04/06/2018 | ? | Morinaga Milk Industry Co. | Morinaga Milk Industry Co. says that personal data on up to 92,822 customers may have been stolen as its health food shopping website was hacked. Credit card information belonging to up to 29,773 of the affected customers was leaked and that around 300 cases of illicit use of the information, involving some ¥20 million ($180,000), have been confirmed so far. | Unknown | I Accommodation and food service activities | CC | JP |
| 12 | 05/06/2018 | ? | Undisclosed Japanese Syndicate Wallet | Shopin, a universal shopper profile using blockchain and Artificial Intelligence, releases an official statement indicating that a significant token distributor was hacked on June 1st, resulting in a loss of more than $10 million USD of a variety of tokens, including Ethereum, Level Up, Orbs, and Shopin Tokens. | Account Hijacking | V Fintech | CC | JP |
| 13 | 05/06/2018 | ? | WordPress Sites | Security researchers from Wordfence reveal the details of BabaYaga, a malware targeting WordPress sites characterized by sophisticated self-preserving mechanisms. | Malware | Y Multiple Industries | CC | >1 |
| 14 | 06/06/2018 | ? | PageUp | Australia-based human resources firm PageUp confirms it found "unusual" activity on its IT infrastructure on May 23, which has resulted in the potential compromise of client data. | Malware | S Other service activities | CC | AU |
| 15 | 06/06/2018 | ? | Multiple Targets | Researchers from the GuardiCore security team reveal the details of Operation Prowli, a gigantic botnet of over 40,000 infected web servers, modems, and other IoT devices, used for cryptocurrency mining, and for redirecting users to malicious sites. | Vulnerabilities Brute-Force | Y Multiple Industries | CC | >1 |
| 16 | 06/06/2018 | Sofacy | Government organizations dealing with foreign affair | Researchers from Palo Alto Networks Unit 42 reveal the details of Zebrocy, a new campaign carried on by the Sofacy group via phishing attacks that contain malicious Microsoft Office documents with macros as well as simple executable file attachments. | Targeted Attack | O Public administration and defence, compulsory social security | CE | >1 |
| 17 | 06/06/2018 | ? | Litecoin Cash | Litecoin Cash is the latest crypto currency to suffer a 51% attack. | 51% attack | V Fintech | CC | N/A |
| 18 | 06/06/2018 | ? | Brazilian users of online banking services. | Researchers from Kaspersky Lab discover a malicious Chrome Extension available in the Chrome Web Store, targeting Brazilian users of online banking services. | Malware | K Financial and insurance activities | CC | BR |
| 19 | 07/06/2018 | ? | High-profile targets in Russia and Ukraine | Researchers from ESET reveal the details of Invisimole, a campaign active since 2013 targeting entities in Russia and Ukraine. | Targeted Attack | Y Multiple Industries | CE | RU UA |
| 20 | 07/06/2018 | ? | Targets in Middle East | Researchers from ICEBRG and 360 Core Security reveal a wave of attacks leveraging the unpatched CVE-2018-5002 Adobe vulnerability. | 0-Day Vulnerability (CVE-2018-5002) | Y Multiple Industries | CC | >1 |
| 21 | 07/06/2018 | ? | Russian service centers offering maintenance and support for various electronic goods. | Security researchers from Fortinet spot a series of attacks targeting Russian service centers offering maintenance and support for various electronic goods. | Vulnerability (CVE-2017-11882) | N Administrative and support service activities | CC | RU |
| 22 | 07/06/2018 | ? | City of Wellington | Wellington officials reveal to have been recently notified by Superion, their software vendor, about potential unauthorized charges on credit cards used by customers to pay their utility bills. | Malware | X Individual | CC | US |
| 23 | 07/06/2018 | ? | RISE Wisconsin | RISE Wisconsin formerly Community Partnerships and Center for Families) notifies its participants of a ransomware attack occurred on April 8, 2018. | Malware | Q Human health and social work activities | CC | US |
