In a significant cybersecurity incident, Reddit recently confirmed a data breach occurring in June that compromised user information, including current email addresses and data from a 2007 backup that contains usernames and hashed passwords. This breach appears to be a reaction from an aggrieved party dissatisfied with Reddit’s account ban…
Cybercrime, Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Vercel Issues Warning: Two Additional Vulnerabilities in React Server Components Urgently Require Patching Mathew J. Schwartz (@euroinfosec) • December 15, 2025 Image: Shutterstock/React/ISMG Experts warn that the React2Shell vulnerability is being exploited en masse by state-sponsored attackers connected to China, North…
Deadline Approaching for AT&T Customers to Claim Compensation AT&T customers are nearing the end of their opportunity to receive compensation related to a significant data breach that has impacted numerous individuals. This incident has raised substantial concerns regarding the security measures in place and the responsibility of companies to protect…
Recent developments in cybersecurity reveal a critical vulnerability affecting the Apache OfBiz open-source Enterprise Resource Planning (ERP) system. Researchers at VulnCheck have successfully created proof-of-concept (PoC) code exploiting the flaw, identified as CVE-2023-51467. This vulnerability, which carries a CVSS score of 9.8, allows attackers to execute a memory-resident payload, potentially…
New Timing Vulnerability Discovered in TLS: Raccoon Attack A recent study has revealed a significant timing vulnerability affecting the Transport Layer Security (TLS) protocol, potentially allowing attackers to compromise encryption and access sensitive communications under specific scenarios. Researchers have labeled this exploit the “Raccoon Attack,” targeting server-side operations in TLS…
A significant security incident has impacted 700Credit, a Fintech and data services entity based in Michigan, USA, which facilitates consumer financing options for dealerships in sectors such as auto, RV, powersports, and marine. According to the company’s breach notification, an “unauthorized access” event resulted in the copying of specific customer…
Snapchat Source Code Leaked on GitHub: Cybersecurity Implications Unfold Recently, the source code for Snapchat, a widely-used social media application, was unlawfully released online. This breach occurred when a hacker leaked the code on GitHub, a Microsoft-owned code repository. The GitHub account, registered under the name Khaled Alshehri with the…
Agentic AI, Artificial Intelligence & Machine Learning, Next-Generation Technologies & Secure Development Insights from ServiceNow’s Neeraj Jain on Managing Risk and Ensuring Real-Time Data Access for AI Michael Novinson (MichaelNovinson) • December 15, 2025 Neeraj Jain, Director of Product Management, Hyperscalers and Multi-Cloud, ServiceNow Organizations that incorporate governance into their…
Google to Discontinue Reporting on Data Breaches In a recent development, tech giant Google has announced that it will cease its reporting on data breaches. This shift has raised concerns within the cybersecurity community, particularly among business owners keenly monitoring the landscape of cyber threats. The decision is perceived as…
