Cybersecurity Update Meta has addressed a vulnerability within its Instagram platform that permitted unauthorized parties to request password reset emails. However, the company maintains that this issue did not result in the theft of users’ personal data.
Recently, Malwarebytes, a cybersecurity firm, asserted that cybercriminals reportedly accessed sensitive information belonging to approximately 17.5 million Instagram accounts, including usernames, physical addresses, phone numbers, and email addresses. They supported their claims with a screenshot of a password reset message sent to Instagram users.
In response, Instagram clarified via a public statement that they have resolved the issue that allowed certain external entities to request password resets. They affirmed that there was no breach in their systems, ensuring that Instagram accounts remain secure. Users were advised to disregard any unsolicited password resets and were offered apologies for the confusion caused.
According to reports from The Register, Malwarebytes likely referenced a data set unveiled on BreachForums, where an individual claimed to have leaked personal information from over 17 million Instagram users. This data dump was alleged to have arisen from an API leak that occurred in 2024.
Veeam Tackles Security Flaws
Veeam, a provider of data management and backup solutions, recently patched four vulnerabilities that could enable privileged accounts to execute remote code execution (RCE) attacks or write files with root access. The most severe of the identified issues, classified as CVE-2025-59470, received a critical score of 9.0 on the Common Vulnerability Scoring System (CVSS).
While Veeam has been relatively tight-lipped regarding specifics, they have acknowledged that CVE-2025-59470 allows Backup or Tape Operator accounts to execute remote code by submitting nefarious interval or order parameters to the system. Cybersecurity experts, including Sagy Kratu from Vicarius, noted that the severity of the vulnerability stems from its position within the attack chain, as it can significantly aid ransomware attackers after an initial breach.
As Veeam has been a frequent target for attackers, concerns have been raised regarding its backup infrastructure. Cyber actors often seek control over backup servers to compromise essential recovery data, making such vulnerabilities particularly valuable to malicious insiders.
Gas Station Chain Reports Data Exposure
Gulshan Management Services, known for operating around 150 gas stations across the United States under the Handi Plus and Handi Stop brands, recently disclosed a significant data exposure incident. This was reminiscent of a ransomware attack that reportedly occurred last September, yet customers were only informed weeks later.
The company revealed that over 377,000 sets of customer data, including names, Social Security numbers, and driver’s license numbers, were compromised following a phishing attack that breached their IT perimeter before deploying encryption software throughout its systems. In light of this incident, Gulshan is offering affected individuals a year of identity monitoring services.
However, the delay in notifying customers may place the company in violation of state and federal laws, according to legal experts who are now preparing a potential class-action lawsuit against Gulshan for their handling of the breach notifications.
Cyber Criminals Seek Insider Collusion
Threat exposure management firm Nord Stellar has reported a disturbing trend of cybercriminals advertising on the dark web for insiders to facilitate corporate breaches. Over the past year, they identified 25 unique posts wherein criminals sought to recruit employees from well-known firms including LinkedIn, Meta, Google, and Coinbase.
This indicates a worrying shift in focus within organizational security measures, often prioritizing external threats while potentially underestimating the risks posed by inside actors. Nord Stellar highlighted that insider threats may evade standard security alerts, rendering traditional defenses less effective.
ownCloud Urges Multi-Factor Authentication Adoption
In light of recent breaches impacting numerous global companies, ownCloud is appealing to its users to enable multi-factor authentication (MFA). Following various incidents where attackers utilized infostealer malware to capture user credentials from platforms lacking MFA, ownCloud clarified that their platform itself was not compromised.
Moreover, the company emphasized the importance of proactive security measures, including resetting user passwords and reviewing logs for any suspicious activity to better fortify against potential breaches. This incident highlights the critical role of MFA in safeguarding sensitive data within enterprise file-sharing environments.
UK School Closes Following Cyber Event
Higham Lane School in the UK was compelled to close for a week following a cyber attack that incapacitated crucial operational systems. The attack impacted the school’s electronic gates and rendered fire alarms inoperative, as well as incapacitating student record systems, leading authorities to deem it unsafe for the institution to operate.
Advised by police cyber specialists and experts from the Department for Education, the school’s administration prioritized safety over normal operations. Such incidents underscore the growing vulnerabilities within educational institutions and the imperative for robust cybersecurity measures to protect both data and the welfare of students and staff.
