The Breach News

Severe Vulnerability in Commvault Command Center Allows Remote Code Execution

April 24, 2025
Data Breach / Vulnerability

A significant security vulnerability has been identified in the Commvault Command Center, posing a risk for arbitrary code execution on compromised systems. This flaw, designated CVE-2025-34028, has a high CVSS score of 9.0 out of 10. Commvault indicated in an advisory released on April 17, 2025, that the vulnerability permits remote attackers to run arbitrary code without authentication, potentially leading to full system compromise. It affects the 11.38 Innovation Release, covering versions 11.38.0 to 11.38.19, and has been patched in versions 11.38.20 and 11.38.25. Sonny Macdonald, a researcher at watchTowr Labs who discovered and reported the issue on April 7, 2025, noted that it could be exploited for pre-authenticated remote code execution.

Critical Flaw in Commvault Command Center Exposes Systems to Remote Code Execution On April 17, 2025, Commvault alerted its users to a significant security vulnerability within the Command Center, designated as CVE-2025-34028. This flaw poses a severe risk, allowing remote attackers to execute arbitrary code without requiring authentication on impacted…

Read More

Severe Vulnerability in Commvault Command Center Allows Remote Code Execution

April 24, 2025
Data Breach / Vulnerability

A significant security vulnerability has been identified in the Commvault Command Center, posing a risk for arbitrary code execution on compromised systems. This flaw, designated CVE-2025-34028, has a high CVSS score of 9.0 out of 10. Commvault indicated in an advisory released on April 17, 2025, that the vulnerability permits remote attackers to run arbitrary code without authentication, potentially leading to full system compromise. It affects the 11.38 Innovation Release, covering versions 11.38.0 to 11.38.19, and has been patched in versions 11.38.20 and 11.38.25. Sonny Macdonald, a researcher at watchTowr Labs who discovered and reported the issue on April 7, 2025, noted that it could be exploited for pre-authenticated remote code execution.

Analyzing the Workday Breach: A Rising Trend in Data Breaches | Grip – Security Boulevard

Workday Breach Breakdown: A Growing Trend of Cybersecurity Incidents In a recent disturbing development, Workday, a leading provider of enterprise cloud applications for finance and human resources, has fallen victim to a significant data breach. This incident underscores the escalating threat landscape facing organizations across various sectors, as cybercriminals continuously…

Read MoreAnalyzing the Workday Breach: A Rising Trend in Data Breaches | Grip – Security Boulevard

Microsoft OneDrive File Picker Vulnerability Allows Full Access to Cloud Storage When Uploading a Single File

May 28, 2025
Data Privacy / Vulnerability

Cybersecurity researchers have identified a serious security flaw in Microsoft’s OneDrive File Picker. If exploited, this vulnerability could enable websites to gain access to a user’s entire cloud storage, rather than just the files intended for upload. According to the Oasis Research Team’s report to The Hacker News, the issue arises from overly broad OAuth scopes and unclear consent screens that do not adequately communicate the level of access being granted. This flaw poses significant risks, including potential customer data leaks and violations of compliance regulations. Affected applications may include ChatGPT, Slack, Trello, and ClickUp, all of which integrate with Microsoft’s cloud service. The core of the problem lies in the excessive permissions required by the OneDrive File Picker, which requests read access to the entire drive, even when only a single file is selected for upload, due to a lack of fine-grained permission controls.

Security Flaw in Microsoft OneDrive File Picker Exposes Users to Potential Data Breaches May 28, 2025 Recent findings from cybersecurity researchers at the Oasis Research Team have unveiled a serious vulnerability within Microsoft’s OneDrive File Picker. This flaw enables websites to gain unrestricted access to users’ entire cloud storage, even…

Read More

Microsoft OneDrive File Picker Vulnerability Allows Full Access to Cloud Storage When Uploading a Single File

May 28, 2025
Data Privacy / Vulnerability

Cybersecurity researchers have identified a serious security flaw in Microsoft’s OneDrive File Picker. If exploited, this vulnerability could enable websites to gain access to a user’s entire cloud storage, rather than just the files intended for upload. According to the Oasis Research Team’s report to The Hacker News, the issue arises from overly broad OAuth scopes and unclear consent screens that do not adequately communicate the level of access being granted. This flaw poses significant risks, including potential customer data leaks and violations of compliance regulations. Affected applications may include ChatGPT, Slack, Trello, and ClickUp, all of which integrate with Microsoft’s cloud service. The core of the problem lies in the excessive permissions required by the OneDrive File Picker, which requests read access to the entire drive, even when only a single file is selected for upload, due to a lack of fine-grained permission controls.

