The Breach News

Critical Authentication Bypass and Privilege Escalation Vulnerabilities Revealed in OpenBSD

OpenBSD, a celebrated open-source operating system designed with a focus on security, has recently been identified as vulnerable to four critical security flaws. Among these, one particularly notable vulnerability is an authentication bypass issue within the BSD Auth framework. The remaining three vulnerabilities are related to privilege escalation, potentially enabling…

Read MoreCritical Authentication Bypass and Privilege Escalation Vulnerabilities Revealed in OpenBSD

China-Linked Twill Typhoon Employs Phony Apple and Yahoo Websites for Espionage Activities

Organizations across Japan and the Asia-Pacific region are facing a surge of cyberattacks attributed to a group known as Twill Typhoon. These attacks, which began in late September 2025, have raised alerts among cybersecurity experts at Darktrace, who note that the attackers employ sophisticated tactics to masquerade as legitimate services,…

Read MoreChina-Linked Twill Typhoon Employs Phony Apple and Yahoo Websites for Espionage Activities

New PlunderVolt Attack Exploits Intel SGX Enclaves by Adjusting CPU Voltage

A research team specializing in cybersecurity has unveiled a new method for exploiting the Intel Software Guard Extensions (SGX), a crucial feature designed to secure sensitive data within modern Intel processors. Named Plundervolt and categorized as CVE-2019-11157, this attack leverages the ability to manipulate frequency and voltage settings of processors.…

Read MoreNew PlunderVolt Attack Exploits Intel SGX Enclaves by Adjusting CPU Voltage

Vulnerability in Elementor and Beaver Addons Exposes WordPress Sites to Hacking Risks

Recently, critical vulnerabilities were identified in two prominent WordPress plugins: “Ultimate Addons for Beaver Builder” and “Ultimate Addons for Elementor.” These vulnerabilities pose significant risks for users who have not updated to the latest versions. Researchers have uncovered an authentication bypass vulnerability that allows attackers to gain administrative control of…

Read MoreVulnerability in Elementor and Beaver Addons Exposes WordPress Sites to Hacking Risks

DHS to Test ‘Reconnaissance’ Drones Along the US-Canada Border

DHS to Test Autonomous Drones and Vehicles at US-Canada Border The U.S. Department of Homeland Security (DHS), in partnership with Defense Research and Development Canada (DRDC), plans to deploy autonomous drones and vehicles along the U.S.-Canada border this November. The initiative aims to evaluate which technologies can effectively stream surveillance…

Read MoreDHS to Test ‘Reconnaissance’ Drones Along the US-Canada Border

This Vulnerability Could Allow Anyone to Crash WhatsApp for All Group Members

WhatsApp, the leading end-to-end encrypted messaging platform, has successfully addressed a serious flaw that could have allowed a malicious actor to crash the app for all members of a targeted group chat, as disclosed by The Hacker News. This vulnerability had the potential to disrupt the messaging experience for users,…

Read MoreThis Vulnerability Could Allow Anyone to Crash WhatsApp for All Group Members

Microsoft Alerts Users to Active Attacks on Unpatched Zero-Day Vulnerability in Internet Explorer

Emerging Security Threat: Zero-Day Vulnerability Found in Internet Explorer In a pressing advisory issued today, Microsoft has warned millions of Windows users about a newly discovered zero-day vulnerability within the Internet Explorer (IE) browser. Despite IE’s decline in usage and impending obsolescence, this security flaw poses significant risks, as attackers…

Read MoreMicrosoft Alerts Users to Active Attacks on Unpatched Zero-Day Vulnerability in Internet Explorer