The Breach News

125 New Vulnerabilities Discovered in Routers and NAS Devices from Leading Brands

In an era marked by rapid growth in connected consumer electronics and the Internet of Things (IoT), questions about the security of these devices have become increasingly pressing. With billions of gadgets—ranging from coffee makers to smart locks—connected to the internet, the vulnerabilities these systems present are drawing the attention…

Read More125 New Vulnerabilities Discovered in Routers and NAS Devices from Leading Brands

Report Reveals Data Brokers and AI Companies’ Opt-Out Forms Are Designed to Fail

Data Privacy Concerns Highlighted in Recent Research on Major Tech Firms Recent investigative findings from EPIC (Electronic Privacy Information Center) reveal significant shortcomings in the opt-out processes of prominent technology companies, raising alarms about consumer privacy rights. EPIC’s researchers discovered that platforms including Meta, X (formerly Twitter), OpenAI, and Tinder…

Read MoreReport Reveals Data Brokers and AI Companies’ Opt-Out Forms Are Designed to Fail

Cybercrime Groups Exploiting Vishing and SSO Abuse for Swift SaaS Extortion Attacks

Recent cybersecurity intelligence has uncovered the operations of two malicious groups identified as Cordial Spider and Snarky Spider. These groups are reportedly engaged in rapid, high-impact cyberattacks, predominantly targeting Software as a Service (SaaS) platforms while minimizing their digital footprints. The Cordial Spider group, also known by aliases such as…

Read MoreCybercrime Groups Exploiting Vishing and SSO Abuse for Swift SaaS Extortion Attacks

Alert: Researcher Uncovers phpMyAdmin Zero-Day Vulnerability Impacting All Versions

A cybersecurity research effort has revealed an unpatched zero-day vulnerability in phpMyAdmin, a widely-utilized application for managing MySQL and MariaDB databases. This tool is integral for many websites built on content management systems such as WordPress and Joomla. The vulnerability was identified by security researcher Manuel Garcia Cardenas, who characterized…

Read MoreAlert: Researcher Uncovers phpMyAdmin Zero-Day Vulnerability Impacting All Versions

30,000 Facebook Accounts Compromised in Google AppSheet Phishing Scheme

Recently uncovered cyber operations linked to Vietnamese threat actors have revealed a sophisticated method of launching phishing attacks using Google AppSheet as a conduit. This campaign aims to compromise Facebook accounts, with approximately 30,000 accounts reported hacked. The operation, identified as “AccountDumpling” by cybersecurity firm Guardio, entails the hijacked accounts…

Read More30,000 Facebook Accounts Compromised in Google AppSheet Phishing Scheme

Secret CISA Credentials Exposed in Public GitHub Repository: A Shocking Oversight

In a concerning development for U.S. cybersecurity, Brian Krebs has reported that the Cybersecurity and Infrastructure Agency (CISA) has inadvertently left a cache of sensitive information exposed on a public GitHub repository since at least November 2025. This repository, ominously named “Private-CISA,” has revealed plaintext passwords, SSH private keys, tokens,…

Read MoreSecret CISA Credentials Exposed in Public GitHub Repository: A Shocking Oversight

Trellix Confirms Breach of Source Code Following Unauthorized Repository Access

Trellix, a cybersecurity firm, has reported experiencing a breach that granted unauthorized access to a portion of its source code repository. The company has stated that it recently discovered this security compromise and is taking immediate steps to address the issue by collaborating with leading forensic experts. Additionally, Trellix has…

Read MoreTrellix Confirms Breach of Source Code Following Unauthorized Repository Access

iOS 13 Flaw Allows Third-Party Keyboards to Bypass ‘Full Access’ Denial

Following the recent release of iOS 13 and iPadOS, Apple has issued a critical security advisory regarding an unpatched vulnerability affecting third-party keyboard applications. This warning is particularly relevant for users of iPhones and iPads, as it presents a significant risk to personal data security. The issue arises from the…

Read MoreiOS 13 Flaw Allows Third-Party Keyboards to Bypass ‘Full Access’ Denial