The Breach News

Google Reveals 20-Year-Old Unfixed Vulnerability Impacting All Windows Versions

In a significant cybersecurity development, a Google security researcher has uncovered a critical vulnerability that has remained unaddressed for two decades in Microsoft Windows. This flaw, tracked as CVE-2019-1162, affects all versions of the operating system, from Windows XP to the latest iteration, Windows 10. Following the recent patch Tuesday…

Read MoreGoogle Reveals 20-Year-Old Unfixed Vulnerability Impacting All Windows Versions

RondoDox Botnet Takes Advantage of 2018 Vulnerability to Compromise ASUS Routers

Recent research from cybersecurity firm VulnCheck has unveiled that cybercriminals are increasingly targeting outdated models of ASUS routers by exploiting a software vulnerability identified back in 2018, classified as CVE-2018-5999. This security flaw represents a critical unauthenticated configuration update vulnerability, boasting a CVSS score of 9.8 out of 10, enabling…

Read MoreRondoDox Botnet Takes Advantage of 2018 Vulnerability to Compromise ASUS Routers

Four New ‘Wormable’ Windows Remote Desktop Vulnerabilities Discovered, Similar to BlueKeep

Business owners using supported versions of the Windows operating system are urged to immediately install the latest security updates from Microsoft to mitigate a critical set of vulnerabilities recently identified. These vulnerabilities, four in total, are concerning due to their wormable nature, enabling remote code execution via Remote Desktop Services…

Read MoreFour New ‘Wormable’ Windows Remote Desktop Vulnerabilities Discovered, Similar to BlueKeep

Texas AG Files Lawsuit Against Meta Over WhatsApp’s End-to-End Encryption Claims

The Texas Attorney General has initiated legal action against Meta, asserting that the company’s WhatsApp messaging platform, which boasts over 3 billion users, does not deliver the end-to-end encryption (E2EE) it has consistently advertised. This controversy centers around the definition of E2EE, which is designed to ensure that messages are…

Read MoreTexas AG Files Lawsuit Against Meta Over WhatsApp’s End-to-End Encryption Claims

Vercel Discovers Additional Compromised Accounts from Context.ai-Related Breach

Vercel has disclosed that it recently identified additional customer accounts that were compromised in a significant security incident that resulted in unauthorized access to its internal systems. This revelation follows an extensive investigation which broadened to include various compromise indicators, along with an analysis of network requests and logs detailing…

Read MoreVercel Discovers Additional Compromised Accounts from Context.ai-Related Breach

New Bluetooth Flaw Allows Attackers to Eavesdrop on Encrypted Connections

Across the globe, over one billion Bluetooth-enabled devices—including smartphones, laptops, smart IoT devices, and industrial equipment—are exposed to a significant vulnerability that could enable attackers to monitor data exchanged between paired devices. This flaw, known by its designation CVE-2019-9506, stems from weaknesses in the encryption key negotiation protocol used by…

Read MoreNew Bluetooth Flaw Allows Attackers to Eavesdrop on Encrypted Connections

Police Proudly Announce Breach of VPN Used by Criminals Who Thought They Were Secure

European law enforcement authorities have reported a significant breakthrough in cybersecurity operations, successfully infiltrating and dismantling a virtual private network (VPN) service known as First VPN, which was allegedly utilized for ransomware attacks and various criminal activities. This decisive action involved the identification of thousands of users linked to the…

Read MorePolice Proudly Announce Breach of VPN Used by Criminals Who Thought They Were Secure

Project Glasswing Demonstrates AI’s Ability to Identify Bugs—But Who Will Resolve Them?

Title: Anthropic’s Project Glasswing: A Game Changer in Vulnerability Discovery Last week, Anthropic unveiled Project Glasswing, an advanced AI model designed for identifying software vulnerabilities with unprecedented effectiveness. In response to its powerful capabilities, the company has made the unusual decision to delay the public release of the model, providing…

Read MoreProject Glasswing Demonstrates AI’s Ability to Identify Bugs—But Who Will Resolve Them?