The Breach News

Live Webinar | Discover the Latest in Google SecOps: How AI Agents are Transforming the Modern SOC

Webinar Announcement: Innovations in Google SecOps and the Impact of AI on Today’s Security Operations Center In an upcoming live webinar, industry leaders will delve into the groundbreaking developments within Google SecOps, particularly focusing on how artificial intelligence is reshaping the operational landscape of modern Security Operations Centers (SOCs). This…

Read MoreLive Webinar | Discover the Latest in Google SecOps: How AI Agents are Transforming the Modern SOC

Cryptocurrency Mining and Clipper Malware Distributed Through Cracked Software on SourceForge

Recent investigations have uncovered an alarming trend in which cybercriminals are distributing malicious software masquerading as legitimate cracked applications, specifically targeting users through the popular software hosting platform, SourceForge. Among the most concerning payloads identified are cryptocurrency miners and clipper malware disguised as Microsoft Office add-ons. A report from Kaspersky…

Read MoreCryptocurrency Mining and Clipper Malware Distributed Through Cracked Software on SourceForge

TransUnion Data Breach Affects 4.4 Million U.S. Customers – AppleInsider

TransUnion Data Breach Affects 4.4 Million U.S. Customers In a significant cybersecurity incident, TransUnion has reported a data breach that compromises the personal information of approximately 4.4 million customers in the United States. This recent event highlights the ongoing vulnerabilities faced by organizations handling sensitive customer data and raises urgent…

Read MoreTransUnion Data Breach Affects 4.4 Million U.S. Customers – AppleInsider

Cisco Addresses CVE-2025-20188 (CVSS 10.0) in IOS XE, Allowing Root Exploits via JWT

Cisco Addresses Critical Security Flaw in IOS XE Wireless Controller Cisco has announced a critical software update aimed at mitigating a severe security vulnerability identified in its IOS XE Wireless Controller. This flaw, designated as CVE-2025-20188, poses a significant threat by allowing remote, unauthenticated attackers to upload arbitrary files to…

Read MoreCisco Addresses CVE-2025-20188 (CVSS 10.0) in IOS XE, Allowing Root Exploits via JWT

Winter Vivern APT Group Targets Officials in India, Lithuania, Slovakia, and the Vatican

The advanced persistent threat (APT) group known as Winter Vivern has increasingly targeted governmental entities across regions, including India, Lithuania, Slovakia, and the Vatican, with campaigns dating back to 2021. Reports from SentinelOne indicate that among the specific targets are Polish government agencies, the Ukrainian Ministry of Foreign Affairs, and…

Read MoreWinter Vivern APT Group Targets Officials in India, Lithuania, Slovakia, and the Vatican

Adobe Addresses 11 Critical ColdFusion Vulnerabilities Among 30 Total Issues Found

Adobe has announced the release of crucial security updates aimed at addressing a significant range of vulnerabilities, particularly critical-severity flaws affecting ColdFusion versions 2021, 2023, and 2025. These vulnerabilities expose systems to serious threats, including unauthorized file access and potential code execution, representing a serious risk to business data integrity…

Read MoreAdobe Addresses 11 Critical ColdFusion Vulnerabilities Among 30 Total Issues Found

TransUnion Data Breach Exposes Information of More Than 4 Million Customers

TransUnion LLC has disclosed a considerable data breach affecting over 4.4 million consumers, with the incident occurring in late July 2025. The credit reporting agency revealed the breach on August 26, shortly after identifying the unauthorized access on July 30. Based in Chicago, Illinois, TransUnion reported that this breach has…

Read MoreTransUnion Data Breach Exposes Information of More Than 4 Million Customers

SonicWall Fixes Three Vulnerabilities in SMA 100 Devices That Enable Attackers to Execute Root Code

SonicWall Addresses Critical Vulnerabilities in SMA 100 Series Devices SonicWall has announced the release of critical patches aimed at rectifying three significant vulnerabilities within its SMA 100 Secure Mobile Access (SMA) appliances. These flaws are serious enough to potentially allow for remote code execution, posing major security risks for affected…

Read MoreSonicWall Fixes Three Vulnerabilities in SMA 100 Devices That Enable Attackers to Execute Root Code