The Breach News

The Ever-Present Vulnerabilities of VPNs

Governance & Risk Management, Remote Workforce Research Highlights Surge in Cyber Attacks During Pandemic Greg Sirico • January 5, 2026 Image: Summit Art Creations/Shutterstock The COVID-19 pandemic served as a critical test of the resilience of secure networking practices, particularly as businesses rapidly transitioned to remote work environments. The swift…

Read MoreThe Ever-Present Vulnerabilities of VPNs

Libcue Library Vulnerability Exposes GNOME Linux Systems to RCE Attacks

Recent disclosures have revealed a significant security vulnerability affecting the libcue library, which supports GNOME Linux systems. This flaw, tracked as CVE-2023-43641, has been assigned a high CVSS score of 8.8, indicating its potential severity. The vulnerability stems from memory corruption associated with the libcue library, specifically affecting versions 2.2.1…

Read MoreLibcue Library Vulnerability Exposes GNOME Linux Systems to RCE Attacks

Here’s the List of Approximately 600 MAC Addresses Compromised in the Recent ASUS Hack

Recent developments reveal a significant cyber breach affecting ASUS customers, attributed to a sophisticated supply chain attack. Kaspersky, a Russian cybersecurity company, disclosed parts of this incident last week, though it withheld the complete list of hardcoded MAC addresses embedded in the malicious code targeting specific users. In lieu of…

Read MoreHere’s the List of Approximately 600 MAC Addresses Compromised in the Recent ASUS Hack

Breach Database Site ‘LeakedSource’ Shuts Down Following Reported Police Raid

In a significant development within the realm of cybersecurity, it has been reported that LeakedSource, a breach notification service infamous for aggregating and disclosing vast amounts of compromised user data, has gone offline following an alleged law enforcement raid. This site, which came into prominence in late 2015, has been…

Read MoreBreach Database Site ‘LeakedSource’ Shuts Down Following Reported Police Raid

Ledger Discloses Payment Partner’s Data Breach: Customer Names and Contact Info Leaked – DL News

Data Breach Exposes Ledger Customers’ Information Ledger, a prominent provider of cryptocurrency hardware wallets, has confirmed that customer names and contact details were compromised following a data breach involving one of its payment processing partners. This incident marks yet another challenge for Ledger, which has faced multiple breaches in the…

Read MoreLedger Discloses Payment Partner’s Data Breach: Customer Names and Contact Info Leaked – DL News

HTTP/2 Rapid Reset Zero-Day Vulnerability Used to Execute Record-Breaking DDoS Attacks

In a concerning escalation of cybersecurity threats, Amazon Web Services (AWS), Cloudflare, and Google reported significant progress in defending against unprecedented distributed denial-of-service (DDoS) attacks that utilize a new exploit known as HTTP/2 Rapid Reset. This emerging vulnerability has raised alarms due to its ability to launch large-scale attacks efficiently.…

Read MoreHTTP/2 Rapid Reset Zero-Day Vulnerability Used to Execute Record-Breaking DDoS Attacks

Sophisticated ‘TajMahal APT Framework’ Evaded Detection for Five Years

A recently disclosed spyware framework, identified as TajMahal, has emerged as a significant threat in the cybersecurity landscape, having reportedly operated undetected for over five years. Cybersecurity researchers from Kaspersky Lab announced the discovery, revealing that this advanced persistent threat (APT) toolkit is characterized by its modular architecture and an…

Read MoreSophisticated ‘TajMahal APT Framework’ Evaded Detection for Five Years