The Breach News

Exploitation of PHP-CGI RCE Vulnerability Targets Japan’s Technology, Telecommunications, and E-Commerce Industries

In a disturbing development for cybersecurity, a campaign attributed to unidentified threat actors has emerged, focusing primarily on organizations in Japan since January 2025. This malicious initiative exploits a vulnerability known as CVE-2024-4577, a remote code execution (RCE) flaw in the PHP-CGI implementation on Windows systems, as reported by Cisco…

Read MoreExploitation of PHP-CGI RCE Vulnerability Targets Japan’s Technology, Telecommunications, and E-Commerce Industries

Chinese Hackers Salt Typhoon and UNC4841 Collaborate to Target Critical Infrastructure

Cybersecurity experts from Silent Push have exposed a complex Chinese espionage initiative that intertwines two notable threat actors: Salt Typhoon and UNC4841. This investigation has unveiled a previously hidden network of malicious infrastructure aimed at infiltrating government and corporate networks across more than 80 countries. The analysis identified 45 malicious…

Read MoreChinese Hackers Salt Typhoon and UNC4841 Collaborate to Target Critical Infrastructure

Amazon EC2 SSM Agent Vulnerability Fixed After Path Traversal Leads to Privilege Escalation

Recent findings by cybersecurity experts have unveiled a significant vulnerability within the Amazon EC2 Simple Systems Manager (SSM) Agent, a flaw that has since been patched. Should it have been exploited by malicious actors, the vulnerability could have led to unauthorized privilege escalation and code execution on affected systems. The…

Read MoreAmazon EC2 SSM Agent Vulnerability Fixed After Path Traversal Leads to Privilege Escalation

Researchers Discover Link Between Moses’ Staff and the Emerging Abraham’s Ax Hacktivist Group

Recent findings have established a connection between the politically driven hacktivist group known as Moses Staff and a newly emerging threat actor referred to as Abraham’s Ax, which appeared on the cybersecurity radar in November 2022. This assessment is grounded in shared elements in iconography, video content, and leak sites…

Read MoreResearchers Discover Link Between Moses’ Staff and the Emerging Abraham’s Ax Hacktivist Group

18 Widely Used Code Packages Compromised to Steal Cryptocurrency – Krebs on Security

A significant cybersecurity incident surfaced today involving the brief compromise of at least 18 popular JavaScript code packages, which collectively receive over two billion downloads weekly. The breach occurred after a developer, engaged in maintaining these projects, fell victim to a phishing attack. While the immediate threat was contained—focused on…

Read More18 Widely Used Code Packages Compromised to Steal Cryptocurrency – Krebs on Security

Huge Leak Reveals How a Chinese Firm Is Spreading the Great Firewall Globally

A recent leak comprising over 100,000 documents reveals that a relatively obscure Chinese firm, Geedge Networks, has been surreptitiously marketing censorship systems similar to the Great Firewall to governments globally. Founded in 2018 and backed by key figures involved in China’s censorship framework, Geedge promotes itself as a network-monitoring service…

Read MoreHuge Leak Reveals How a Chinese Firm Is Spreading the Great Firewall Globally

Safe{Wallet} Reveals North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist

Safe{Wallet} has disclosed that the breach associated with the Bybit crypto heist, which resulted in a staggering loss of $1.5 billion, was carried out by a highly sophisticated, state-sponsored actor believed to be linked to North Korea. This group took specific measures to eliminate evidence of their activities, thereby complicating…

Read MoreSafe{Wallet} Reveals North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist

Wealthsimple Executive Apologizes to Customers Following Data Breach, Assures No Account Information Was Compromised

Wealthsimple Exposes Customer Data in Breach, Promises Compensation and Security Enhancements Wealthsimple, a Toronto-based online financial services provider, has issued an apology following a significant data breach that exposed the sensitive information of thousands of customers. The security incident, disclosed on Saturday, involved personal data including social insurance numbers, account…

Read MoreWealthsimple Executive Apologizes to Customers Following Data Breach, Assures No Account Information Was Compromised

Fortinet Advocates for FortiSwitch Upgrades to Address Critical Admin Password Vulnerability

Critical Security Flaw Discovered in Fortinet’s FortiSwitch Fortinet has issued urgent security updates following the discovery of a significant vulnerability in its FortiSwitch network switches. This critical flaw, identified as CVE-2024-48887, has a high CVSS score of 9.3 out of 10, indicating that it poses severe risks to system security.…

Read MoreFortinet Advocates for FortiSwitch Upgrades to Address Critical Admin Password Vulnerability