The Breach News

RVTools Official Site Compromised to Distribute Bumblebee Malware via Trojan Installer

May 19, 2025
Malware / Supply Chain Attack

The official RVTools website has been compromised, delivering a tainted installer for the widely-used VMware environment reporting tool. In a statement on their site, the company announced, “Robware.net and RVTools.com are currently offline. We are working diligently to restore service and appreciate your patience. Please note that Robware.net and RVTools.com are the only authorized and supported sources for RVTools software. Avoid downloading RVTools from any other websites or sources.” This incident follows revelations from security researcher Aidan Leon, who discovered that the infected installer was being used to load a malicious DLL, identified as the Bumblebee malware loader. It remains unclear how long the compromised version of RVTools was available for download or how many users had installed it before the websites were taken offline. In the meantime, users are advised to verify…

RVTools Official Website Compromised, Distributing Bumblebee Malware Through Trojan Installer On May 19, 2025, the official website for RVTools, a well-known utility for reporting within VMware environments, was breached, leading to the distribution of a compromised installer. This attack is a stark reminder of the vulnerabilities associated with software supply…

Read More

RVTools Official Site Compromised to Distribute Bumblebee Malware via Trojan Installer

May 19, 2025
Malware / Supply Chain Attack

The official RVTools website has been compromised, delivering a tainted installer for the widely-used VMware environment reporting tool. In a statement on their site, the company announced, “Robware.net and RVTools.com are currently offline. We are working diligently to restore service and appreciate your patience. Please note that Robware.net and RVTools.com are the only authorized and supported sources for RVTools software. Avoid downloading RVTools from any other websites or sources.” This incident follows revelations from security researcher Aidan Leon, who discovered that the infected installer was being used to load a malicious DLL, identified as the Bumblebee malware loader. It remains unclear how long the compromised version of RVTools was available for download or how many users had installed it before the websites were taken offline. In the meantime, users are advised to verify…

Allianz Life Hack Exposes 1.1 Million Customers as Cyberattack Wave Hits Microsoft and UnitedHealth – Microsoft (NASDAQ: MSFT), UnitedHealth Group (NYSE: UNH)

A recent cyber breach involving Allianz Life has led to the exposure of personal information for approximately 1.1 million individuals. This incident adds to a concerning trend of significant data breaches affecting major U.S. corporations, including Microsoft Corporation MSFT and UnitedHealth Group Inc. UNH. Allianz Life Data Compromise Affects Millions…

Read MoreAllianz Life Hack Exposes 1.1 Million Customers as Cyberattack Wave Hits Microsoft and UnitedHealth – Microsoft (NASDAQ: MSFT), UnitedHealth Group (NYSE: UNH)

Cisco Addresses Critical Firewall Vulnerability with Patch

Identity & Access Management, Network Firewalls, Network Access Control, Security Operations Cisco Secure Firewall Management Centers Exposed to Critical Vulnerability Pooja Tikekar (@PoojaTikekar) • August 18, 2025 Image: Anucha Cheechang/Shutterstock Cisco has alerted its firewall customers to implement urgent patches following the identification of a critical vulnerability. This flaw poses…

Read MoreCisco Addresses Critical Firewall Vulnerability with Patch

Navigating the Overwhelmed Landscape: Insights from the 2025 Pentesting Report

In the recently published 2025 State of Pentesting Report, Pentera conducted a survey of 500 CISOs from global enterprises (200 based in the USA) to delve into their strategies, tactics, and tools for managing the flood of security alerts, persistent breaches, and escalating cyber risks. The results paint a nuanced picture of progress, obstacles, and evolving mindsets regarding security testing in enterprises.

Increased Tools, Enhanced Data, Yet Uncertain Protection

Over the past year, 45% of enterprises have broadened their security technology portfolios, with organizations now utilizing an average of 75 distinct security solutions. However, despite these additional layers of defense, 67% of U.S. enterprises faced a breach within the last 24 months. The proliferation of security tools significantly impacts day-to-day operations and the overall cyber resilience of organizations. The findings underscore a crucial observation: more security tools do not necessarily equate to better protection.

The Jam-Packed Arena: Key Takeaways from the 2025 State of Pentesting Report Published May 20, 2025 In the recently unveiled 2025 State of Pentesting Report, Pentera conducted a comprehensive survey involving 500 Chief Information Security Officers (CISOs) from enterprises worldwide, with 200 of those participants representing U.S. organizations. The survey…

Read More

Navigating the Overwhelmed Landscape: Insights from the 2025 Pentesting Report

In the recently published 2025 State of Pentesting Report, Pentera conducted a survey of 500 CISOs from global enterprises (200 based in the USA) to delve into their strategies, tactics, and tools for managing the flood of security alerts, persistent breaches, and escalating cyber risks. The results paint a nuanced picture of progress, obstacles, and evolving mindsets regarding security testing in enterprises.

Increased Tools, Enhanced Data, Yet Uncertain Protection

Over the past year, 45% of enterprises have broadened their security technology portfolios, with organizations now utilizing an average of 75 distinct security solutions. However, despite these additional layers of defense, 67% of U.S. enterprises faced a breach within the last 24 months. The proliferation of security tools significantly impacts day-to-day operations and the overall cyber resilience of organizations. The findings underscore a crucial observation: more security tools do not necessarily equate to better protection.