| 24 | 08/06/2018 | Alleged State-sponsored Chinese hackers | US Navy Contractor | Chinese government hackers have compromised the computers of a Navy contractor, stealing 600+ Gb of highly sensitive data related to undersea warfare, including secret plans to develop a supersonic anti-ship missile for use on U.S. submarines by 2020, according to American officials. The attack occurred in January and February. | Targeted Attack | O Public administration and defence, compulsory social security | CE | US |
| 25 | 08/06/2018 | ? | Elmcroft Senior Living | The personal information of Elmcroft Senior Living residents and their family members, employees and others could have been stolen in a data breach that occurred in mid-May. | Account Hijacking | Q Human health and social work activities | CC | US |
| 26 | 08/06/2018 | ? | Terros Health | Terros Health warns that 1,600 patient records were exposed in a data breach earlier this spring. The breach, due to a phishing attack, was discovered on April 12 and happened November 16, 2017. | Account Hijacking | Q Human health and social work activities | CC | US |
| 27 | 08/06/2018 | ? | Multiple Targets | Researchers from Barkly reveal a malicious spam campaign distributing .IQY files, simple text files that open by default in Excel and are used to download data from the Internet. These files are highly evasive for AVs. | Malware | X Individual | CC | >1 |
| 28 | 08/06/2018 | ? | Undisclosed Italian Companies | Researchers from Yoroi reveal the details of DMOSK, a malware targeting specifically Italian firms. | Malware | Y Multiple Industries | CC | IT |
| 29 | 11/06/2018 | ? | Bank of Chile | Shares in the Bank of Chile are down after it confirms hackers siphon off $10 million of its funds, mainly to Hong Kong. However the bank says no client accounts have been impacted. Apparently a wiper malware was used to conceal the real purpose of the attack. | Fraudulent SWIFT Transactions | K Financial and insurance activities | CC | CL |
| 30 | 11/06/2018 | ? | Coinrail | Coinrail, a South Korean cryptocurrency exchange, says that its systems have been hacked. It is believed that hackers stole about 40 billion won (US$37.2 million) worth of cryptocurrency from Coinrail, including 21 billion won worth of Pundi X and 14.9 billion won worth of Aston. | Unknown | V Fintech | CC | KR |
| 31 | 11/06/2018 | Lazarus Group | South Korean Think Tank | North Korea-linked Lazarus APT Group planted an ActiveX zero-day exploit on the website of a South Korean think tank focused on national security. | Targeted Attack | O Public administration and defence, compulsory social security | CE | KR |
| 32 | 12/06/2018 | ? | Misconfigured Ethereum Mining Rigs and applications | According to Chinese internet security firm Qihoo 360 Netlab, hackers have stolen $20 million in ether from poorly configured Ethereum mining rigs and third-party applications. | Misconfigured Ethereum Rigs | V Fintech | CC | >1 |
| 33 | 12/06/2018 | One or more people in Russia? | Clarifai | A lawsuit filed by a former employee alleges that AI startup Clarifai’s computer systems were compromised by one or more people in Russia, potentially exposing technology used by the US military. The lawsuit says Clarifai learned of the breach last November, but did not promptly report it to the Pentagon. | Targeted Attack | M Professional scientific and technical activities | CE | US |
| 34 | 12/06/2018 | ? | Mexican National Action Party (PAN) | The website of the Mexican National Action Party is hit by a cyber attack during the final television debate between presidential candidates ahead of the July 1 vote, after the site had published documents critical of the leading candidate. | DDoS | S Other service activities | CC | MX |
| 35 | 12/06/2018 | ? | Single Individuals | Researchers from Fortinet discover PyRoMineIoT, a new strain of crypto-currency miner that exploits the NSA-linked EternalRomance exploit to spread. | Malware | X Individual | CC | >1 |
| 36 | 12/06/2018 | ? | Multiple Targets | Researchers from Kromtech reveal that over a dozen malicious docker images have been available on Docker Hub for 30 days, allowing hackers to earn $90,000 in cryptojacking profits. | Malware | X Individual | CC | >1 |
