The Breach News

OpenAI Halts Mixpanel Usage Following Analytics Data Breach

Data Breach Notification, Data Security OpenAI Investigates Third-Party Data Breach; API User Information Compromised Rashmi Ramesh (rashmiramesh_) • November 28, 2025 Image: Shutterstock OpenAI, a leader in artificial intelligence research and development, has temporarily halted its use of the analytics platform Mixpanel following a data breach that reportedly exposed sensitive…

Read MoreOpenAI Halts Mixpanel Usage Following Analytics Data Breach

How Vulnerable Accounts Predict Incidents

In the evolving landscape of cybersecurity, identity management has become a crucial front line for defenders. According to Verizon’s 2025 report, a staggering 88% of web application attacks were initiated with compromised credentials. Over the past decade, data indicated that one-third of breaches involved such leaks, highlighting the increasing reliance…

Read MoreHow Vulnerable Accounts Predict Incidents

Fortinet Issues Alert on Critical SQL Injection Vulnerability in FortiClient EMS Software

Fortinet Alerts Users to Critical Security Vulnerability in FortiClientEMS Fortinet has issued a significant warning regarding a critical vulnerability affecting its FortiClientEMS software. This flaw poses a serious risk as it potentially enables attackers to execute arbitrary code on compromised systems, raising alarms for businesses relying on this software for…

Read MoreFortinet Issues Alert on Critical SQL Injection Vulnerability in FortiClient EMS Software

Italy’s CERT Issues Warning About New Credential-Stealing Android Malware

Emerging Android Malware Exploits Accessibility Services to Commit Fraud A new variant of Android malware, known as “Oscorp,” has been uncovered, leveraging accessibility services to capture user credentials and illicitly record audio and video. This discovery was reported by Italy’s CERT-AGID and identified by cybersecurity firm AddressIntel. The malware prompts…

Read MoreItaly’s CERT Issues Warning About New Credential-Stealing Android Malware

Dispersed Lapsus$ Hunters Linked to Attacks on Zendesk Users

Revealed: Typosquatted Domains Associated with Suspected Ransomware Attacks Akshaya Asokan (asokan_akshaya) • November 28, 2025 Image: Shutterstock Cybersecurity experts have identified over 40 typosquatted domains that imitate legitimate Zendesk URLs. This discovery has been linked to the hacking group known as Scattered Lapsus$ Hunters. According to a report from ReliaQuest,…

Read MoreDispersed Lapsus$ Hunters Linked to Attacks on Zendesk Users

Hezbollah Cyber Group Attacks Global Telecoms, Hosting Services, and ISPs

A persistent cyber threat actor, linked to Hezbollah, has updated its toolkit with a new version of a remote access Trojan (RAT) aimed at infiltrating organizations worldwide to exfiltrate sensitive information. This finding comes from a recent report by the ClearSky research team, published on Thursday, which outlines how the…

Read MoreHezbollah Cyber Group Attacks Global Telecoms, Hosting Services, and ISPs