U.S. and U.K. Alert on Russian Hackers Utilizing Cisco Router Vulnerabilities for Espionage

April 19, 2023
Network Security / Cyber Espionage

Cybersecurity and intelligence agencies from the U.S. and U.K. have issued a warning about Russian state-sponsored actors exploiting recently patched vulnerabilities in Cisco networking equipment for reconnaissance and malware deployment against specific targets. These intrusions occurred in 2021 and affected a limited number of entities across Europe, U.S. government agencies, and around 250 Ukrainian victims. The activity has been linked to the threat group APT28, also known as Fancy Bear, Forest Blizzard (formerly Strontium), FROZENLAKE, and Sofacy, which is connected to the Russian General Staff Main Intelligence Directorate (GRU). The National Cyber Security Centre (NCSC) noted that APT28 gained access to vulnerable routers using default and weak SNMP community strings, as well as by exploiting CVE-2017-6742, a remote code execution vulnerability with a CVSS score of 8.8.

U.S. and U.K. Governments Alert on Russian Cyber Actors Exploiting Cisco Vulnerabilities On April 19, 2023, cybersecurity and intelligence agencies from the United States and the United Kingdom issued a warning regarding the activities of Russian state-sponsored hackers. These actors have been identified as exploiting previously patched vulnerabilities in Cisco…

Read More

U.S. and U.K. Alert on Russian Hackers Utilizing Cisco Router Vulnerabilities for Espionage

April 19, 2023
Network Security / Cyber Espionage

Cybersecurity and intelligence agencies from the U.S. and U.K. have issued a warning about Russian state-sponsored actors exploiting recently patched vulnerabilities in Cisco networking equipment for reconnaissance and malware deployment against specific targets. These intrusions occurred in 2021 and affected a limited number of entities across Europe, U.S. government agencies, and around 250 Ukrainian victims. The activity has been linked to the threat group APT28, also known as Fancy Bear, Forest Blizzard (formerly Strontium), FROZENLAKE, and Sofacy, which is connected to the Russian General Staff Main Intelligence Directorate (GRU). The National Cyber Security Centre (NCSC) noted that APT28 gained access to vulnerable routers using default and weak SNMP community strings, as well as by exploiting CVE-2017-6742, a remote code execution vulnerability with a CVSS score of 8.8.

Nevada State Offices Suspend Services Following Cyber Incident

Incident & Breach Response, Security Operations Nevada Faces Widespread IT Disruption, Leading to Service Suspension Chris Riotta (@chrisriotta) • August 25, 2025 Image: Alexander Lukatskiy/Shutterstock Nevada state agencies have suspended several in-person services as a result of a network security incident that disrupted local agency operations, officials confirmed on Monday.…

Read MoreNevada State Offices Suspend Services Following Cyber Incident

Senator Criticizes Federal Judiciary for Overlooking Essential Cybersecurity Measures

US Senator Ron Wyden has sharply criticized the federal judiciary for what he labels as “negligence and incompetence” following a cyberattack linked to Russian hackers. This incident has led to the exposure of sensitive court documents, underscoring vulnerabilities within the judiciary’s electronic case filing system. The breach, which impacts both…

Read MoreSenator Criticizes Federal Judiciary for Overlooking Essential Cybersecurity Measures

159 CVEs Reported Exploited in Q1 2025 — 28.3% Targeted Within 24 Hours of Disclosure

April 24, 2025
Vulnerability / Threat Intelligence

In the first quarter of 2025, a total of 159 CVE identifiers have been identified as actively exploited, a rise from 151 in the previous quarter. According to a report from VulnCheck shared with The Hacker News, the pace of exploitation remains rapid, with 28.3% of these vulnerabilities being targeted within a day of their disclosure. This accounts for 45 security flaws weaponized in real-world attacks shortly after being revealed. An additional 14 vulnerabilities were exploited within a month, while another 45 were abused over the course of a year. The majority of these vulnerabilities were found in content management systems (CMS), followed by network edge devices, operating systems, open-source software, and server software. Breakdown includes:

