The Breach News

⚡ Weekly Roundup: VPN Vulnerabilities, Oracle’s Quiet Breach, Surge in ClickFix, and More

Cybersecurity Update: Rising Threats and Emerging Vulnerabilities In the ever-evolving landscape of cybersecurity, unpatched systems, weak passwords, and neglected plugins serve as gateways for attackers. As supply chains intertwine deeply with the software we depend on, malware is increasingly hidden within seemingly benign avenues, including job offers and cloud services.…

Read More⚡ Weekly Roundup: VPN Vulnerabilities, Oracle’s Quiet Breach, Surge in ClickFix, and More

Hackers Leverage Vulnerabilities in Samsung MagicINFO and GeoVision IoT to Launch Mirai Botnet Attacks

Recent activity has revealed that cybercriminals are actively exploiting security vulnerabilities in GeoVision’s end-of-life Internet of Things (IoT) devices. This alarming trend is being leveraged to recruit these devices into a Mirai botnet for conducting distributed denial-of-service (DDoS) attacks. Initial observations made by the Akamai Security Intelligence and Response Team…

Read MoreHackers Leverage Vulnerabilities in Samsung MagicINFO and GeoVision IoT to Launch Mirai Botnet Attacks

Sharp Panda Leverages New Soul Framework Version to Engage Southeast Asian Governments

Southeast Asian Governments Targeted in Ongoing Cyber Espionage by Sharp Panda A sophisticated cyber espionage campaign has emerged, focusing on high-profile government entities across Southeast Asia, with the Chinese threat actor known as Sharp Panda at the forefront. This activity has reportedly intensified since late last year, evolving away from…

Read MoreSharp Panda Leverages New Soul Framework Version to Engage Southeast Asian Governments

CISO Webinar: The Rise of AI in the UK and Its Impact on Attack Surfaces

Mandy Andress: Visionary Leader in Cybersecurity CISO, Elastic Mandy Andress serves as the Chief Information Security Officer (CISO) at Elastic, bringing with her a wealth of experience in information risk management and cybersecurity. Her career journey includes pivotal roles where she spearheaded information security initiatives at MassMutual and played a…

Read MoreCISO Webinar: The Rise of AI in the UK and Its Impact on Attack Surfaces

CISA Includes CrushFTP Vulnerability in KEV Catalog After Confirmed Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reported a significant security vulnerability affecting CrushFTP, now cataloged as a Known Exploited Vulnerability following active exploitation incidents. The flaw, identified as an authentication bypass, allows unauthenticated attackers to gain control of vulnerable instances, raising serious concerns among cybersecurity professionals. This…

Read MoreCISA Includes CrushFTP Vulnerability in KEV Catalog After Confirmed Active Exploitation

TransUnion Data Breach Exposes 4.5 Million Records via Third-Party Application

TransUnion Cyberattack Exposes Personal Data of 4.4 Million Consumers TransUnion, one of the United States’ primary credit reporting agencies, has reported a cyberattack that has compromised the sensitive personal information of over 4.4 million U.S. consumers. This breach, confirmed on July 30, originated due to vulnerabilities in a third-party application…

Read MoreTransUnion Data Breach Exposes 4.5 Million Records via Third-Party Application

SysAid Addresses 4 Critical Vulnerabilities Allowing Pre-Authenticated RCE in On-Premises Version

SysAid IT Support Software Vulnerabilities Expose Businesses to Remote Code Execution Risks Cybersecurity experts have revealed critical security vulnerabilities in the on-premise version of SysAid IT support software, presenting significant risks for organizations using this platform. These vulnerabilities, identified as CVE-2025-2775, CVE-2025-2776, and CVE-2025-2777, enable attackers to execute remote commands…

Read MoreSysAid Addresses 4 Critical Vulnerabilities Allowing Pre-Authenticated RCE in On-Premises Version