The Breach News

DAEMON Tools Supply Chain Attack Infects Official Installers with Malware

Targeted Supply Chain Attack on DAEMON Tools Software Discovered A recent investigation by Kaspersky has revealed a sophisticated supply chain attack targeting DAEMON Tools software. The attack involves tampering with the software’s installers, which are distributed through the official DAEMON Tools website and are signed with valid digital certificates from…

Read MoreDAEMON Tools Supply Chain Attack Infects Official Installers with Malware

Facebook Offers Rewards to Hackers for Reporting Security Vulnerabilities in Third-Party Apps

In response to prior security incidents and data misuse involving its platform, Facebook has taken significant steps to enhance the security of third-party applications and websites through an expanded bug bounty program. This initiative aims to address vulnerabilities in external apps that interface with Facebook, reinforcing the company’s commitment to…

Read MoreFacebook Offers Rewards to Hackers for Reporting Security Vulnerabilities in Third-Party Apps

MuddyWater Exploits Microsoft Teams for Credential Theft in Deceptive Ransomware Attack

In a recent incident, the Iranian state-sponsored hacking group known as MuddyWater has been implicated in a ransomware attack described as a “false flag” operation. This incident was tracked by Rapid7 in early 2026, where attackers exploited social engineering techniques utilizing Microsoft Teams to initiate their malicious activities. Initially perceived…

Read MoreMuddyWater Exploits Microsoft Teams for Credential Theft in Deceptive Ransomware Attack

New PHP Vulnerability Could Allow Attackers to Compromise Nginx-Hosted Sites

A newly identified vulnerability poses significant risks for PHP-based websites operating on NGINX servers with PHP-FPM enabled. This security flaw, identified as CVE-2019-11043, could enable unauthorized remote access to affected systems. Researchers have already released proof-of-concept (PoC) exploits demonstrating this vulnerability, highlighting its potential for exploitation across various configurations that…

Read MoreNew PHP Vulnerability Could Allow Attackers to Compromise Nginx-Hosted Sites

Amazon’s Ring Video Doorbell Exposes Your Wi-Fi Password to Attackers

Critical Security Flaw Discovered in Amazon’s Ring Video Doorbell Pro Devices In a recent disclosure by cybersecurity researchers at Bitdefender, a significant vulnerability has been identified in Amazon’s Ring Video Doorbell Pro devices. This flaw presents an opportunity for nearby attackers to intercept WiFi passwords and potentially execute a variety…

Read MoreAmazon’s Ring Video Doorbell Exposes Your Wi-Fi Password to Attackers

Cybercriminal Twins Nabbed After Accidentally Leaving Microsoft Teams Recording On

The troubling aftermath of an iPhone theft may not merely lie in the loss itself but in the ensuing phishing threats aimed at contacts within the device. Recent investigations have uncovered a robust infrastructure enabling criminals to bypass iPhone security, subsequently exploiting the personal information of the phone’s owner. In…

Read MoreCybercriminal Twins Nabbed After Accidentally Leaving Microsoft Teams Recording On

One Click to Total Shutdown: The ‘Patient Zero’ Webinar on Eliminating Stealth Breaches

The most significant challenge in cybersecurity isn’t the technology itself; rather, it’s the human factor involved. Most high-profile breaches you may have heard about share a common origin: one employee, an enticing email, and an initial infection—often referred to as “Patient Zero.” In 2026, cybercriminals have taken to employing AI…

Read MoreOne Click to Total Shutdown: The ‘Patient Zero’ Webinar on Eliminating Stealth Breaches

New ZombieLoad v2 Attack Targets Intel’s Latest Cascade Lake CPUs

A significant vulnerability, identified as ZombieLoad v2, has been unveiled, posing a threat to recent Intel processors, including the Cascade Lake series, previously considered resistant to numerous known vulnerabilities like Meltdown and Foreshadow. This new variant was first uncovered in May and falls under the category of microarchitectural data sampling…

Read MoreNew ZombieLoad v2 Attack Targets Intel’s Latest Cascade Lake CPUs