The Breach News

Rackspace Verifies Play Ransomware Group as Cause of Recent Breach

Rackspace Confirms Ransomware Attack by Play Group On Thursday, cloud services provider Rackspace identified the ransomware group known as Play as the responsible party behind a recent security breach that occurred in December 2022. The breach targeted Rackspace’s Hosted Exchange email environment, taking advantage of a previously undisclosed vulnerability. The…

Read MoreRackspace Verifies Play Ransomware Group as Cause of Recent Breach

CISA Introduces a New Vision for the CVE Program: Will It Succeed?

CISA Reveals New Vision for CVE Program Amid Funding Concerns Chris Riotta (@chrisriotta) • September 11, 2025 Image: Mitre/Shutterstock/ISMG The Cybersecurity and Infrastructure Security Agency (CISA) has announced an updated vision for its Common Vulnerabilities and Exposures (CVE) program, a crucial system for tracking vulnerabilities worldwide. Despite the agency’s objectives,…

Read MoreCISA Introduces a New Vision for the CVE Program: Will It Succeed?

The US Becomes the Top Investor in Commercial Spyware

Paragon’s Accusations Highlight Growing Concerns in the Global Spyware Market Paragon has issued a strong response to findings from an investigative committee, claiming that Italian authorities have failed to perform a comprehensive technical verification that could have potentially clarified ongoing issues. This accusation emphasizes the need for thorough investigations to…

Read MoreThe US Becomes the Top Investor in Commercial Spyware

How Emerging AI Agents Will Revolutionize Credential Stuffing Attacks

Rising Threat of Credential Stuffing Attacks in 2024 In 2024, credential stuffing attacks have emerged as a significant cybersecurity concern, driven by a troubling cycle of infostealer malware infections and data breaches. The situation, already precarious, is poised to worsen with the advent of Computer-Using Agents (CUAs), a novel class…

Read MoreHow Emerging AI Agents Will Revolutionize Credential Stuffing Attacks

Vyro AI Breach Exposes Weak Cyber Hygiene Practices – Dark Reading

Vyro AI Leak Exposes Weaknesses in Cybersecurity Practices Recent revelations from a security breach involving Vyro AI have shed light on significant vulnerabilities in the company’s cybersecurity protocols. The incident, detailed in a report by Dark Reading, has raised serious concerns about the organization’s ability to safeguard sensitive data, prompting…

Read MoreVyro AI Breach Exposes Weak Cyber Hygiene Practices – Dark Reading

IcedID Malware Targets Again: Active Directory Domain Breached in Less Than 24 Hours

Malware Attack Utilizing IcedID Compromises Active Directory Domain A recent incident involving IcedID malware has raised significant alarms within the cybersecurity community, highlighting the persistent threat posed by sophisticated attacks. Within just 24 hours of gaining initial access, the threat actor successfully compromised the Active Directory domain of an unidentified…

Read MoreIcedID Malware Targets Again: Active Directory Domain Breached in Less Than 24 Hours

Apple’s Major Initiative to Address the iPhone’s Most Prevalent Vulnerabilities

On Tuesday, Apple unveiled a new lineup of iPhones featuring the innovative A19 and A19 Pro chips. Among these devices is a sleek iPhone Air, along with several redesigned models. However, it is a subtle yet significant enhancement—Memory Integrity Enforcement—that stands out, potentially marking a crucial advancement in device security.…

Read MoreApple’s Major Initiative to Address the iPhone’s Most Prevalent Vulnerabilities