The Breach News

Hackers Exploit Russian Bulletproof Host Proton66 for Worldwide Attacks and Malware Distribution

Recent cybersecurity research has revealed a significant increase in cyber threats linked to the Russian bulletproof hosting service, Proton66. Analysts have documented a variety of malicious activities that include mass scanning, credential brute-forcing, and exploitation attempts emanating from this provider, with the uptick in activity noted since January 8, 2025.…

Read MoreHackers Exploit Russian Bulletproof Host Proton66 for Worldwide Attacks and Malware Distribution

Chinese Hackers Target South American Diplomats Using ShadowPad

Cyber Espionage Suspected in South American Diplomatic Attacks On Monday, Microsoft announced it has linked a China-based cyber espionage group to a series of attacks targeting diplomatic organizations in South America. The tech conglomerate’s Security Intelligence team is closely monitoring this group under the identifier DEV-0147. They characterized the recent…

Read MoreChinese Hackers Target South American Diplomats Using ShadowPad

Shift5 Secures $75M for Cybersecurity Initiatives in Defense and Transportation

Government, Industry Specific, Next-Generation Technologies & Secure Development Startup Secures $75M to Expand Dual-Use Technology Against GPS Jamming Threats Michael Novinson (MichaelNovinson) • September 4, 2025 Ronak Shah, co-CTO of Shift5 (Image: Shift5) A cybersecurity startup focused on military and transportation security has successfully raised $75 million in funding aimed…

Read MoreShift5 Secures $75M for Cybersecurity Initiatives in Defense and Transportation

Sextortion with a Twist: Spyware Captures Webcam Images of Users Viewing Pornography

Emerging Threat: New Infostealer Program Targets Vulnerable Users with Automated Sextortion Features Recent investigations by cybersecurity firm Proofpoint have uncovered a burgeoning threat in the form of a malicious software known as Stealerium. This program, which masquerades as a legitimate application, allows cybercriminals to access a wide range of personal…

Read MoreSextortion with a Twist: Spyware Captures Webcam Images of Users Viewing Pornography

UAT-5918 Exploits Taiwan’s Critical Infrastructure with Web Shells and Open-Source Tools

A newly identified threat actor, designated as UAT-5918, has reportedly targeted critical infrastructure in Taiwan since at least 2023. This group is suspected of aiming to establish long-term access to gather sensitive information, employing various tactics such as web shells and open-source tools for post-compromise activities, according to research by…

Read MoreUAT-5918 Exploits Taiwan’s Critical Infrastructure with Web Shells and Open-Source Tools

Salesforce-Salesloft Drift Breach Affects Additional Cybersecurity Firms – SecurityWeek

More Cybersecurity Firms Targeted in Salesforce-Salesloft Drift Breach In a significant cybersecurity incident, a number of companies, particularly those in the cybersecurity sector, have experienced breaches linked to the Salesforce and Salesloft platforms. This alarming development highlights ongoing vulnerabilities that can have profound implications for data security across industries. The…

Read MoreSalesforce-Salesloft Drift Breach Affects Additional Cybersecurity Firms – SecurityWeek

Kimsuky Uses BlueKeep RDP Vulnerability to Compromise Systems in South Korea and Japan

Recent intelligence reports indicate that a targeted cyber campaign has been orchestrated by the North Korean state-sponsored threat actor, known as Kimsuky, which exploits a patched vulnerability in Microsoft Remote Desktop Services to establish initial access into victim systems. The AhnLab Security Intelligence Center (ASEC) has identified this malicious activity…

Read MoreKimsuky Uses BlueKeep RDP Vulnerability to Compromise Systems in South Korea and Japan

New Threat Actor WIP26 Targets Telecom Providers in the Middle East

Cyber Espionage Campaign Targets Telecom Providers in the Middle East Telecommunication service providers in the Middle East are currently facing a sophisticated cyber espionage campaign attributed to an undocumented threat actor, identified as WIP26, by cybersecurity firms SentinelOne and QGroup. This operation appears focused on intelligence gathering, leveraging advanced techniques…

Read MoreNew Threat Actor WIP26 Targets Telecom Providers in the Middle East

HHS Announces Initiative to Combat Health Information Blocking

HIPAA/HITECH, Standards, Regulations & Compliance U.S. Government Intensifies Enforcement of 21st Century Cures Act Regulations; Fines May Reach $1 Million Marianne Kolbasuk McGee (HealthInfoSec) • September 4, 2025 The U.S. Department of Health and Human Services has announced a ramp-up in enforcement of information blocking regulations under the 21st Century…

Read MoreHHS Announces Initiative to Combat Health Information Blocking