The Breach News

Phishing Attack Targets Over 80 Organizations Utilizing SimpleHelp and ScreenConnect RMM Tools

A recent active phishing campaign, identified under the codename VENOMOUS#HELPER, has been reported to be targeting various organizations since at least April 2025. This malicious endeavor involves legitimate Remote Monitoring and Management (RMM) software to facilitate sustained remote access to compromised systems. Securonix’s analysis indicates that the campaign has affected…

Read MorePhishing Attack Targets Over 80 Organizations Utilizing SimpleHelp and ScreenConnect RMM Tools

Signal Messenger Bug Allows Callers to Auto-Connect Without Receiver’s Consent

Recent discoveries in the realm of cybersecurity have unveiled a significant vulnerability within Signal Private Messenger, an application renowned for its robust security features. This discovery, made by Natalie Silvanovich of Google Project Zero, delineates a logical flaw affecting the Android version of the messaging platform. The vulnerability presents a…

Read MoreSignal Messenger Bug Allows Callers to Auto-Connect Without Receiver’s Consent

Microsoft Reveals Phishing Campaign Affecting 35,000 Users in 26 Countries

Microsoft has revealed a comprehensive credential theft operation that exploited themes related to code of conduct, utilizing legitimate email services to redirect users to domains controlled by attackers and extract authentication tokens. This multi-faceted campaign occurred between April 14 and April 16, 2026, affecting over 35,000 users from more than…

Read MoreMicrosoft Reveals Phishing Campaign Affecting 35,000 Users in 26 Countries

vBulletin Issues Patch Update for Recent RCE and SQL Injection Vulnerabilities

New vBulletin Patch Addresses Critical Security Vulnerabilities vBulletin, a popular forum software utilized by over 100,000 websites, has released a crucial security patch addressing three significant vulnerabilities that could lead to severe security breaches. The company previously patched a zero-day remote code execution vulnerability last month and now has identified…

Read MorevBulletin Issues Patch Update for Recent RCE and SQL Injection Vulnerabilities

We Analyzed 1 Million Exposed AI Services: The Alarming State of Security Revealed

As the software industry has evolved over recent decades to enhance product security, the rapid adoption of artificial intelligence (AI) threatens to undermine these advancements. Companies are rapidly implementing self-hosted large language model (LLM) infrastructures, driven by the potential of AI as a transformative tool and the urgency to increase…

Read MoreWe Analyzed 1 Million Exposed AI Services: The Alarming State of Security Revealed

SIM Cards in 29 Countries at Risk of Remote Simjacker Attacks

Recently, cybersecurity researchers have spotlighted a significant vulnerability known as SimJacker, affecting a variety of SIM cards. This flaw can be exploited remotely, allowing attackers to gain unauthorized access to mobile devices through a meticulously crafted binary SMS. The implications are severe, as the vulnerability poses a risk to countless…

Read MoreSIM Cards in 29 Countries at Risk of Remote Simjacker Attacks