The Breach News

Major Vulnerability in GoAhead Web Server Poses Risks to Numerous IoT Devices

New Vulnerabilities Discovered in GoAhead Web Server Software Cybersecurity experts from Cisco Talos have identified two significant vulnerabilities within the GoAhead web server software, a lightweight application commonly integrated into hundreds of millions of Internet-connected smart devices. This discovery raises serious concerns for organizations relying on these technologies. The first…

Read MoreMajor Vulnerability in GoAhead Web Server Poses Risks to Numerous IoT Devices

Zero-Day Exploit Completely Bypasses Default BitLocker Security in Windows 11

A recently uncovered zero-day exploit, known as YellowKey, poses a significant risk to Windows 11 systems. This exploit enables individuals with physical access to bypass the standard BitLocker encryption, allowing them to access secured drives within mere seconds. BitLocker is crucial for protecting sensitive information on enterprise machines, as it…

Read MoreZero-Day Exploit Completely Bypasses Default BitLocker Security in Windows 11

Critical Authentication Bypass and Privilege Escalation Vulnerabilities Revealed in OpenBSD

OpenBSD, a celebrated open-source operating system designed with a focus on security, has recently been identified as vulnerable to four critical security flaws. Among these, one particularly notable vulnerability is an authentication bypass issue within the BSD Auth framework. The remaining three vulnerabilities are related to privilege escalation, potentially enabling…

Read MoreCritical Authentication Bypass and Privilege Escalation Vulnerabilities Revealed in OpenBSD

China-Linked Twill Typhoon Employs Phony Apple and Yahoo Websites for Espionage Activities

Organizations across Japan and the Asia-Pacific region are facing a surge of cyberattacks attributed to a group known as Twill Typhoon. These attacks, which began in late September 2025, have raised alerts among cybersecurity experts at Darktrace, who note that the attackers employ sophisticated tactics to masquerade as legitimate services,…

Read MoreChina-Linked Twill Typhoon Employs Phony Apple and Yahoo Websites for Espionage Activities

New PlunderVolt Attack Exploits Intel SGX Enclaves by Adjusting CPU Voltage

A research team specializing in cybersecurity has unveiled a new method for exploiting the Intel Software Guard Extensions (SGX), a crucial feature designed to secure sensitive data within modern Intel processors. Named Plundervolt and categorized as CVE-2019-11157, this attack leverages the ability to manipulate frequency and voltage settings of processors.…

Read MoreNew PlunderVolt Attack Exploits Intel SGX Enclaves by Adjusting CPU Voltage

Vulnerability in Elementor and Beaver Addons Exposes WordPress Sites to Hacking Risks

Recently, critical vulnerabilities were identified in two prominent WordPress plugins: “Ultimate Addons for Beaver Builder” and “Ultimate Addons for Elementor.” These vulnerabilities pose significant risks for users who have not updated to the latest versions. Researchers have uncovered an authentication bypass vulnerability that allows attackers to gain administrative control of…

Read MoreVulnerability in Elementor and Beaver Addons Exposes WordPress Sites to Hacking Risks

DHS to Test ‘Reconnaissance’ Drones Along the US-Canada Border

DHS to Test Autonomous Drones and Vehicles at US-Canada Border The U.S. Department of Homeland Security (DHS), in partnership with Defense Research and Development Canada (DRDC), plans to deploy autonomous drones and vehicles along the U.S.-Canada border this November. The initiative aims to evaluate which technologies can effectively stream surveillance…

Read MoreDHS to Test ‘Reconnaissance’ Drones Along the US-Canada Border

This Vulnerability Could Allow Anyone to Crash WhatsApp for All Group Members

WhatsApp, the leading end-to-end encrypted messaging platform, has successfully addressed a serious flaw that could have allowed a malicious actor to crash the app for all members of a targeted group chat, as disclosed by The Hacker News. This vulnerability had the potential to disrupt the messaging experience for users,…

Read MoreThis Vulnerability Could Allow Anyone to Crash WhatsApp for All Group Members