The Breach News

GlassWorm Malware Targets Developers via OpenVSX Marketplace – Hackread – Your Source for Cybersecurity News, Data Breaches, Tech, AI, Crypto, and More

A recent cyber threat known as GlassWorm has been detected, specifically targeting developers utilizing Visual Studio Code extensions via the OpenVSX marketplace. Koi Security unveiled this campaign, which leverages trusted extensions to automatically propagate across various development environments while employing stolen credentials to facilitate further infections. Distinct from typical malware…

Read MoreGlassWorm Malware Targets Developers via OpenVSX Marketplace – Hackread – Your Source for Cybersecurity News, Data Breaches, Tech, AI, Crypto, and More

Chinese Hackers Deploy GHOSTSPIDER Malware to Target Telecoms in Over 12 Countries

Recent analysis has revealed that the China-linked hacking group, known as Earth Estries, is employing a previously unidentified backdoor named GHOSTSPIDER in its cyber operations directed at telecommunications firms in Southeast Asia. This development highlights an evolving threat landscape, where traditional boundaries of cybersecurity are increasingly tested. Trend Micro, which…

Read MoreChinese Hackers Deploy GHOSTSPIDER Malware to Target Telecoms in Over 12 Countries

Iran’s Lyceum Hackers Strike Telecoms and ISPs in Israel, Saudi Arabia, and Africa

Recent investigations have unveiled that a state-sponsored threat actor believed to have ties to Iran has conducted a series of targeted cyberattacks against internet service providers (ISPs) and telecommunications operators in countries such as Israel, Morocco, Tunisia, and Saudi Arabia. Additionally, a ministry of foreign affairs in Africa was also…

Read MoreIran’s Lyceum Hackers Strike Telecoms and ISPs in Israel, Saudi Arabia, and Africa

Cache Poisoning Vulnerabilities Discovered in Two DNS Resolution Applications

Critical Vulnerabilities Identified in BIND Could Enable Cache Poisoning Attacks A recent disclosure from BIND developers has outlined significant vulnerabilities linked to the software’s Pseudo Random Number Generator (PRNG). These flaws may allow attackers to predict the source port and query ID employed by BIND, potentially allowing for successful spoofing…

Read MoreCache Poisoning Vulnerabilities Discovered in Two DNS Resolution Applications

Western Digital Faces Network Security Breach: Key Services Disrupted!

Western Digital Reports Network Security Breach In a significant disclosure, Western Digital, a leading data storage manufacturer, announced on Monday that it experienced a “network security incident” resulting from unauthorized access to its systems. The breach, which occurred on March 26, 2023, allowed an unnamed third party to infiltrate several…

Read MoreWestern Digital Faces Network Security Breach: Key Services Disrupted!

US Cyber Defense Weakens for the First Time in Five Years

Government, Industry Specific CISA Budget and Staffing Cuts Undermine National Cyber Readiness, Officials Warn Chris Riotta (@chrisriotta) • October 22, 2025 Mark Montgomery, senior director of the Center on Cyber and Technology Innovation, October 22, 2025. (Image: FDD/ISMG) The Cyberspace Solarium Commission has reported a significant setback in U.S. federal…

Read MoreUS Cyber Defense Weakens for the First Time in Five Years

Incruit Penalized 463 Million Won for Data Breach Impacting 7.27 Million Users – Chosun Ilbo

Incruit Fined 463 Million Won for Data Breach Affecting 7.27 Million Members In a significant incident illustrating the vulnerabilities businesses face in today’s digital landscape, Incruit has been fined 463 million won due to a severe data breach impacting approximately 7.27 million of its users. The breach not only highlights…

Read MoreIncruit Penalized 463 Million Won for Data Breach Impacting 7.27 Million Users – Chosun Ilbo

Romantic Comedy Uncovers Sophisticated Cyberattacks Targeting Zero-Day Flaws in Firefox and Windows

RomCom Exploits Zero-Day Vulnerabilities in Firefox and Windows A sophisticated cyber operation attributed to the Russia-aligned threat actor known as RomCom has been reported, focusing on the exploitation of two zero-day vulnerabilities—one in Mozilla Firefox and another in Microsoft Windows. These attacks have been designed to deploy RomCom’s proprietary backdoor…

Read MoreRomantic Comedy Uncovers Sophisticated Cyberattacks Targeting Zero-Day Flaws in Firefox and Windows

TrickBot Operators Collaborate with Shathak Attackers for Conti Ransomware Campaign

Recent intelligence reveals a troubling collaboration between the TrickBot Trojan operators and the Shathak threat group. This partnership aims to deliver various forms of malware, culminating in the deployment of Conti ransomware on compromised systems. This evolution highlights the sophistication of recent cybercrime tactics, signaling an increasing urgency for businesses…

Read MoreTrickBot Operators Collaborate with Shathak Attackers for Conti Ransomware Campaign