The Breach News

CISA Includes Microsoft and Zimbra Vulnerabilities in KEV Catalog Due to Ongoing Exploits

CISA Adds New Vulnerabilities to KEV Catalog: Immediate Action Required The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) catalog by adding two significant security flaws that have been actively exploited. These vulnerabilities affect the Microsoft Partner Center and the Synacor Zimbra Collaboration Suite…

Read MoreCISA Includes Microsoft and Zimbra Vulnerabilities in KEV Catalog Due to Ongoing Exploits

Cisco Acknowledges Breach by Yanluowang Ransomware Group

Cisco Confirms Cyberattack Linked to Yanluowang Ransomware Gang On May 24, 2022, Cisco Systems, a leading networking equipment provider, confirmed it fell victim to a cyberattack that exploited vulnerabilities in its digital infrastructure. The breach occurred after an attacker compromised a Cisco employee’s personal Google account, which contained synchronized passwords…

Read MoreCisco Acknowledges Breach by Yanluowang Ransomware Group

Two Clinics Inform 700,000 Patients of Suspected BianLian Cyberattacks

Data Breach Notification, Data Security, Fraud Management & Cybercrime Now-Dormant Gang Claimed North Carolina, Florida Groups on Data Leak Site This Year Marianne Kolbasuk McGee (HealthInfoSec) • September 22, 2025 Goshen Medical Center, with 38 locations in North Carolina, is among the two healthcare providers reporting significant hacks allegedly executed…

Read MoreTwo Clinics Inform 700,000 Patients of Suspected BianLian Cyberattacks

Ukrainian Police Email Impersonations Distribute New CountLoader Malware

Recent findings from cybersecurity firm Silent Push indicate that Russian ransomware groups have introduced a sophisticated new threat known as CountLoader. This malware is not merely a conventional virus; it functions as a loader, specifically designed to infiltrate devices and install more dangerous software, including ransomware. CountLoader serves as a…

Read MoreUkrainian Police Email Impersonations Distribute New CountLoader Malware

E.U. Commission Penalized for Sharing User Data with Meta Against Privacy Regulations

On Wednesday, the European General Court imposed a fine on the European Commission, the key executive body of the European Union responsible for law enforcement and proposal, for breaching its own stringent data privacy regulations. This ruling represents a significant first, holding the Commission accountable for violating established data protection…

Read MoreE.U. Commission Penalized for Sharing User Data with Meta Against Privacy Regulations

Stellantis Confirms Data Breach Impacting Customer Information

Data Breach at Stellantis Exposes Customer Information Stellantis, a prominent multinational automaker with brands like Chrysler, Jeep, and Fiat, has reported a data breach that implicates customer information following unauthorized access to a third-party service provider. This incident raises significant concerns regarding data security practices within the automotive industry and…

Read MoreStellantis Confirms Data Breach Impacting Customer Information

CERT-UA Alerts of UAC-0173 Attacks Targeting Ukrainian Notaries with DCRat Deployment

The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert concerning a resurgence in cyber activity from the organized criminal group known as UAC-0173. This group is reportedly employing a remote access trojan called DCRat (also referred to as DarkCrystal RAT) to infiltrate systems. This recent campaign, which…

Read MoreCERT-UA Alerts of UAC-0173 Attacks Targeting Ukrainian Notaries with DCRat Deployment

Conti Cybercrime Cartel Leverages ‘BazarCall’ Phishing Attacks as Entry Point

A recent report reveals that three splinter groups from the infamous Conti cybercrime organization have adopted call back phishing as a primary method for breaching targeted networks. This technique marks a significant shift in their approach to cyberattacks. Cybersecurity firm AdvIntel disclosed in a Wednesday report that these three independent…

Read MoreConti Cybercrime Cartel Leverages ‘BazarCall’ Phishing Attacks as Entry Point

How Autonomous AI Agents Enhance Insider Threats

Agentic AI, Artificial Intelligence & Machine Learning, Governance & Risk Management Shilpa Sawant Discusses the Internal Risks Posed by Autonomous AI Agents Suparna Goswami (gsuparna) • September 22, 2025 Shilpa Sawant, Vice President, Sumitomo Mitsui Banking Corporation Autonomous artificial intelligence agents are transforming the landscape of insider threats by functioning…

Read MoreHow Autonomous AI Agents Enhance Insider Threats