The Breach News

Koi Secures $48M to Protect AI Models, Code, and Extensions

Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Company Addresses Non-Binary Software Vulnerabilities Omitted by Traditional Endpoint Security Tools Michael Novinson (MichaelNovinson) • September 10, 2025 Amit Assaraf, co-founder and CEO, Koi (Image: Koi) Washington D.C.-based startup Koi has successfully raised $48 million to enhance the security of…

Read MoreKoi Secures $48M to Protect AI Models, Code, and Extensions

Everything You Need to Know About Poland Shooting Down Russian Drones

Poland Engages Russian Drones Amid Heightened Tensions Early Wednesday morning, Poland’s military successfully intercepted multiple Russian drones that breached its airspace during a significant strike on western Ukraine. This operation, confirmed by Prime Minister Donald Tusk via social media, underscores a pivotal moment in Poland’s role within the ongoing conflict…

Read MoreEverything You Need to Know About Poland Shooting Down Russian Drones

Security Risks Linked to Claude’s File Feature – eSecurity Planet

Claude’s File Feature Raises Security Concerns In a recent development in the realm of cybersecurity, the file-sharing feature of Claude, an emerging AI tool, has been flagged for posing significant security vulnerabilities. This news comes amid rising scrutiny within the tech community regarding the implications of integrating AI capabilities in…

Read MoreSecurity Risks Linked to Claude’s File Feature – eSecurity Planet

Google Resolves Cloud Run Vulnerability That Enabled Unauthorized Image Access Due to IAM Misconfiguration

In a recent cybersecurity development, researchers have uncovered a privilege escalation vulnerability in Google Cloud Platform’s (GCP) Cloud Run service, which has since been resolved. This flaw could have permitted malicious individuals to gain unauthorized access to container images and potentially inject harmful code, posing a considerable risk to businesses…

Read MoreGoogle Resolves Cloud Run Vulnerability That Enabled Unauthorized Image Access Due to IAM Misconfiguration

Hackers Exploit Legitimate GitHub Codespaces Feature to Distribute Malware

Recent research has highlighted concerning vulnerabilities within GitHub Codespaces, specifically the potential for threat actors to exploit its legitimate features to distribute malware. GitHub Codespaces, a cloud-based development environment, allows users to write, debug, and commit code changes from a browser or integrated within Visual Studio Code. Among its functionalities…

Read MoreHackers Exploit Legitimate GitHub Codespaces Feature to Distribute Malware

Hello Gym Data Breach Reveals 1.6 Million Audio Files of Members

A recent data breach involving Hello Gym has unveiled over 1.6 million audio recordings of its gym members, raising serious concerns about potential risks such as spear-phishing, deepfake impersonation, and identity theft. In an alarming cybersecurity incident, Hello Gym, a technology service provider for the fitness industry based in Minnesota,…

Read MoreHello Gym Data Breach Reveals 1.6 Million Audio Files of Members

Chinese APT Targets Philippine Military Contractor with New EggStreme Fileless Malware

Bitdefender has detected a new fileless malware dubbed EggStreme, employed by a China-based advanced persistent threat (APT) group, targeting the Philippine military and various organizations across the Asia-Pacific region. Researchers from Bitdefender discovered the EggStreme malware framework during an investigation into a breach at a Philippine military contractor. The malware…

Read MoreChinese APT Targets Philippine Military Contractor with New EggStreme Fileless Malware

China-Linked Silk Typhoon Broadens Cyber Attacks to Target IT Supply Chains for Initial Access

The group known as Silk Typhoon—previously referred to as Hafnium—has shifted its focus from exploiting vulnerabilities in Microsoft Exchange servers to targeting the information technology (IT) supply chain. This change in strategy aims to gain initial access to corporate networks, according to the Microsoft Threat Intelligence team’s recent report. Silk…

Read MoreChina-Linked Silk Typhoon Broadens Cyber Attacks to Target IT Supply Chains for Initial Access