The Breach News

Pegasus Spyware Allegedly Targeted iPhones of U.S. State Department Employees and Diplomats

December 4, 2021

Reports from Reuters and The Washington Post indicate that Apple has informed several U.S. Embassy and State Department staff that their iPhones might have been compromised by an unidentified attacker using state-sponsored spyware developed by the controversial Israeli firm NSO Group. At least 11 officials, either stationed in Uganda or involved in matters related to the country, reportedly had their iPhones, linked to their overseas numbers, singled out. The identities of the perpetrators and the specific information sought remain unclear. These incidents represent the first known use of this advanced surveillance tool against U.S. government personnel. NSO Group produces Pegasus, military-grade spyware that enables clients to discreetly access files, photos, and conversations.

Pegasus Spyware Compromises iPhones of U.S. State Department Officials On December 4, 2021, reports emerged indicating that iPhones belonging to employees of the U.S. State Department, including several stationed at the U.S. Embassy in Uganda, may have been compromised through the use of state-sponsored spyware developed by the Israeli firm…

Read More

Pegasus Spyware Allegedly Targeted iPhones of U.S. State Department Employees and Diplomats

December 4, 2021

Reports from Reuters and The Washington Post indicate that Apple has informed several U.S. Embassy and State Department staff that their iPhones might have been compromised by an unidentified attacker using state-sponsored spyware developed by the controversial Israeli firm NSO Group. At least 11 officials, either stationed in Uganda or involved in matters related to the country, reportedly had their iPhones, linked to their overseas numbers, singled out. The identities of the perpetrators and the specific information sought remain unclear. These incidents represent the first known use of this advanced surveillance tool against U.S. government personnel. NSO Group produces Pegasus, military-grade spyware that enables clients to discreetly access files, photos, and conversations.

Title: Vulnerability of Small Satellite Terminals (VSATs) to Cyber Attacks

Published on: January 10, 2014

Military units relying on very small aperture terminals (VSATs) for satellite communications in remote areas face significant cyber attack risks. IntelCrawler, a cyber intelligence firm, has identified nearly 3 million VSATs, with a substantial number located in the United States. Alarmingly, around 10,000 of these systems are easily accessible due to configuration vulnerabilities. “Since 2010, we have scanned the entire IPv4 address space and continually update our Big Data intelligence database, which includes information about the satellite operators’ networks, such as INMARSAT, Asia Broadcast Satellite, and others, highlighting various vulnerabilities,” the researchers explained. The study indicates that VSATs, which support data transmission rates from 4 kbps to 16 Mbps for narrow and broadband applications, are particularly susceptible to cyber threats. These terminals are frequently employed for transmitting narrowband data like credit card transactions, polling, or RFID data, as well as broadband data for VoIP communications.

Small Satellite Terminals (VSATs) Present Cybersecurity Risks January 10, 2014 Recent investigative efforts by IntelCrawler, a cyber intelligence firm, have shed light on a significant vulnerability affecting military units dependent on very small aperture terminals (VSATs) for satellite communication. These terminals, widely used in remote locations, are exposing critical military…

Read More

Title: Vulnerability of Small Satellite Terminals (VSATs) to Cyber Attacks

Published on: January 10, 2014

Military units relying on very small aperture terminals (VSATs) for satellite communications in remote areas face significant cyber attack risks. IntelCrawler, a cyber intelligence firm, has identified nearly 3 million VSATs, with a substantial number located in the United States. Alarmingly, around 10,000 of these systems are easily accessible due to configuration vulnerabilities. “Since 2010, we have scanned the entire IPv4 address space and continually update our Big Data intelligence database, which includes information about the satellite operators’ networks, such as INMARSAT, Asia Broadcast Satellite, and others, highlighting various vulnerabilities,” the researchers explained. The study indicates that VSATs, which support data transmission rates from 4 kbps to 16 Mbps for narrow and broadband applications, are particularly susceptible to cyber threats. These terminals are frequently employed for transmitting narrowband data like credit card transactions, polling, or RFID data, as well as broadband data for VoIP communications.

