The Breach News

Google Fixes Quick Share Vulnerability Allowing Silent File Transfers Without Consent

Recent findings from cybersecurity experts reveal a vulnerability in Google’s Quick Share data transfer tool for Windows, which can be manipulated to cause denial-of-service (DoS) issues or transmit files to users’ devices without their consent. This flaw underscores serious security concerns for users relying on this peer-to-peer file-sharing utility. Categorized…

Read MoreGoogle Fixes Quick Share Vulnerability Allowing Silent File Transfers Without Consent

Earth Bogle Campaign Deploys NjRAT Trojan Across the Middle East and North Africa

A new cyber campaign known as Earth Bogle has emerged, showcasing the use of geopolitical themes to distribute the NjRAT remote access trojan across the Middle East and North Africa. This initiative underscores the evolving strategies employed by threat actors to exploit current events for malicious purposes. According to a…

Read MoreEarth Bogle Campaign Deploys NjRAT Trojan Across the Middle East and North Africa

Hackers Breach 18 NPM Packages in Supply Chain Attack

Relevant topics include Third Party Risk Management, Cryptocurrency Fraud, and Fraud Management & Cybercrime. Developer Compromised by Phishing Attack Involving a Malicious Email Authored by Akshaya Asokan (asokan_akshaya), David Perera (@daveperera) • September 9, 2025 Image: Shutterstock An attacker compromised 18 widely-used npm packages by embedding cryptocurrency theft malware after…

Read MoreHackers Breach 18 NPM Packages in Supply Chain Attack

US Investment in Spyware is Soaring

The recent report emphasizes the significant yet often overlooked role of resellers and brokers in the spyware supply chain, describing this group as “a notably under-researched set of actors.” These intermediaries are said to obscure the relationships among vendors, suppliers, and buyers, frequently facilitating connections to emerging regional markets. Sarah…

Read MoreUS Investment in Spyware is Soaring

China’s Cybersecurity Authority Fines Dior for Breach of Customer Data Transfer Regulations

On September 10, the Cyberspace Administration of China announced administrative sanctions against Dior’s Shanghai branch, a luxury brand owned by LVMH. This action stems from the unauthorized transfer of customers’ personal data to the company’s headquarters in France, highlighting significant compliance lapses in data protection practices. The investigation into Dior…

Read MoreChina’s Cybersecurity Authority Fines Dior for Breach of Customer Data Transfer Regulations

SpotBugs Access Token Theft Found to Be the Main Cause of GitHub Supply Chain Attack

A sophisticated supply chain attack initially aimed at Coinbase has now been linked to a wider campaign targeting users of the “tj-actions/changed-files” GitHub Action. This breach is believed to have originated from the theft of a personal access token (PAT) connected to the SpotBugs project, unveiled by Palo Alto Networks’…

Read MoreSpotBugs Access Token Theft Found to Be the Main Cause of GitHub Supply Chain Attack

US Federal Authorities Indict Hacker Behind LockerGoga and MegaCortex Ransomware Attacks

Fraud Management & Cybercrime, Ransomware State Department Offers Up to $10M for Information on Cybercriminal Volodymyr Tymoshchuk David Perera (@daveperera) • September 9, 2025 Image: US Department of State/Shutterstock/ISMG Federal prosecutors announced the indictment of a hacker linked to the LockerGoga and MegaCortex ransomware strains, presenting a seven-count criminal case…

Read MoreUS Federal Authorities Indict Hacker Behind LockerGoga and MegaCortex Ransomware Attacks

Cindy Cohn Steps Down from EFF, But Continues to Champion Digital Rights

Cindy Cohn Steps Down as EFF Executive Director After 25 Years of Advocacy Cindy Cohn, a prominent defender of digital rights, announced her departure from the role of executive director at the Electronic Frontier Foundation (EFF) on Tuesday. Having led the San Francisco-based nonprofit since 2015, Cohn’s resignation marks the…

Read MoreCindy Cohn Steps Down from EFF, But Continues to Champion Digital Rights