The Breach News

LastPass Discloses Additional Attack Leading to Breach of Encrypted Password Vaults

In December 2022, LastPass disclosed a significant data breach that permitted cybercriminals to access encrypted password vaults. This breach resulted from a coordinated second attack, leveraging vulnerabilities that emerged from an earlier incident. According to the company, a DevOps engineer’s personal computer was compromised through a keylogger, enabling unauthorized access…

Read MoreLastPass Discloses Additional Attack Leading to Breach of Encrypted Password Vaults

DataBreachToday: Infostealers on the Loose

Cybercrime, Fraud Management & Cybercrime, Identity & Access Management Malware Captures Billions of Credentials Mathew J. Schwartz (euroinfosec) • October 24, 2025 Image: Shutterstock Credential theft via infostealers has escalated to alarming levels, as cybercriminals continuously adapt to enhanced security measures. By infiltrating corporate systems with malware that captures session…

Read MoreDataBreachToday: Infostealers on the Loose

Everest Ransomware Reports AT&T Careers Data Breach Involving 576K Records – Hackread – Your Source for Cybersecurity News, Data Breaches, Tech, AI, Crypto, and More

A recent listing on a dark web data leak site operated by the Everest ransomware group claims to have accessed 576,686 personal records associated with AT&T Careers, the recruitment platform of the telecommunications giant. This platform facilitates role applications, resume submissions, and career management for both applicants and employees. This…

Read MoreEverest Ransomware Reports AT&T Careers Data Breach Involving 576K Records – Hackread – Your Source for Cybersecurity News, Data Breaches, Tech, AI, Crypto, and More

Oracle Alerts Users to Active Exploitation of Agile PLM Vulnerability

Oracle has issued a warning regarding a critical security vulnerability in its Agile Product Lifecycle Management (PLM) Framework, which has been actively exploited in real-world scenarios. The flaw, designated as CVE-2024-21287, boasts a CVSS score of 7.5, indicating its severity and potential impact. This vulnerability is particularly concerning because it…

Read MoreOracle Alerts Users to Active Exploitation of Agile PLM Vulnerability

Researchers Discover ‘Pink’ Botnet Malware Responsible for Infecting Over 1.6 Million Devices

Recent research has unveiled details of what is being referred to as the largest botnet discovered in the past six years, known as “Pink.” This sophisticated malware has reportedly infected over 1.6 million devices, predominantly located in China. Its primary objectives include orchestrating Distributed Denial-of-Service (DDoS) attacks and injecting ads…

Read MoreResearchers Discover ‘Pink’ Botnet Malware Responsible for Infecting Over 1.6 Million Devices

This Browser Promises “Perfect Privacy Protection,” Yet Functions Like Malware

The Universe Browser has drawn attention with bold claims, positioning itself as the fastest web browser while promising enhanced privacy and safety for its users. However, a deeper examination raises significant concerns about its operations and potential risks to users. Recent research by Infoblox, a network security firm, has uncovered…

Read MoreThis Browser Promises “Perfect Privacy Protection,” Yet Functions Like Malware

LastPass Data Breach: Engineer’s Oversight in Updating Plex Software Results in Major Security Incident

A significant security breach has compromised the password management platform LastPass, originating from a lapse in software maintenance by one of its engineers. This incident underscores the critical risks associated with neglecting timely software updates. In a disclosure made last week, LastPass provided insights into how attackers leveraged information obtained…

Read MoreLastPass Data Breach: Engineer’s Oversight in Updating Plex Software Results in Major Security Incident

Montana Officials Investigating BCBS Breach Linked to Vendor

Data Breach Notification, Data Security, Healthcare Regulators Investigate Potential Delay in Notification of Breach Affecting 462,000 Insurance Members Marianne Kolbasuk McGee (HealthInfoSec) • October 23, 2025 Montana state officials are probing a data breach at Blue Cross Blue Shield of Montana linked to a vendor. (Image: BCBSMT) Montana state regulators…

Read MoreMontana Officials Investigating BCBS Breach Linked to Vendor

Toys ‘R’ Us Canada Customer Data Breach: Information Exposed Online – SecurityWeek

Toys ‘R’ Us Canada Customer Information Leaked Online In a significant cybersecurity incident, customer information from Toys ‘R’ Us Canada has reportedly been exposed online. The breach raises critical concerns regarding the safety of sensitive consumer data in an era where digital transactions are commonplace. The leaked information, which may…

Read MoreToys ‘R’ Us Canada Customer Data Breach: Information Exposed Online – SecurityWeek