The Breach News

Kaseya Issues Patches for Vulnerabilities Targeted in Major Ransomware Attack

In a significant cybersecurity response, Kaseya, a software vendor based in Florida, released urgent updates on Sunday to rectify critical vulnerabilities in its Virtual System Administrator (VSA) solution. This action follows a massive ransomware incident that exploited VSA to target up to 1,500 businesses globally, a situation categorized as a…

Read MoreKaseya Issues Patches for Vulnerabilities Targeted in Major Ransomware Attack

Indian Government Mandates Organizations to Report Security Breaches to CERT-In Within 6 Hours

On Thursday, India’s Computer Emergency Response Team (CERT-In) announced new regulations mandating that service providers, intermediaries, and government entities report cybersecurity incidents, including data breaches, within six hours. This move is aimed at enhancing the national cybersecurity framework, reflecting an urgency to respond effectively to emerging threats. The government clarified,…

Read MoreIndian Government Mandates Organizations to Report Security Breaches to CERT-In Within 6 Hours

Shutdown Delays Federal Response to F5 Hack

Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Government Major Staffing Cuts and Furloughs Impede Federal Response to F5 Cyberattack Chris Riotta (@chrisriotta) • November 4, 2025 Image: Alexeenko Alexey/Shutterstock The U.S. government is grappling with the aftermath of a sophisticated cyber breach involving F5, an application security vendor, believed…

Read MoreShutdown Delays Federal Response to F5 Hack

Penn Braces for Alumni Lawsuits After Major Data Breach

Following a recent security breach involving “select information systems,” the University of Pennsylvania is facing multiple class action lawsuits. These legal actions assert that the institution failed to implement adequate measures to safeguard sensitive data. As of this report, The Daily Pennsylvanian has identified four lawsuits initiated by Penn graduates.…

Read MorePenn Braces for Alumni Lawsuits After Major Data Breach

Critical Vulnerability in Kubernetes Image Builder Poses Root Access Risk to Nodes

A significant security vulnerability has emerged within the Kubernetes Image Builder, posing a risk of unauthorized root access under specific conditions. The flaw, identified as CVE-2024-9486 and rated with a critical CVSS score of 9.8, has been resolved in the latest release, version 0.1.38. The vulnerability was reported by security…

Read MoreCritical Vulnerability in Kubernetes Image Builder Poses Root Access Risk to Nodes

Geopolitical Risks Intensify for Cyber-Physical Systems

Critical Infrastructure Security, Governance & Risk Management, Operational Technology (OT) Geopolitical Turbulence Fuels New Threats to Operational Technology and Supply Chains Brian Pereira (creed_digital) • November 4, 2025 Research from Claroty indicates that a significant cyber-physical breach is likely within the next year. (Image: Shutterstock) The current landscape of global…

Read MoreGeopolitical Risks Intensify for Cyber-Physical Systems

Hackers Leverage Roundcube Webmail XSS Flaw to Capture Login Credentials

An emerging cybersecurity threat has surfaced, centered around the exploitation of a recently patched vulnerability in the open-source Roundcube webmail software. This vulnerability has been targeted as part of a phishing campaign aimed at stealing user credentials from various organizations. The cybersecurity firm Positive Technologies reported the discovery of a…

Read MoreHackers Leverage Roundcube Webmail XSS Flaw to Capture Login Credentials