  • Content Management Systems (CMS): 35
  • Network Edge Devices: 29
  • Operating Systems: 24
  • Open Source Software: 14
  • Server Software: 14

159 CVEs Exploited in Q1 2025—28.3% Within 24 Hours of Disclosure April 24, 2025 In the first quarter of 2025, a total of 159 Common Vulnerabilities and Exposures (CVEs) have been identified as actively exploited, a notable increase from 151 in the previous quarter. According to a report from VulnCheck…

Read More

159 CVEs Reported Exploited in Q1 2025 — 28.3% Targeted Within 24 Hours of Disclosure

April 24, 2025
Vulnerability / Threat Intelligence

In the first quarter of 2025, a total of 159 CVE identifiers have been identified as actively exploited, a rise from 151 in the previous quarter. According to a report from VulnCheck shared with The Hacker News, the pace of exploitation remains rapid, with 28.3% of these vulnerabilities being targeted within a day of their disclosure. This accounts for 45 security flaws weaponized in real-world attacks shortly after being revealed. An additional 14 vulnerabilities were exploited within a month, while another 45 were abused over the course of a year. The majority of these vulnerabilities were found in content management systems (CMS), followed by network edge devices, operating systems, open-source software, and server software. Breakdown includes:

  • Content Management Systems (CMS): 35
  • Network Edge Devices: 29
  • Operating Systems: 24
  • Open Source Software: 14
  • Server Software: 14

Wyden Demands Investigation into Federal Judiciary Data Breaches, Citing ‘Negligence’

The Supreme Court is facing pressure for an independent investigation into the repercussions of recent cyberattacks and data breaches affecting the federal judiciary’s networks. On Monday, Senator Ron Wyden publicly urged Chief Justice John Roberts to authorize such a review, emphasizing a pressing need to understand the scope and implications…

Read MoreWyden Demands Investigation into Federal Judiciary Data Breaches, Citing ‘Negligence’

Over 100,000 WordPress Sites Vulnerable to Critical CVSS 10.0 Flaw in TI WooCommerce Wishlist Plugin

May 29, 2025 Vulnerability / Website Security

Cybersecurity experts have revealed a severe, unpatched security vulnerability affecting the TI WooCommerce Wishlist plugin for WordPress. This flaw can be exploited by unauthenticated attackers to upload arbitrary files. The TI WooCommerce Wishlist, with over 100,000 active installations, allows e-commerce customers to save their favorite products and share their lists on social media.

According to Patchstack researcher John Castro, “The plugin is susceptible to an arbitrary file upload vulnerability, enabling attackers to upload malicious files to the server without any authentication.” Identified as CVE-2025-47577, this vulnerability has a CVSS score of 10.0 and affects all versions up to and including 2.9.2, released on November 29, 2024. Currently, no patch is available. The website security firm pointed out that the vulnerability is linked to a function called “tinvwl_upload_file_wc_fields_factory,” which utilizes another native WordPress…

Over 100,000 WordPress Sites Vulnerable Due to Critical Flaw in Wishlist Plugin May 29, 2025 Vulnerability / Website Security A significant cybersecurity threat has emerged involving a critical security vulnerability in the TI WooCommerce Wishlist plugin for WordPress. Currently used by over 100,000 active installations, this plugin allows e-commerce customers…

Read More

Over 100,000 WordPress Sites Vulnerable to Critical CVSS 10.0 Flaw in TI WooCommerce Wishlist Plugin

May 29, 2025 Vulnerability / Website Security

Cybersecurity experts have revealed a severe, unpatched security vulnerability affecting the TI WooCommerce Wishlist plugin for WordPress. This flaw can be exploited by unauthenticated attackers to upload arbitrary files. The TI WooCommerce Wishlist, with over 100,000 active installations, allows e-commerce customers to save their favorite products and share their lists on social media.

According to Patchstack researcher John Castro, “The plugin is susceptible to an arbitrary file upload vulnerability, enabling attackers to upload malicious files to the server without any authentication.” Identified as CVE-2025-47577, this vulnerability has a CVSS score of 10.0 and affects all versions up to and including 2.9.2, released on November 29, 2024. Currently, no patch is available. The website security firm pointed out that the vulnerability is linked to a function called “tinvwl_upload_file_wc_fields_factory,” which utilizes another native WordPress…