Attackers Exploit Zero-Day Vulnerability in Fortinet Security Software

Governance & Risk Management, Network Firewalls, Network Access Control, Patch Management Vendor Releases Emergency Patch for Critical Vulnerability in FortiClient Endpoint Management Server Mathew J. Schwartz (euroinfosec) • April 6, 2026 Image: Shutterstock Fortinet has initiated an urgent response to a significant security threat by releasing emergency patches in light…

Read MoreAttackers Exploit Zero-Day Vulnerability in Fortinet Security Software

Urgent Log4J Vulnerability Poses Significant Threat to Internet Security

Dec 11, 2021

The Apache Software Foundation has addressed a critical zero-day vulnerability in the widely-used Apache Log4j Java logging library, actively exploited to execute malicious code and potentially gain full control over affected systems. Identified as CVE-2021-44228 and known as Log4Shell or LogJam, this flaw allows unauthenticated remote code execution (RCE) in applications utilizing this open-source tool, impacting versions from Log4j 2.0-beta9 to 2.14.1. The bug received a maximum severity score of 10 on the CVSS rating scale. The Apache Foundation’s advisory states, “An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.” Starting with Log4j version 2.15.0, this functionality has been disabled by default. Exploitation can be performed with minimal effort…

Severe Log4J Vulnerability Poses Significant Threat to Internet Security December 11, 2021 The Apache Software Foundation has disclosed critical updates addressing a zero-day vulnerability actively exploited within the widely adopted Apache Log4j Java logging library. This vulnerability has the potential to allow malicious actors to execute arbitrary code, resulting in…

Read More

Urgent Log4J Vulnerability Poses Significant Threat to Internet Security

Dec 11, 2021

The Apache Software Foundation has addressed a critical zero-day vulnerability in the widely-used Apache Log4j Java logging library, actively exploited to execute malicious code and potentially gain full control over affected systems. Identified as CVE-2021-44228 and known as Log4Shell or LogJam, this flaw allows unauthenticated remote code execution (RCE) in applications utilizing this open-source tool, impacting versions from Log4j 2.0-beta9 to 2.14.1. The bug received a maximum severity score of 10 on the CVSS rating scale. The Apache Foundation’s advisory states, “An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.” Starting with Log4j version 2.15.0, this functionality has been disabled by default. Exploitation can be performed with minimal effort…

Over 100,000 Refrigerators and Smart Appliances Hacked in Cyber Attack

Jan 18, 2014

Are you unaware that “zombies” could be lurking in your home? It might surprise you to learn that it’s not just computers and smartphones at risk—now even your household appliances can become weapons or victims in the realm of cyber warfare. Security researchers from Proofpoint recently discovered over 100,000 compromised smart devices, including refrigerators and TVs, that were hijacked by hackers to send out 750,000 malicious spam emails. As the Internet of Things gains traction, cybercriminals have seized this opportunity to launch large-scale attacks. The intrusion tracked by Proofpoint took place between December 23, 2013, and January 6, 2014, featuring aggressive email campaigns that targeted enterprises and individuals worldwide, sending out bursts of 100,000 emails three times daily. This marks the first documented case of smart appliances being utilized in such a manner, transitioning from theoretical discussion to a tangible threat.

Over 100,000 Home Appliances Hacked to Facilitate Cyber Attack January 18, 2014 A significant cybersecurity breach has been reported involving more than 100,000 compromised smart devices, including refrigerators and televisions, which were exploited by hackers to dispatch approximately 750,000 spam emails. Security researchers from Proofpoint have uncovered this alarming trend,…

Read More

Over 100,000 Refrigerators and Smart Appliances Hacked in Cyber Attack

Jan 18, 2014

Are you unaware that “zombies” could be lurking in your home? It might surprise you to learn that it’s not just computers and smartphones at risk—now even your household appliances can become weapons or victims in the realm of cyber warfare. Security researchers from Proofpoint recently discovered over 100,000 compromised smart devices, including refrigerators and TVs, that were hijacked by hackers to send out 750,000 malicious spam emails. As the Internet of Things gains traction, cybercriminals have seized this opportunity to launch large-scale attacks. The intrusion tracked by Proofpoint took place between December 23, 2013, and January 6, 2014, featuring aggressive email campaigns that targeted enterprises and individuals worldwide, sending out bursts of 100,000 emails three times daily. This marks the first documented case of smart appliances being utilized in such a manner, transitioning from theoretical discussion to a tangible threat.

