Zero-Day Newsletter: Cybersecurity reports, news, and insights for IT professionals
The cheekiest cybersecurity newsletter on the planet.
Cybersecurity news doesn't have to be boring. Comparitech's Zero-Day Newsletter is focused on giving IT professionals weekly updates on cybersecurity alerts, ransomware news, industry insights, and IT product recommendations.
"Bad software, bad documentation, bad support, bad vendors"
Buckle up! Are we entering a new normal?
As the end of March approaches, ransomware figures may be lower than in February 2025, but they remain incredibly high–especially if you remove Clop’s Cleo vulnerability victims from the mix.
So far this month, we’ve tracked 587 attacks–27 of which have been confirmed by the entity involved. In February, we noted 972 attacks in total (69 now confirmed) but over 310 were from the Clop Cleo exploitation.
Not only that, but this week also came with some extra-long data breach reporting delays, new ransomware groups, and confirmations of attacks on US credit unions.
Here to learn more about bad software? Skip to the bottom!
Exploding into the ransomware scene this week is…
Frag (definition: to deliberately injure or kill (one's military leader) by means of a fragmentation grenade).
Pretty brutal, right?
Well, 27 businesses probably thought so, including:
🇺🇸 - 24 US companies
🇳🇱- 1 Dutch company
🇨🇦- 1 Canadian company
🇸🇬- 1 Singaporean company
🏭 - 7 manufacturers
💸 - 4 finance companies
Of these, two companies–financial company Andrew Davidson & Co and construction company Texas Fifth Wall Roofing Systems–both confirmed cyber attacks and subsequent data breaches from November 2024.
Other new gangs included Arkana Security and RALord. Both added two victims each to their data leak sites (all of which remain unconfirmed).
The Maine reason for the 15-month data breach delay was…
…anybody’s guess.
St. Joseph’s College of Maine started issuing data breach notifications to 126,580 people this week following a cyber attack in December 2023 that affected SSNs and other private data. Clop claimed the attack in April 2024.
The college is offering those involved access to free identity theft protection. But when their data has potentially been on the dark web for nearly a year, the phrase “shutting the barn door after the horse has bolted” springs to mind.
Two credit unions started notifying customers of breaches this week – Cross Valley Federal Credit Union and Heritage South Credit Union. But unlike the above, both confirmed they’d suffered attacks recently – November 2024 and January 2025, respectively.
Cross Valley was hit by LeakedData, which saw 17,826 impacted in the subsequent breach, while Heritage South was hit by Embargo, and the total number impacted remains unknown. Heritage South did, however, suffer system disruption to its ATMs for at least two days.
"Bad software, bad documentation, bad support, bad vendors"
We regularly hang out on IT and Net Admin forums, making sure we have a good pulse on what's happening not just in the industry, but among professionals within the industry.
This week, one post and a subsequent comment stood out to us:
Bad software, bad documentation, bad support, and bad vendors are not new problems in IT, nor are they new problems in SaaS, generally speaking. What is uncommon is finding decent review content that helps buyers find good vendors with good software, good documentation, and good support. This is why we're rolling out a new way of reviewing vendors: the Comparitech SupportScore. Our SupportScore examines 5 key datapoints that indicate how effective your product and customer support will be with a vendor. We then visualize that data, provide the score, and offer a deeper-level explanation of that score within each review.
An example of our SupportScore for Atera
Most review sites go heavy on features and pricing, but give you scant information on whether you'll have a good experience with that vendor after you've purchased. In many ways, that's just as important, if not more, than features and pricing, particularly when two vendors offer equivalent products.
You'll start to see our SupportScore popping up across all of our reviews. For now, you can dig deeper into our unique vendor analysis in our review of the 9 Best Software Deployment Tools in 2025.
Until next week. Let’s keep that zero-day count hardened at zero!
Suite 3 Falcon Court Business Centre, College Road, Maidstone, Kent ME15 6TF Unsubscribe · Preferences
The cheekiest cybersecurity newsletter on the planet.
Cybersecurity news doesn't have to be boring. Comparitech's Zero-Day Newsletter is focused on giving IT professionals weekly updates on cybersecurity alerts, ransomware news, industry insights, and IT product recommendations.