The Breach News

Fodcha DDoS Botnet Makes a Comeback with Enhanced Features

Recent findings from Qihoo 360’s Network Security Research Lab indicate that the Fodcha distributed denial-of-service (DDoS) botnet has re-emerged with enhanced capabilities. The updated botnet incorporates modifications to its communication protocol and has introduced the ability to demand cryptocurrency payments in exchange for ceasing attacks on specific targets. Initially brought…

Read MoreFodcha DDoS Botnet Makes a Comeback with Enhanced Features

Revisiting the Past: Iranian Hackers Take Advantage of Macros

Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime MuddyWater Resumes Use of Bulletproof Hosting and Custom Malware Mathew J. Schwartz (euroinfosec) • September 17, 2025 Image: Iurii Stepanov/Shutterstock An Iranian state-sponsored hacking group, MuddyWater, is reportedly reviving its tactics by incorporating Microsoft Office documents with malicious macros into its attack…

Read MoreRevisiting the Past: Iranian Hackers Take Advantage of Macros

Hackers Exploit CAPTCHA Loophole in Webflow CDN PDFs to Evade Security Scanners

A recent phishing assault has emerged, allegedly utilizing counterfeit PDF documents hosted on the Webflow content delivery network (CDN) with the aim of capturing credit card data and executing financial fraud. This operation specifically targets individuals searching for academic materials or documents through search engines. According to Netskope Threat Labs…

Read MoreHackers Exploit CAPTCHA Loophole in Webflow CDN PDFs to Evade Security Scanners

Apache Tomcat Vulnerability Exploited Within 30 Hours of Public Release

A recently uncovered security vulnerability in Apache Tomcat has begun to see active exploitation shortly after its disclosure. The flaw, designated as CVE-2025-24813, was made publicly available along with a proof-of-concept (PoC) within just 30 hours of its initial announcement. This vulnerability impacts several versions of Apache Tomcat, including 11.0.0-M1…

Read MoreApache Tomcat Vulnerability Exploited Within 30 Hours of Public Release

Chinese Hackers Employ Stealthy Infection Chain to Deploy LODEINFO Malware

A recently reported cybersecurity incident has revealed a stealthy infection chain employed by the Chinese state-sponsored group known as Stone Panda. This threat actor has been targeting various entities in Japan, including media outlets, governmental and public sector organizations, as well as think tanks, raising alarms about the potential risk…

Read MoreChinese Hackers Employ Stealthy Infection Chain to Deploy LODEINFO Malware

Two Eye Care Practice Strategies Impact 260,000 Patients and Staff

Data Breach Notification, Data Security, Fraud Management & Cybercrime Recent Cyberattacks Target Ophthalmology Practices in South Dakota and Florida Marianne Kolbasuk McGee (HealthInfoSec) • September 16, 2025 Major hacking breaches have affected the Retina Group of Florida and Black Hills Regional Eye Institute this year. (Image: Retina Group of Florida,…

Read MoreTwo Eye Care Practice Strategies Impact 260,000 Patients and Staff

RansomHub Named 2024’s Leading Ransomware Group, Targeting Over 600 Organizations Worldwide

Rise of RansomHub: A Resurgent Threat in Cybercrime The RansomHub ransomware-as-a-service (RaaS) group has emerged as a significant player in the cybercrime landscape, capitalizing on previously patched vulnerabilities in Microsoft Active Directory and the Netlogon protocol to facilitate unauthorized access to victim networks. Recent analyses highlight the group’s ability to…

Read MoreRansomHub Named 2024’s Leading Ransomware Group, Targeting Over 600 Organizations Worldwide

Nearly 700,000 Customers Affected by Insider Attack at U.S. Fintech Company

A US-based fintech company, FinWise, has alerted its customers about a potential data breach stemming from an insider threat. The organization, which facilitates loans on behalf of various American financial institutions, disclosed that a former employee accessed sensitive customer information after their departure from the company. According to filings made…

Read MoreNearly 700,000 Customers Affected by Insider Attack at U.S. Fintech Company