Apple Releases Backported Fix for CVE-2025-43300 Following Targeted Spyware Attack

September 16, 2025
Vulnerability | Spyware

On Monday, Apple announced backported fixes for the recently addressed security vulnerability CVE-2025-43300, which has been actively exploited. This critical flaw, with a CVSS score of 8.8, is an out-of-bounds write issue in the ImageIO component that can lead to memory corruption when processing malicious image files. Apple noted that this vulnerability may have been leveraged in a sophisticated attack against specific individuals. In a related development, WhatsApp reported a vulnerability (CVE-2025-55177, CVSS score: 5.4) within its iOS and macOS messaging apps that was exploited alongside CVE-2025-43300 in targeted spyware attacks against fewer than 200 victims. The original fix for the vulnerability was rolled out by Apple in late August with the releases of iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Ventura 13.7.8, macOS Sonoma 14.7.8, and macOS Sequoia 15.6.1. Additional releases have also been made for other platforms…

Apple Addresses Vulnerability CVE-2025-43300 After Reports of Targeted Spyware Attacks September 16, 2025 Apple has recently implemented backported fixes for a significant security vulnerability, CVE-2025-43300, which has reportedly been exploited in sophisticated, targeted spyware incidents. The flaw, rated 8.8 on the CVSS scale, pertains to an out-of-bounds write issue within…

Read More

Apple Releases Backported Fix for CVE-2025-43300 Following Targeted Spyware Attack

September 16, 2025
Vulnerability | Spyware

On Monday, Apple announced backported fixes for the recently addressed security vulnerability CVE-2025-43300, which has been actively exploited. This critical flaw, with a CVSS score of 8.8, is an out-of-bounds write issue in the ImageIO component that can lead to memory corruption when processing malicious image files. Apple noted that this vulnerability may have been leveraged in a sophisticated attack against specific individuals. In a related development, WhatsApp reported a vulnerability (CVE-2025-55177, CVSS score: 5.4) within its iOS and macOS messaging apps that was exploited alongside CVE-2025-43300 in targeted spyware attacks against fewer than 200 victims. The original fix for the vulnerability was rolled out by Apple in late August with the releases of iOS 18.6.2, iPadOS 18.6.2, iPadOS 17.7.10, macOS Ventura 13.7.8, macOS Sonoma 14.7.8, and macOS Sequoia 15.6.1. Additional releases have also been made for other platforms…

Recent BreachForums Relaunch Linked to Impersonation of ShinyHunters Admin

Cybercrime , Data Security , Fraud Management & Cybercrime Post-Reboot, Cybercrime Group Claims No Ties to Hacker Site Mathew J. Schwartz (euroinfosec) • April 3, 2026 Image: Shutterstock BreachForums continues to be a focal point of controversy following its recent reboot. An individual claiming affiliation with the ShinyHunters extortion group…

Read MoreRecent BreachForums Relaunch Linked to Impersonation of ShinyHunters Admin

Groups Oppose HHS’s Proposed Rollbacks on Health IT

Healthcare, Industry Specific, Standards, Regulations & Compliance Healthcare Groups Warn of Risks from HHS’ Proposed IT Certification Changes Marianne Kolbasuk McGee ( HealthInfoSec) • March 3, 2026 Proposed reductions in health IT certification requirements by HHS are facing resistance from industry groups concerned about privacy and security implications. (Image: Getty…

Read MoreGroups Oppose HHS’s Proposed Rollbacks on Health IT