// UNCLASSIFIED // CLEARED FOR PUBLIC RELEASE //
FILE BRC-01DTG 0600Z
ColdRecon / Breach Radar
Breach Radar

Who's Getting
Breached

LAST 6 MONTHS SHOWN · BREACHES BY ATTACK VECTOR, FROM PUBLIC REPORTING

A running radar of disclosed breaches across the endpoint-security landscape — how companies are getting hit, month over month. Read from the seller's seat.

Breaches per month, by attack vector
stolen creds: 6 Feb stolen creds: 15unpatched cve: 1supply chain: 3 Mar ransomware: 1stolen creds: 28phishing: 2supply chain: 7malware: 1misconfig: 1 Apr ransomware: 89stolen creds: 9phishing: 2unpatched cve: 1supply chain: 17malware: 4misconfig: 4 May ransomware: 3stolen creds: 2phishing: 1supply chain: 1malware: 1 Jun Jul
ransomwarestolen credsphishingunpatched CVEsupply chainmalwaremisconfig
+ 44 earlier months of history are behind clearance.
On the radar · recent, relevant breaches

What we're tracking

2026-06-01
Beacon Mutual ransomware RANSOMWARE
Beacon Mutual, a Rhode Island-based workers' compensation insurer, experienced a ransomware attack that impacted over 131,000 people. The company announced the data breach on its website. No further details on the attack vector or data type
2026-06-01
Asopagos S.A. ransomware RANSOMWARE
The Everest ransomware group has reportedly attacked Asopagos S.A., a company based in Colombia. The attack was disclosed by DeXpose, a dark web monitoring platform. No further details about the breach, such as date, records exposed, or dat
2026-06-01
VVO Finance ransomware RANSOMWARE
The Everest ransomware group has attacked VVO Finance, a financial organization in Germany. The attackers have threatened the company, putting it at significant risk. No details on data exposure or breach date were provided.
2026-06-01
GitHub malware
GitHub confirmed that approximately 3,800 internal repositories were impacted after an employee device was compromised. The breach originated from a poisoned VS Code extension. No details on exposed data or records were provided.
ColdRecon assessment · opinion

A positive-security model might have prevented the malicious extension from executing if it was not part of a known-good state, but could be bypassed if the extension was signed or appeared legitimate.

2026-05-31
Beacon Mutual ransomware RANSOMWARE
Beacon Mutual, a Rhode Island-based workers' compensation insurer, experienced a ransomware attack that impacted over 131,000 people. The company announced the data breach on its website. No further details on the attack vector or data type
2026-05-31
Asopagos S.A. ransomware RANSOMWARE
The Everest ransomware group has reportedly attacked Asopagos S.A., a company based in Colombia. The attack was disclosed by DeXpose, a dark web monitoring platform. No further details about the breach, such as date, records exposed, or dat
2026-05-31
GitHub malware
GitHub confirmed that approximately 3,800 internal repositories were impacted after an employee device was compromised. The breach originated from a poisoned VS Code extension. No details on exposed data or records were provided.
ColdRecon assessment · opinion

A positive-security model might have prevented the malicious extension from executing if it was not part of a known-good state, but could be bypassed if the extension was signed or appeared legitimate.

2026-05-30
Shanpoornam Metals ransomware RANSOMWARE
Shanpoornam Metals suffered a ransomware attack by the Lamashtu group. The incident was reported on May 30, 2026. No details on data exposure or root cause were provided.
2026-05-30
SRG ransomware RANSOMWARE
Verizon's 2026 DBIR highlights social engineering as a top breach vector, with attackers using physical intrusion methods. The FBI advises verifying identities of individuals entering company spaces. The breach involved ransomware actors st
2026-05-30
Beacon Mutual ransomware RANSOMWARE
Beacon Mutual, a Rhode Island-based workers' compensation insurer, experienced a ransomware attack that impacted over 131,000 people. The company announced the data breach on its website. No further details on the attack vector or data type
2026-05-30
Asopagos S.A. ransomware RANSOMWARE
The Everest ransomware group has reportedly attacked Asopagos S.A., a company based in Colombia. The attack was disclosed by DeXpose, a dark web monitoring platform. No further details about the breach, such as date, records exposed, or dat
2026-05-30
DentaQuest ransomware RANSOMWARE
DentaQuest was reportedly hit by a ransomware attack attributed to the ShinyHunters group in May 2026. The claim appeared on a dark web forum and has not been independently verified. No details on exposed data or attack method were provided

Showing a slice of the relevant record. The full searchable breach database — every vector, every sector, the complete history — is for cleared officers. Assessments are ColdRecon's opinion, grounded in the cited public facts.

Your prospect just read about one of these. Walk in knowing more.

ColdRecon tracks every disclosed breach, normalized to the factors that move a deal — and turns it into one short daily brief from the seller's seat. Request clearance and the first lands tomorrow at 0600.

Request Clearance →