The Breach News

Meta Unveils LlamaFirewall Framework to Prevent AI Jailbreaks, Code Injections, and Security Vulnerabilities

Meta recently introduced LlamaFirewall, a new open-source framework aimed at enhancing the security of artificial intelligence systems. This initiative addresses emerging cyber threats like prompt injection, jailbreaks, and various vulnerabilities that AI technologies face today. The framework is structured around three primary guardrails: PromptGuard 2, Agent Alignment Checks, and CodeShield.…

Read MoreMeta Unveils LlamaFirewall Framework to Prevent AI Jailbreaks, Code Injections, and Security Vulnerabilities

Hydrochasma: New Cyber Threat Targets Shipping Firms and Medical Laboratories in Asia

Recent reports indicate that shipping companies and medical laboratories across Asia have become targets of a sophisticated espionage initiative attributed to a previously unidentified threat actor called Hydrochasma. This activity has been under investigation since October 2022, revealing a pattern of operations that relies solely on readily available public tools…

Read MoreHydrochasma: New Cyber Threat Targets Shipping Firms and Medical Laboratories in Asia

Data Breaches at Specialty Health Organizations Impact Nearly 900,000 Individuals

Data Security Healthcare Providers Suffer Data Breaches Impacting Nearly 900,000 Patients Marianne Kolbasuk McGee (HealthInfoSec) • September 2, 2025 Healthcare suppliers are increasingly targeted by cybercriminals. (Image: Getty Images) Recent cyberattacks have resulted in significant breaches at several specialized healthcare organizations, leading to compromised data for nearly 900,000 individuals. Providers…

Read MoreData Breaches at Specialty Health Organizations Impact Nearly 900,000 Individuals

Nearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scanning Attack

Recent reports from cybersecurity researchers indicate a significant increase in login scanning attempts directed at Palo Alto Networks PAN-OS GlobalProtect gateways. An alarming total of nearly 24,000 unique IP addresses have been identified in this activity, raising concerns about the integrity of these critical systems. This surge, which the threat…

Read MoreNearly 24,000 IPs Target PAN-OS GlobalProtect in Coordinated Login Scanning Attack

Watchdog Reports Government Cannot Determine Financial Impact of Afghan Data Breach

The UK’s Ministry of Defence (MoD) is facing scrutiny regarding its secret relocation plan set up in response to a major data leak involving Afghan individuals. The National Audit Office (NAO) has announced that the MoD is unable to accurately determine the total financial impact of this plan, which aims…

Read MoreWatchdog Reports Government Cannot Determine Financial Impact of Afghan Data Breach

SonicWall Acknowledges Ongoing Exploitation of Vulnerabilities Impacting Various Appliance Models

SonicWall Acknowledges Exploitation of Critical Vulnerabilities in SMA100 Series Devices SonicWall has confirmed that two significant vulnerabilities within its SMA100 Secure Mobile Access appliances have been actively exploited. These flaws, recently patched, pose serious risks to organizations utilizing these devices, particularly those in sensitive sectors. The first vulnerability, identified as…

Read MoreSonicWall Acknowledges Ongoing Exploitation of Vulnerabilities Impacting Various Appliance Models

Attackers Bombard NPM Repository with 15,000+ Spam Packages Loaded with Phishing Links

Recent developments in the open-source software landscape indicate a significant threat, as over 15,000 spam packages have infiltrated the npm repository. These malicious packages aim to disseminate phishing links, posing a considerable risk to users and businesses alike. According to Checkmarx researcher Yehuda Gelb, the packages were generated through automated…

Read MoreAttackers Bombard NPM Repository with 15,000+ Spam Packages Loaded with Phishing Links

Silver Fox APT Exploits Windows Driver in Ongoing Campaign

Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Exploitation of Microsoft Blocklist Gap: Silver Fox’s Undetected Operations Pooja Tikekar ( @PoojaTikekar) • September 2, 2025 Image: Jim Cumming/Shutterstock A cyber-espionage campaign attributed to a Chinese nation-state actor, identified as Silver Fox, has successfully exploited a gap in Microsoft’s signed driver…

Read MoreSilver Fox APT Exploits Windows Driver in Ongoing Campaign

Cloudflare Confirms Data Breach Associated with Salesforce and Salesloft Drift

Cloudflare has confirmed a data breach linked to Salesforce through the Salesloft Drift integration, resulting in the exposure of customer support case data while keeping core systems intact. In a recent disclosure, Cloudflare acknowledged that a supply chain attack on Salesloft Drift led to the exposure of sensitive customer support…

Read MoreCloudflare Confirms Data Breach Associated with Salesforce and Salesloft Drift