The Breach News

Active Exploitation of Zyxel CPE Devices Linked to Unpatched CVE-2024-40891 Vulnerability

Critical Vulnerability in Zyxel Devices Under Active Exploitation Cybersecurity experts have issued urgent warnings regarding a severe zero-day vulnerability affecting Zyxel CPE Series devices, with reports of ongoing exploitation attempts. Dubbed CVE-2024-40891, this command injection vulnerability enables attackers to execute arbitrary commands on compromised devices, potentially resulting in full system…

Read MoreActive Exploitation of Zyxel CPE Devices Linked to Unpatched CVE-2024-40891 Vulnerability

Hamas-Linked Hackers Target High-Ranking Israelis with ‘Catfish’ Tactics

Recent cybersecurity investigations have revealed a sophisticated operation attributed to a threat actor associated with Hamas’s cyber warfare division. This intricate campaign has been designed to target high-profile Israeli individuals working in delicate sectors such as defense, law enforcement, and emergency services. According to cybersecurity firm Cybereason, the attackers employed…

Read MoreHamas-Linked Hackers Target High-Ranking Israelis with ‘Catfish’ Tactics

U.S. Court Directs NSO Group to Transfer Pegasus Spyware Code to WhatsApp

A decisive ruling from a U.S. judge has mandated NSO Group to disclose its source code for the controversial Pegasus spyware to Meta Platforms. This legal maneuver is part of Meta’s ongoing litigation against the Israeli cybersecurity firm, aiming to hold it accountable for utilizing WhatsApp’s infrastructure to orchestrate mass…

Read MoreU.S. Court Directs NSO Group to Transfer Pegasus Spyware Code to WhatsApp

Cybercriminals Compromise Red Hat’s Private GitLab Repositories – Insights on Impacted Customers

John Keeble/Getty Images Stay in touch with ZDNET: Add us as a preferred source on Google. Key Takeaways from ZDNET Red Hat’s private GitLab repositories have been breached by hackers. Confidential information related to several Red Hat Consulting clients appears to have been compromised. The extent of this breach is…

Read MoreCybercriminals Compromise Red Hat’s Private GitLab Repositories – Insights on Impacted Customers

Broadcom Raises Alarm Over Critical SQL Injection Vulnerability in VMware Avi Load Balancer

Warning Issued Over Critical Vulnerability in VMware Avi Load Balancer Broadcom has announced a significant security vulnerability in VMware’s Avi Load Balancer, classified as high severity, which could potentially be exploited by malicious actors to gain unauthorized access to sensitive database information. The vulnerability is labeled CVE-2025-22217, with a CVSS…

Read MoreBroadcom Raises Alarm Over Critical SQL Injection Vulnerability in VMware Avi Load Balancer

U.S. Issues Warning About APT Hackers Targeting ICS/SCADA Systems with Advanced Malware

The U.S. government has issued a security warning regarding the utilization of specialized malware by state-sponsored actors targeting industrial control systems (ICS) and supervisory control and data acquisition (SCADA) devices. This advisory highlights the increasing sophistication of cyber threats against critical infrastructure. According to alerts from multiple U.S. agencies, including…

Read MoreU.S. Issues Warning About APT Hackers Targeting ICS/SCADA Systems with Advanced Malware

Oracle Reports No Zero-Day Exploits Connected to Customer Extortion Cases

Data-Theft Attacks Compromise Organizations Amid Absence of July Patch Update Mathew J. Schwartz ( euroinfosec ) • October 3, 2025 Image: Shutterstock/ISMG Oracle has reported that its customers are under attack from data-seeking extortionists. While cybersecurity researchers and the software giant emphasize that no new zero-day vulnerabilities are being exploited,…

Read MoreOracle Reports No Zero-Day Exploits Connected to Customer Extortion Cases