| 37 | 12/06/2018 | ? | Massachusetts Clean Energy Center | An audit reveals that a scammer stole nearly $94,000 in public funds from the Massachusetts Clean Energy Center last year. | Account Hijacking | O Public administration and defence, compulsory social security | CC | US |
| 38 | 12/06/2018 | ? | National Network and Electronic Services Agency (NASES) Slovak Hydro-meteorological Institute (SHMÚ) slovensko.sk | Several Slovakian websites are hit by a wave of DDoS attacks. | DDoS | O Public administration and defence, compulsory social security | CC | SK |
| 39 | 13/06/2018 | ? | Dixons Carphone | Dixons Carphone has admitted a huge data breach involving 5.9 million payment cards and 1.2 million personal data records. The breach began in July last year and 105,000 cards without chip-and-pin protection have been leaked. | Unknown | G Wholesale and retail trade | CC | UK |
| 40 | 13/06/2018 | LuckyMouse AKA EmissaryPanda AKA APT27 | Mongolia | Researchers from Kaspersky reveal that the Chinese hacking group LuckyMouse broke into a national data center in Mongolia late last year and planted the HyperBro malware into government websites. | Targeted Attack | O Public administration and defence, compulsory social security | CE | MN |
| 41 | 13/06/2018 | ? | Syscoin | Malicious actors replace the legitimate Windows installer for Syscoin's cryptocurrency with a version containing malware, which was available on the company's Github page for several days. | Malware | V Fintech | CC | CA |
| 42 | 13/06/2018 | ? | Single Individuals | Researchers from Qihoo 360 Total Security reveal the details of ClipboardWalletHijacker, a malware campaign infecting over 300,000 computers. The malware's purpose is to intercept content recorded in the Windows clipboard, look for strings resembling Bitcoin and Ethereum addresses, and replace them with ones owned by the malware's authors. | Malware | X Individual | CC | >1 |
| 43 | 13/06/2018 | ? | AcFun | According to a statement by the company, millions of user accounts of the Chinese video sharing platform AcFun are hacked. According to the same statement, the accessed data includes the user IDs, nicknames and passwords of nearly 10 million users. The company urges them to change their password. | Unknown | R Arts entertainment and recreation | CC | CN |
| 44 | 14/06/2018 | Hidden Cobra | Multiple Targets | The US Department of Home Security issues a new warning over a new type of malware coming from the Hidden Cobra group. The new variant is known as “TYPEFRAME". | Targeted Attack | Y Multiple Industries | CE | US |
| 45 | 14/06/2018 | ? | HealthEquity | About 23,000 accounts are compromised by a data breach that took place at HealthEquity in April when an employee fell for a phishing scam. | Account Hijacking | Q Human health and social work activities | CC | US |
| 46 | 14/06/2018 | ? | Multiple Targets | Researchers from Trend Micro reveal another version of the MuddyWater campaign using a Powershell-based PRB-Backdoor. The malware is dubbed W2KM_DLOADR.UHAOEEN. | Targeted Attack | O Public administration and defence, compulsory social security | CE | >1 |
| 47 | 14/06/2018 | ? | Android users | Researchers from ThreatFabric discover a new malware strain still under development, dubbed MysteryBot, which blends the features of a banking trojan, keylogger, and mobile ransomware. | Malware | X Individual | CC | >1 |
| 48 | 14/06/2018 | ? | Med Associates | Med Associates, notifies of a security incident that may have compromised its patients protected information. | Malware | Q Human health and social work activities | CC | US |
| 49 | 15/06/2018 | ? | Vulnerable IoT devices | Researchers from Qihoo 360 Total Security discover a spike in traffic, coming from the infamous Satori botnet, and directed to port TCP 8000, attempting to exploit CVE-2018-10088. | Vulnerability (CVE-2018-10088) | Y Multiple Industries | CC | >1 |
| 50 | 15/06/2018 | ? | Multiple Targets in Singapore | Researchers at F5 Labs and Loryka observe a spike in the number of cyber-attacks targeting Singapore from June 11 to June 12, in the wake of the meeting between U.S. President Donald Trump and North Korean President Kim Jong-un. | >1 | Y Multiple Industries | CW | >1 |
