The Breach News

CISA Alerts on Critical Ivanti vTM Vulnerability Due to Ongoing Exploitation Risks

Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a serious security vulnerability affecting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities (KEV) catalog, following indications of active exploitation in the wild. The vulnerability, identified as CVE-2024-7593, has a CVSS score of 9.8 and allows a remote,…

Read MoreCISA Alerts on Critical Ivanti vTM Vulnerability Due to Ongoing Exploitation Risks

Rapid7 Source Code Compromised in Codecov Supply Chain Incident

Rapid7 Source Code Repositories Compromised Following Codecov Incident Cybersecurity firm Rapid7 has disclosed that an unauthorized entity gained access to a limited subset of its source code repositories. This revelation follows a recent security breach linked to software auditing tool Codecov, which was compromised earlier this year due to a…

Read MoreRapid7 Source Code Compromised in Codecov Supply Chain Incident

ClickFix: The Unseen Security Risk Your Family Needs to Know About

Phishing Campaigns Targeting Booking.com Users Raise Security Concerns Recent reports highlight a sophisticated phishing campaign aimed primarily at Windows users, as detailed by cybersecurity experts. The attackers exploit compromised accounts from hotels listed on Booking.com or similar online travel services. By leveraging the sensitive information available in these accounts, they…

Read MoreClickFix: The Unseen Security Risk Your Family Needs to Know About

Twitch Experiences Major 125GB Data and Source Code Breach Due to Server Misconfiguration

Title: Twitch Faces Security Breach as Comprehensive Data Leak Exposes Internal Systems In a significant security incident, popular livestreaming platform Twitch has confirmed a data breach that exposed its source code, internal tools, and creator payout details. The breach came to light after an anonymous contributor leaked a trove of…

Read MoreTwitch Experiences Major 125GB Data and Source Code Breach Due to Server Misconfiguration

State Imposes $5.1M Penalty on Firm for Data Breach Impacting 3 Million Students

Data Privacy, Data Security, Healthcare State Authorities Highlight Security Lapses Leading to Illuminate Education’s Late 2021 Data Breach Marianne Kolbasuk McGee (HealthInfoSec) • November 10, 2025 Illuminate Education faces a $5.1 million settlement after a cyberattack in late 2021 that compromised data of over 3 million students. (Image: Illuminate) A…

Read MoreState Imposes $5.1M Penalty on Firm for Data Breach Impacting 3 Million Students

Wakefield & Associates Reports Client Data Breach – The HIPAA Journal

Wakefield & Associates Reports Client Data Breach In a recent development, Wakefield & Associates has publicly disclosed a breach involving sensitive client data. The incident highlights the ongoing vulnerabilities organizations face amidst a complex cybersecurity landscape. The breach, which reportedly impacts a significant number of clients, raises alarming concerns about…

Read MoreWakefield & Associates Reports Client Data Breach – The HIPAA Journal

Google’s Transition to Rust Programming Reduces Android Memory Vulnerabilities by 68%

Google has announced a significant development in its security measures, revealing a substantial reduction in memory-related vulnerabilities within the Android operating system. Over the last six years, the percentage of memory-safe vulnerabilities has dramatically decreased from 76% to just 24%. This shift aligns with the company’s secure-by-design approach, which has…

Read MoreGoogle’s Transition to Rust Programming Reduces Android Memory Vulnerabilities by 68%

Pakistan-Linked Hackers Expand Arsenal with New Windows Malware

Recent research has revealed that cybercriminals with potential links to Pakistan are employing social engineering tactics as part of a sophisticated espionage campaign targeting organizations in India. This operational strategy has become a critical aspect of their efforts to compromise various entities. The cyberattacks are attributed to a group known…

Read MorePakistan-Linked Hackers Expand Arsenal with New Windows Malware

Robinhood Trading App Experiences Data Breach, Compromising Information of 7 Million Users

Robinhood Reports Security Breach Affecting 7 Million Users On Monday, Robinhood disclosed a significant security breach that has impacted around 7 million customers, which represents roughly one-third of its user base. This incident allowed an unidentified threat actor to gain unauthorized access to personal information. The commission-free trading platform stated…

Read MoreRobinhood Trading App Experiences Data Breach, Compromising Information of 7 Million Users