The Breach News

Recently Updated Oracle Vulnerability Targeted in Ongoing Attacks

Fraud Management & Cybercrime, Governance & Risk Management, Patch Management Highlights: npm Packages Breach, FBI Fraud Alert, CISO Dismissal at Campbell’s Pooja Tikekar (@PoojaTikekar) • November 27, 2025 Image Source: Shutterstock/ISMG ISMG compiles weekly cybersecurity incidents and breaches globally. This week highlights a critical vulnerability in Oracle that is being…

Read MoreRecently Updated Oracle Vulnerability Targeted in Ongoing Attacks

Malicious Ads Target Chinese Users with Counterfeit Notepad++ and VNote Installers

Cybersecurity Warning: Malicious Ads Target Chinese Users of Notepad++ and VNote Recent reports indicate a concerning trend wherein Chinese users searching for legitimate software such as Notepad++ and VNote are being targeted by malicious advertisements. These ads lead to fraudulent links that distribute trojanized versions of the software, culminating in…

Read MoreMalicious Ads Target Chinese Users with Counterfeit Notepad++ and VNote Installers

In-Depth: The Methods Iran Uses, Alongside Hackers, to Monitor Dissidents

Recent cyber operations attributed to state-sponsored Iranian threat actors underline a sustained focus on collecting sensitive information on individuals that may jeopardize the stability of the Islamic Republic. The targets include dissidents, opposition forces, supporters of ISIS, and Kurdish natives, as evidenced by two coordinated cyber campaigns. The latest findings…

Read MoreIn-Depth: The Methods Iran Uses, Alongside Hackers, to Monitor Dissidents

Ransomware Attacks Elevate Cybersecurity to a National Focus

Blockchain & Cryptocurrency, Cybercrime, Cybercrime as-a-Service Public-Private Collaboration Essential for Ransomware Response, Asserts Anne Neuberger Akshaya Asokan (asokan_akshaya) • November 27, 2025 Anne Neuberger, former Deputy NSA for Cyber and Emerging Technologies, White House (Image: ISMG) At a recent event in London, Anne Neuberger, former Deputy National Security Adviser for…

Read MoreRansomware Attacks Elevate Cybersecurity to a National Focus

OpenAI Uncovers 2025 Data Breach Through Mixpanel, Compromising API User Information

In a significant breach impacting user trust, OpenAI recently alerted its API platform users about a data exposure event linked to third-party analytics provider Mixpanel. On November 27, 2025, OpenAI disclosed that unauthorized access to Mixpanel’s systems on November 9 resulted in the leak of sensitive data, including names, email…

Read MoreOpenAI Uncovers 2025 Data Breach Through Mixpanel, Compromising API User Information

Urgent Notice: WordPress Admins Advised to Uninstall miniOrange Plugins Due to Serious Vulnerability

In a significant development for WordPress users, a critical security vulnerability has been identified in miniOrange’s Malware Scanner and Web Application Firewall plugins, prompting an urgent recommendation for website owners to uninstall these tools. The detected flaw, designated as CVE-2024-2172, scores a staggering 9.8 on the CVSS scale, representing a…

Read MoreUrgent Notice: WordPress Admins Advised to Uninstall miniOrange Plugins Due to Serious Vulnerability

Hacker Attempted to Contaminate Florida’s Water Supply by Breaching Treatment System

In a significant cybersecurity incident, hackers infiltrated the computer system of a water treatment facility in Florida, manipulating sodium hydroxide (NaOH) levels in the water supply. This breach, which starkly highlights vulnerabilities in critical infrastructure, occurred on February 5 and involved remote access to the facility’s operational controls. During a…

Read MoreHacker Attempted to Contaminate Florida’s Water Supply by Breaching Treatment System