The Breach News

Microsoft Addresses 125 Vulnerabilities, Including Exploited Windows CLFS Flaw

In recent developments, Microsoft has unveiled critical security patches addressing a staggering array of 125 vulnerabilities across its software platforms. Among these, one vulnerability has been identified as under active exploitation in the wild, raising significant alarms within the cybersecurity community. Of the reported vulnerabilities, 11 are designated as Critical,…

Read MoreMicrosoft Addresses 125 Vulnerabilities, Including Exploited Windows CLFS Flaw

CISA Updates KEV List with Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM

On March 10, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the inclusion of five new vulnerabilities affecting Advantive VeraCore and Ivanti Endpoint Manager (EPM) in its Known Exploited Vulnerabilities (KEV) catalog, following confirmed cases of exploitation in the wild. This escalation emphasizes a heightened risk for organizations…

Read MoreCISA Updates KEV List with Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM

Aussie University Faces Major Expenses Due to Cyber Attacks

Western Sydney University Faces Escalating Cybersecurity Costs Following Data Breaches Western Sydney University (WSU) has incurred substantial expenses in response to a series of cyber attacks that plagued the institution throughout 2024. Vice Chancellor Professor George Williams disclosed at a recent Senate inquiry examining governance in higher education that the…

Read MoreAussie University Faces Major Expenses Due to Cyber Attacks

NVIDIA Toolkit’s Incomplete Patch Exposes CVE-2024-0132 to Container Escape Vulnerabilities

Recent cybersecurity research has uncovered an incomplete patch associated with a previously identified vulnerability in the NVIDIA Container Toolkit. This oversight poses significant risks, potentially exposing sensitive data to exploitation if targeted by malicious actors. Initially reported as CVE-2024-0132, this critical vulnerability, which has a CVSS score of 9.0, is…

Read MoreNVIDIA Toolkit’s Incomplete Patch Exposes CVE-2024-0132 to Container Escape Vulnerabilities

Prilex PoS Malware Adapts to Intercept Contactless Payments and Steal NFC Card Data

A new variant of the advanced point-of-sale (PoS) malware known as Prilex has emerged from Brazilian cybercriminals, introducing capabilities to disrupt contactless payment transactions. This follows the trend of malware evolution, as Prilex has shifted focus from ATM targeting to sophisticated PoS infiltration since its inception in 2014. According to…

Read MorePrilex PoS Malware Adapts to Intercept Contactless Payments and Steal NFC Card Data

Integrating Cybersecurity and Biosecurity through Threat Modeling

Endpoint Security, Geo Focus: Australia, Geo-Specific A Structured Approach to Address Vulnerabilities in Synthetic Biology Laboratories Maryam Shoraka • September 3, 2025 The rapid development of synthetic biology offers significant societal benefits, from bacteria engineered to degrade environmental pollutants to synthetic microbes that can create vital medicines. However, these advancements…

Read MoreIntegrating Cybersecurity and Biosecurity through Threat Modeling

Blind Eagle Exploits NTLM Vulnerability in Colombian Institutions with RATs and GitHub-Centric Tactics

Since November 2024, threat actor Blind Eagle has executed a series of sophisticated campaigns primarily aimed at Colombian institutions and government bodies. These operations have demonstrated a high rate of infection, targeting critical infrastructure and private organizations alike. According to Check Point’s recent analysis, the campaigns resulted in more than…

Read MoreBlind Eagle Exploits NTLM Vulnerability in Colombian Institutions with RATs and GitHub-Centric Tactics

Commvault Introduces New Hyperscale Solutions to Strengthen On-Site Cyber Resilience

Commvault, a prominent player in cyber resilience and data protection solutions for hybrid cloud environments, has recently expanded its HyperScale portfolio with the introduction of HyperScale Edge and HyperScale Flex. These solutions aim to address the growing data security concerns of modern enterprises operating in remote offices and edge environments—locations…

Read MoreCommvault Introduces New Hyperscale Solutions to Strengthen On-Site Cyber Resilience

OttoKit WordPress Plugin Admin Creation Vulnerability Actively Being Exploited

A newly uncovered, high-severity vulnerability affects the OttoKit plugin for WordPress, formerly known as SureTriggers. This flaw has reportedly been exploited within mere hours of its public disclosure, posing a significant risk to website security. Identified as CVE-2025-3102, this vulnerability carries a CVSS score of 8.1 due to an authorization…

Read MoreOttoKit WordPress Plugin Admin Creation Vulnerability Actively Being Exploited