The Breach News

New Fileless Ransomware with Code Injection Capabilities Discovered in the Wild

Emerging Threat: Fileless Ransomware “Sorebrect” Targets Enterprises Cybercriminals are evolving, leveraging increasingly sophisticated tactics to execute attacks. A recent report highlights the emergence of a fileless ransomware strain known as “Sorebrect.” Unlike traditional ransomware, which often relies on files to infect systems, Sorebrect injects malicious code directly into legitimate processes,…

Read MoreNew Fileless Ransomware with Code Injection Capabilities Discovered in the Wild

Dutch Authorities Confirm Exposure of Employee Contact Data Due to Ivanti Zero-Day Exploit

The Dutch Data Protection Authority (AP) and the Council for the Judiciary have confirmed that their systems were compromised in a cyber attack exploiting vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM). This information was disclosed in a notice to the Dutch parliament, revealing that both agencies experienced unauthorized access to…

Read MoreDutch Authorities Confirm Exposure of Employee Contact Data Due to Ivanti Zero-Day Exploit

Ad Tech Firm Optimizely Hit by Cyberattack – SecurityWeek

Optimizely Targeted in Cyberattack: A Comprehensive Overview In a notable cybersecurity incident, Optimizely, a prominent ad tech company, has recently fallen victim to a cyberattack that has raised significant concerns within the industry. This breach highlights vulnerabilities within digital marketing infrastructures and serves as a stark reminder of the ongoing…

Read MoreAd Tech Firm Optimizely Hit by Cyberattack – SecurityWeek

Iranian Hackers Breach U.S. Federal Agency Network via Log4Shell Exploit

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reported a security breach involving a federal agency, attributed to threat actors affiliated with the Iranian government. The attackers exploited the Log4Shell vulnerability found in an unpatched VMware Horizon server, demonstrating a sophisticated exploitation technique. The breach, which occurred between mid-June…

Read MoreIranian Hackers Breach U.S. Federal Agency Network via Log4Shell Exploit

UK Parliament Targeted by Cyberattack, Affecting Up to 90 MPs’ Email Accounts

Cyber Attack Targets UK Parliament Email System In a significant cybersecurity incident, the email system of the UK Houses of Parliament was breached on Friday morning, affecting at least 90 accounts belonging to Members of Parliament (MPs), their staff, and other parliamentary personnel. Initial investigations suggest that many of these…

Read MoreUK Parliament Targeted by Cyberattack, Affecting Up to 90 MPs’ Email Accounts

North Korean Lazarus Group Expands Global Attacks with Medusa Ransomware

Recent developments reveal that North Korean cyber operations are making significant inroads into the commercial ransomware landscape, indicating a heightened focus on obtaining direct financial rewards. The Symantec and Carbon Black Threat Hunter Team have reported activities by the notorious Lazarus Group, a state-sponsored actor, utilizing Medusa ransomware against targets…

Read MoreNorth Korean Lazarus Group Expands Global Attacks with Medusa Ransomware

Warlock Ransomware Compromises SmarterTools via Unpatched SmarterMail Server Vulnerability

SmarterTools recently disclosed a significant cybersecurity breach involving the Warlock ransomware group, which exploited an unpatched version of SmarterMail. The incident, communicated by Chief Commercial Officer Derek Curtis, occurred on January 29, 2026, when a mail server that lagged in updates became the entry point for the attack. Curtis detailed…

Read MoreWarlock Ransomware Compromises SmarterTools via Unpatched SmarterMail Server Vulnerability