IBM Discovers Inadequate Controls in 97% of AI-Related Data Breaches

Recent research from IBM highlights a significant “AI oversight gap” among organizations that have experienced data breaches. According to findings from the company’s Cost of a Data Breach Report, an alarming 97% of these organizations reported a lack of adequate AI access controls, underscoring potential vulnerabilities in their cybersecurity frameworks.…

Read MoreIBM Discovers Inadequate Controls in 97% of AI-Related Data Breaches

Are Neglected AD Service Accounts Putting Your Organization at Risk?

Date: June 17, 2025
Category: Password Security / Active Directory

In many organizations, Active Directory (AD) service accounts are often overlooked, quietly lingering long after their intended use has faded. These orphaned accounts—typically created for legacy applications, automated tasks, or testing—often remain active with non-expiring or outdated passwords. It’s no surprise that these service accounts frequently escape the routine scrutiny of security teams. Burdened by daily challenges and ongoing technical debts, security personnel often neglect these accounts, which are disconnected from individual users and seldom reviewed. Unfortunately, this lack of attention makes them prime targets for attackers looking to infiltrate networks undetected. If left unmonitored, these forgotten service accounts can become silent gateways for security breaches and lateral movement within enterprise environments. In this article, we’ll delve into the dangers posed by neglected AD service accounts…

Are Forgotten AD Service Accounts Exposing Your Organization to Threats? In today’s cybersecurity landscape, the often-overlooked Active Directory (AD) service accounts pose significant risks to organizations. These accounts, created for purposes such as legacy applications, automation scripts, and testing environments, can easily become abandoned relics of systems no longer in…

Read More

Are Neglected AD Service Accounts Putting Your Organization at Risk?

Date: June 17, 2025
Category: Password Security / Active Directory

In many organizations, Active Directory (AD) service accounts are often overlooked, quietly lingering long after their intended use has faded. These orphaned accounts—typically created for legacy applications, automated tasks, or testing—often remain active with non-expiring or outdated passwords. It’s no surprise that these service accounts frequently escape the routine scrutiny of security teams. Burdened by daily challenges and ongoing technical debts, security personnel often neglect these accounts, which are disconnected from individual users and seldom reviewed. Unfortunately, this lack of attention makes them prime targets for attackers looking to infiltrate networks undetected. If left unmonitored, these forgotten service accounts can become silent gateways for security breaches and lateral movement within enterprise environments. In this article, we’ll delve into the dangers posed by neglected AD service accounts…

NY State Imposes $2M Fine on Dental Plan Company for Phishing Breach

Data Privacy, Data Security, Healthcare Healthplex, a UnitedHealth Group Subsidiary, Fined for Lacking MFA on Compromised Email Account Marianne Kolbasuk McGee (HealthInfoSec) • August 18, 2025 New York State fined a dental plan administrator owned by insurer UnitedHealth Group $2 million for failing to protect data with multifactor authentication. (Image:…

Read MoreNY State Imposes $2M Fine on Dental Plan Company for Phishing Breach

Manpower Data Breach Affects 144K as Workday Confirms Third-Party CRM Hack

A cyberattack on Manpower’s Michigan office has compromised the data of 144,000 individuals, while Workday faces a data breach linked to a broader social engineering scheme. These incidents underscore the escalating risks posed by cyber threats. Recently, two significant organizations—global staffing agency Manpower and software provider Workday—have reported separate cyberattacks…

Read MoreManpower Data Breach Affects 144K as Workday Confirms Third-Party CRM Hack

Google Chrome’s New Feature Allows One-Click Password Updates for Breached Accounts

May 21, 2025
Data Breach / Account Security

Google has introduced an innovative feature in its Chrome browser that enables its built-in Password Manager to automatically change a user’s password when it identifies compromised credentials. According to Google’s Ashima Arora, Chirag Desai, and Eiji Kitamura, “When Chrome detects a compromised password during sign-in, Google Password Manager prompts the user with an option to fix it automatically.” On supported websites, Chrome can create a strong new password and update the user’s credentials seamlessly. This feature enhances the Password Manager’s existing functionalities, which include generating secure passwords during account creation and flagging credentials involved in data breaches. Google has informed The Hacker News that this feature has not yet been officially released for end users, as it is primarily focused on developers to help optimize their websites in anticipation of the rollout. The automated password change aims to streamline the process and reduce friction for users concerned about their account security.

Google Chrome Introduces Automated Password Update Feature Amid Rising Data Breach Concerns May 21, 2025 Cybersecurity / Data Protection In a significant update aimed at enhancing online security, Google has unveiled a new feature for its Chrome browser that empowers the built-in Password Manager to automatically update compromised passwords. This…

Read More

Google Chrome’s New Feature Allows One-Click Password Updates for Breached Accounts

May 21, 2025
Data Breach / Account Security

Google has introduced an innovative feature in its Chrome browser that enables its built-in Password Manager to automatically change a user’s password when it identifies compromised credentials. According to Google’s Ashima Arora, Chirag Desai, and Eiji Kitamura, “When Chrome detects a compromised password during sign-in, Google Password Manager prompts the user with an option to fix it automatically.” On supported websites, Chrome can create a strong new password and update the user’s credentials seamlessly. This feature enhances the Password Manager’s existing functionalities, which include generating secure passwords during account creation and flagging credentials involved in data breaches. Google has informed The Hacker News that this feature has not yet been officially released for end users, as it is primarily focused on developers to help optimize their websites in anticipation of the rollout. The automated password change aims to streamline the process and reduce friction for users concerned about their account security.