The Breach News

GitHub Discovers New Vulnerabilities in ruby-saml That Enable Account Takeover Attacks

High-Severity Vulnerabilities Discovered in Ruby-SAML Library, Posing Authentication Risks Two significant security vulnerabilities have been identified in the open-source ruby-saml library, which poses a risk of allowing malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections. The discovered vulnerabilities are classified as CVE-2025-25291 and CVE-2025-25292, carrying a high…

Read MoreGitHub Discovers New Vulnerabilities in ruby-saml That Enable Account Takeover Attacks

OpenAI Implements Age Verification and Parental Controls for Minors

Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development New Safeguards Implemented Amid Concerns Over Teen Suicides Linked to ChatGPT Anviksha More (AnvikshaMore) • September 17, 2025 OpenAI is enhancing ChatGPT’s security features to better protect younger users amidst increasing scrutiny over chatbot safety. (Image: Shutterstock) OpenAI has announced…

Read MoreOpenAI Implements Age Verification and Parental Controls for Minors

Cybercriminals Use Odd New Tactics to Target You with Scam Texts

Recent developments in the world of cybersecurity have highlighted the risks posed by SMS blasting devices, which circumvent the security protocols established by mobile service providers. These devices, often associated with scams, exploit vulnerabilities by allowing malicious actors to send deceptive messages without being subject to the usual protective measures.…

Read MoreCybercriminals Use Odd New Tactics to Target You with Scam Texts

⚡ THN Weekly Recap: Key Cybersecurity Threats, Tools, and Tips [February 10]

The current landscape of cybersecurity reveals that even the smallest vulnerabilities can precipitate significant breaches. Exposing an encryption key, neglecting a minor software update, or leaving a cloud storage bucket unsecured may seem trivial, yet these factors can become major gateways for cyber attacks. This week, instances of cybercriminals exploiting…

Read More⚡ THN Weekly Recap: Key Cybersecurity Threats, Tools, and Tips [February 10]

GitHub Action Breach Exposes CI/CD Secrets in Over 23,000 Repositories

Cybersecurity experts are raising alarms over a breach involving the popular GitHub Action, tj-actions/changed-files, which has reportedly been manipulated to leak sensitive information from repositories utilizing continuous integration and continuous delivery (CI/CD) frameworks. This incident is significant, given that the affected action is employed in more than 23,000 repositories for…

Read MoreGitHub Action Breach Exposes CI/CD Secrets in Over 23,000 Repositories

Google Encourages Relying on AI for Shopping

Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development AP2 Protocol Introduces ‘Mandates’ to Ensure Accountability in Agent-Led Transactions Rashmi Ramesh (rashmiramesh_) • September 17, 2025 Image: Shutterstock/ISMG In an innovative move, Google has unveiled a new “agent payments protocol,” enabling artificial intelligence to facilitate consumer shopping while ensuring…

Read MoreGoogle Encourages Relying on AI for Shopping

Microsoft Reveals Global Cyber Attacks by Sandworm Subgroup Affecting Over 15 Countries

A subgroup of the notorious Russian state-sponsored hacking entity known as Sandworm has been linked to a persistent global access operation, termed BadPilot, which has been under way for several years. The Microsoft Threat Intelligence team recently disclosed this in a report, emphasizing the group’s strategy of compromising internet-facing infrastructure…

Read MoreMicrosoft Reveals Global Cyber Attacks by Sandworm Subgroup Affecting Over 15 Countries