The Breach News

Top US Banks Assess Their Exposure to SitusAMC Breach

Finance & Banking, Industry Specific JP Morgan Chase, Citi, and Morgan Stanley Affected by Cybersecurity Breach Akshaya Asokan (asokan_akshaya) • November 24, 2025 Image: Dogora Sun/Shutterstock Major financial institutions in the U.S., including JP Morgan Chase, Citi, and Morgan Stanley, are currently evaluating their exposure to a recent cybersecurity incident…

Read MoreTop US Banks Assess Their Exposure to SitusAMC Breach

Banks on High Alert Following Data Breach at SitusAMC

Several prominent U.S. banks are currently assessing their potential exposure following a cybersecurity incident involving financial technology vendor SitusAMC. This breach has reportedly compromised sensitive client data, underscoring the growing reliance of the banking sector on third-party service providers and the inherent systemic risks when such providers face security challenges.…

Read MoreBanks on High Alert Following Data Breach at SitusAMC

China-Linked Group Exploits ConnectWise and F5 Software Vulnerabilities to Breach Networks

A threat group linked to China has exploited vulnerabilities in Connectwise ScreenConnect and F5 BIG-IP software, deploying customized malware capable of installing additional backdoors on compromised Linux systems. This aggressive campaign is under surveillance by Mandiant, a Google subsidiary, which refers to the activity by the identifier UNC5174, also known…

Read MoreChina-Linked Group Exploits ConnectWise and F5 Software Vulnerabilities to Breach Networks

Masslogger Trojan Enhanced to Capture All Your Outlook and Chrome Credentials

New Phishing Campaign Targets Credentials Using MassLogger Malware A resurgence of the MassLogger malware has been detected, targeting credentials from major platforms including Microsoft Outlook, Google Chrome, and various instant messaging applications. This phishing campaign, primarily aimed at users in Turkey, Latvia, and Italy, began in mid-January and builds upon…

Read MoreMasslogger Trojan Enhanced to Capture All Your Outlook and Chrome Credentials

Everest Ransomware Claims Data Breach at Spain’s National Airline Iberia, Exposing 596 GB of Data

Recent Data Breaches Affect Iberia and Air Miles España, S.A. The Everest ransomware group has made headlines with alarming claims of successful breaches at Iberia, Spain’s national airline. According to the group, they have extracted a substantial database of 596 GB, alongside 430 GB of booking-related email files. This cache…

Read MoreEverest Ransomware Claims Data Breach at Spain’s National Airline Iberia, Exposing 596 GB of Data

Hackers Compromise ZoneAlarm Forum: Outdated vBulletin Software Identified as the Culprit

ZoneAlarm Faces Data Breach, User Information Compromised ZoneAlarm, a prominent internet security software company owned by Check Point Technologies, has confirmed a significant data breach affecting its user community on the discussion forum. The incident, which was reported by The Hacker News, has led to the exposure of sensitive information…

Read MoreHackers Compromise ZoneAlarm Forum: Outdated vBulletin Software Identified as the Culprit

Email Vulnerabilities Persist in the Healthcare Sector

Email Security & Protection, Fraud Management & Cybercrime, Healthcare Mindpath Health Settles Claim for $3.5 Million; Delta Dental Notifies 146,000 of Breach Marianne Kolbasuk McGee (HealthInfoSec) • November 24, 2025 Email compromises remain a significant concern in the healthcare sector, frequently leading to substantial data breaches and ensuing class action…

Read MoreEmail Vulnerabilities Persist in the Healthcare Sector

How Digital Transformation Makes Cannabis Businesses Vulnerable to Cyber Attacks – MJBizDaily

Digital Transformation Poses New Cybersecurity Risks for Cannabis Businesses Recent developments in the cannabis industry underscore a growing vulnerability as digital transformation accelerates. A recent report highlights how these advancements have inadvertently created more entry points for cybercriminals, exposing cannabis businesses to potential hacking incidents. As reliance on digital tools…

Read MoreHow Digital Transformation Makes Cannabis Businesses Vulnerable to Cyber Attacks – MJBizDaily

AWS Addresses Critical ‘FlowFixation’ Vulnerability in Airflow Service to Prevent Session Hijacking

Cybersecurity experts have recently disclosed a significant, now-resolved vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could have enabled attackers to hijack user sessions and execute remote code on affected instances. This vulnerability, coined FlowFixation by the cybersecurity firm Tenable, poses alarming implications for AWS…

Read MoreAWS Addresses Critical ‘FlowFixation’ Vulnerability in Airflow Service to Prevent Session Hijacking