The Breach News

Ad Tech Firm Optimizely Hit by Cyberattack – SecurityWeek

Optimizely Targeted in Cyberattack: A Comprehensive Overview In a notable cybersecurity incident, Optimizely, a prominent ad tech company, has recently fallen victim to a cyberattack that has raised significant concerns within the industry. This breach highlights vulnerabilities within digital marketing infrastructures and serves as a stark reminder of the ongoing…

Read MoreAd Tech Firm Optimizely Hit by Cyberattack – SecurityWeek

Iranian Hackers Breach U.S. Federal Agency Network via Log4Shell Exploit

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has reported a security breach involving a federal agency, attributed to threat actors affiliated with the Iranian government. The attackers exploited the Log4Shell vulnerability found in an unpatched VMware Horizon server, demonstrating a sophisticated exploitation technique. The breach, which occurred between mid-June…

Read MoreIranian Hackers Breach U.S. Federal Agency Network via Log4Shell Exploit

UK Parliament Targeted by Cyberattack, Affecting Up to 90 MPs’ Email Accounts

Cyber Attack Targets UK Parliament Email System In a significant cybersecurity incident, the email system of the UK Houses of Parliament was breached on Friday morning, affecting at least 90 accounts belonging to Members of Parliament (MPs), their staff, and other parliamentary personnel. Initial investigations suggest that many of these…

Read MoreUK Parliament Targeted by Cyberattack, Affecting Up to 90 MPs’ Email Accounts

North Korean Lazarus Group Expands Global Attacks with Medusa Ransomware

Recent developments reveal that North Korean cyber operations are making significant inroads into the commercial ransomware landscape, indicating a heightened focus on obtaining direct financial rewards. The Symantec and Carbon Black Threat Hunter Team have reported activities by the notorious Lazarus Group, a state-sponsored actor, utilizing Medusa ransomware against targets…

Read MoreNorth Korean Lazarus Group Expands Global Attacks with Medusa Ransomware

Warlock Ransomware Compromises SmarterTools via Unpatched SmarterMail Server Vulnerability

SmarterTools recently disclosed a significant cybersecurity breach involving the Warlock ransomware group, which exploited an unpatched version of SmarterMail. The incident, communicated by Chief Commercial Officer Derek Curtis, occurred on January 29, 2026, when a mail server that lagged in updates became the entry point for the attack. Curtis detailed…

Read MoreWarlock Ransomware Compromises SmarterTools via Unpatched SmarterMail Server Vulnerability

Astelia Secures $35M for AI-Driven Vulnerability Management Solutions

Artificial Intelligence & Machine Learning, Governance & Risk Management, Next-Generation Technologies & Secure Development Index Ventures Invests in Comprehensive AI-Driven Vulnerability Management Platform Michael Novinson (MichaelNovinson) • February 24, 2026 Alon Noy, co-founder and CEO, Astelia (Image: Astelia) Astelia, a startup founded by former leaders of Israel’s National Red Team,…

Read MoreAstelia Secures $35M for AI-Driven Vulnerability Management Solutions

Conduent Data Breach: One of the Largest in U.S. History Continues to Escalate

The Conduent data breach continues to escalate in severity as more information becomes available. Initial reports indicate that at least 25 million individuals have been impacted by this incident, with major repercussions observed in Texas and Oregon alone. In Texas, as many as 15 million residents may be affected, an…

Read MoreConduent Data Breach: One of the Largest in U.S. History Continues to Escalate

Researchers Uncover AppSync Cross-Tenant Vulnerability in Amazon Web Services

Amazon Web Services (AWS) has addressed a significant cross-tenant vulnerability within its platform that could allow unauthorized access to resources. This issue, characterized as a “confused deputy problem,” pertains to a form of privilege escalation where an entity lacking permissions can manipulate a more privileged entity into performing actions on…

Read MoreResearchers Uncover AppSync Cross-Tenant Vulnerability in Amazon Web Services