The Breach News

CERT-UA Reports Cyberattacks on Ukrainian State Systems Utilizing WRECKSTEEL Malware

In a concerning revelation, the Computer Emergency Response Team of Ukraine (CERT-UA) has reported three cyberattacks targeting state administration and critical infrastructure. The objective of these attacks appears to be data theft from sensitive governmental entities. According to CERT-UA, the coordinated campaign utilized compromised email accounts to dispatch phishing emails.…

Read MoreCERT-UA Reports Cyberattacks on Ukrainian State Systems Utilizing WRECKSTEEL Malware

Morocco Issues Alert for Gmail Users Following Significant Data Breach

Phishing Attempts Surge Following Major Data Breach Impacting Gmail Users Rabat, Morocco – In a worrying development, Morocco’s Center for Monitoring, Detection, and Response to Computer Attacks (maCERT) has issued a cautionary alert regarding a rise in phishing attempts specifically targeting Gmail users. This escalation follows the recent breach of…

Read MoreMorocco Issues Alert for Gmail Users Following Significant Data Breach

Vulnerabilities in AirPlay Allow Zero-Click Remote Code Execution on Apple Devices Through Public Wi-Fi

Recent disclosures from cybersecurity researchers have highlighted a series of vulnerabilities within Apple’s AirPlay protocol, which, if exploited, could allow attackers to gain control over various devices utilizing this wireless technology. These vulnerabilities, collectively referred to as “AirBorne” by the Israeli cyber firm, Oligo, open avenues for potential exploitation that…

Read MoreVulnerabilities in AirPlay Allow Zero-Click Remote Code Execution on Apple Devices Through Public Wi-Fi

Introducing the EX-22 Tool: Empowering Hackers for Covert Ransomware Attacks on Enterprises

A new and sophisticated post-exploitation framework known as EXFILTRATOR-22, or EX-22, has surfaced, designed to facilitate ransomware deployment within enterprise networks while maintaining stealth. This tool presents a range of features that streamline the post-exploitation process, making it increasingly accessible for cybercriminals, as outlined in a recent report by cybersecurity…

Read MoreIntroducing the EX-22 Tool: Empowering Hackers for Covert Ransomware Attacks on Enterprises

Law Enforcement Operation Cracks Down on Counterfeit ID Platform VerifTools

Cybercrime as-a-service, Fraud Management & Cybercrime, Governance & Risk Management FBI Takes Down Domains; Dutch Authorities Analyze Data to Identify Administrators and Users Mathew J. Schwartz (euroinfosec) • September 1, 2025 Law enforcement officials indicated that VerifTools offered fake passports and U.S. driver’s license images for as low as $9.…

Read MoreLaw Enforcement Operation Cracks Down on Counterfeit ID Platform VerifTools

Amazon Disrupts Russian APT29 Watering Hole Attack Targeting Microsoft Authentication

Amazon has effectively thwarted a watering hole campaign orchestrated by the Russian APT29, known as Midnight Blizzard, which exploited compromised websites to undermine Microsoft authentication through malicious redirects. The incident came to light when Amazon’s security team discerned new activities from APT29, a threat group correlated with Russia’s Foreign Intelligence…

Read MoreAmazon Disrupts Russian APT29 Watering Hole Attack Targeting Microsoft Authentication

Critical Ivanti Vulnerability Actively Exploited for TRAILBLAZE and BRUSHFIRE Malware Deployment

Ivanti Reveals Critical Security Vulnerability in Connect Secure, Active Exploitation Detected Ivanti has recently announced a critical security vulnerability in its Connect Secure product, which has been the target of active exploitation in real-world scenarios. Labeled CVE-2025-22457, this vulnerability, with a CVSS score of 9.0, involves a stack-based buffer overflow…

Read MoreCritical Ivanti Vulnerability Actively Exploited for TRAILBLAZE and BRUSHFIRE Malware Deployment

Critical Langflow Vulnerability Added to CISA KEV List Amid Ongoing Exploitation Evidence

A significant security vulnerability has emerged within the open-source Langflow platform, prompting its inclusion in the U.S. Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities catalog. This critical flaw, identified as CVE-2025-3248, has been actively exploited in various cyberattacks, as noted by reliable sources. The identified vulnerability has been…

Read MoreCritical Langflow Vulnerability Added to CISA KEV List Amid Ongoing Exploitation Evidence