The Everest ransomware group claims it has stolen 250,000+ Social Security Numbers and 3.4 million banking records from Frost Bank and Citizens Bank — and the leak countdown is already ticking. At the same time, ShinyHunters just executed coordinated attacks on Zara, Carnival, and 7-Eleven, while a Vercel breach tied to a compromised AI tool exposed how a single employee action can trigger a multi-million dollar data incident. This isn’t theoretical cybersecurity risk — this is happening right now, and it directly impacts your business, your customers, and your exposure to AI-driven threats. On this episode of Security Squawk, Bryan Hornung, Randy Bryan, and Reginald Andre break down three major cyberattacks shaping the current threat landscape — and what leaders need to understand immediately. This Week’s Cybersecurity Breakdown 1. ShinyHunters Cyberattacks (Zara, Carnival, 7-Eleven) One of the most aggressive data breach groups in the world targeted three global brands with a pay-or-leak ultimatum. Carnival: 8.7 million customer records stolen 7-Eleven: 600,000+ Salesforce records compromised Zara: breach originated through third-party vendor Anodot with cloud access 2. Everest Ransomware Attack (Frost Bank & Citizens Bank) A high-impact ransomware operation targeting major U.S. financial institutions: 380+ GB of stolen data posted to a dark web extortion site Includes SSNs, banking data, and unencrypted credit card numbers with CVVs Raises serious questions about data security standards in 2026 3. Vercel Data Breach via AI Tool (Context.ai) A textbook example of modern attack vectors: A single employee connected a compromised AI tool with “Allow All” permissions Attackers gained access to internal systems and are now selling the data for $2 million Highlights the growing risk of AI integrations in enterprise environments Why This Matters These incidents expose three critical realities: Third-party vendors are now primary attack surfaces Ransomware groups are escalating speed and scale AI tools are introducing new, poorly understood security risks If you run a business, manage IT, or rely on cloud platforms — this is required awareness. Support the show: buymeacoffee.com/securitysquawk Subscribe for weekly breakdowns of real-world cyber threats, ransomware attacks, and security leadership insights.
