The Breach News

Customer Information from Toys “R” Us Canada Data Breach Surfaces on the Dark Web – CPO Magazine

Toys “R” Us Canada Data Breach Exposes Customer Data on Dark Web A recent security incident has come to light involving Toys “R” Us Canada, where unauthorized access to sensitive customer information has been exposed on the dark web. This breach raises significant concerns about data privacy and security protocols…

Read MoreCustomer Information from Toys “R” Us Canada Data Breach Surfaces on the Dark Web – CPO Magazine

VMware Issues vCenter Server Update to Address Critical RCE Vulnerability

VMware has announced important software updates targeting a critical security vulnerability in vCenter Server that previously had patches issued but was determined to remain partially unaddressed. This vulnerability, identified as CVE-2024-38812 with a CVSS score of 9.8, involves a heap-overflow issue within the DCE/RPC protocol implementation. According to Broadcom, which…

Read MoreVMware Issues vCenter Server Update to Address Critical RCE Vulnerability

Google Reveals Recent Zero-Day Vulnerabilities in iOS, Chrome, and Internet Explorer Exploited in the Wild

On Wednesday, threat intelligence researchers from Google provided an update on four active zero-day vulnerabilities affecting Chrome, Safari, and Internet Explorer, all of which have been exploited by threat actors in various campaigns this year. This report highlights a concerning trend where three of the vulnerabilities were developed by commercial…

Read MoreGoogle Reveals Recent Zero-Day Vulnerabilities in iOS, Chrome, and Internet Explorer Exploited in the Wild

Zscaler Acquires SPLX to Enhance GenAI Model Security

Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Acquisition Enhances AI Protective Measures Against Red-Teaming and Compliance Monitoring Michael Novinson (MichaelNovinson) • November 3, 2025 Adam Geller, Chief Product Officer at Zscaler (Image: Zscaler) Zscaler has recently acquired SPLX, an artificial intelligence security startup, enhancing its capabilities in…

Read MoreZscaler Acquires SPLX to Enhance GenAI Model Security

OAIC Reports Ongoing Increase in Notifiable Data Breaches in Early 2025

The Office of the Australian Information Commissioner (OAIC) has unveiled its most recent Notifiable Data Breaches (NDB) report and dashboard for January to June 2025. This report reveals that the frequency of reported data breaches is persistently high across both public and private sectors in Australia. The updated dashboard highlights…

Read MoreOAIC Reports Ongoing Increase in Notifiable Data Breaches in Early 2025

Malicious npm Packages Compromise Developers’ Ethereum Wallets via SSH Backdoor

Cybersecurity Alert: Malicious npm Packages Target Ethereum Private Keys Recent findings by cybersecurity researchers have revealed a concerning wave of suspicious packages circulating in the npm registry, explicitly crafted to exfiltrate Ethereum private keys and enable unauthorized remote access to victims’ systems using the secure shell (SSH) protocol. This alarming…

Read MoreMalicious npm Packages Compromise Developers’ Ethereum Wallets via SSH Backdoor

China’s Cyber Espionage Aimed at Southeast Asian Government Agencies

Recent investigations have unveiled a robust cyber campaign that initially targeted Myanmar but has since expanded its reach to include numerous organizations in the Philippines. This heightened activity was reported by Russian cybersecurity firm Kaspersky, which first detected these infections back in October 2020. Kaspersky associates this malicious activity with…

Read MoreChina’s Cyber Espionage Aimed at Southeast Asian Government Agencies

Summary of Major Mobile Security Threats in 2022

In today’s interconnected world, smartphones have become indispensable tools, playing critical roles in various daily activities, from food delivery to medical appointments. However, the increasing reliance on these devices raises urgent concerns about their security vulnerabilities. Recent findings from Oversecured, a cybersecurity startup, underscore the profound risks associated with mobile…

Read MoreSummary of Major Mobile Security Threats in 2022