The Breach News

Widespread Exploitation of Recent SSRF Vulnerability in Ivanti VPN Products

Mass Exploitation of SSRF Vulnerability in Ivanti Products A significant server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure and Policy Secure products has been widely exploited. Recent reports indicate that attacks are emanating from over 170 distinct IP addresses, indicating a coordinated effort to establish unauthorized access, including reverse…

Read MoreWidespread Exploitation of Recent SSRF Vulnerability in Ivanti VPN Products

New Findings Indicate SolarWinds’ Codebase Was Compromised to Insert a Backdoor

The ongoing investigation into the SolarWinds breach continues to reveal the intricate tactics employed by the attackers who infiltrated the company’s internal systems and manipulated its software update processes. This meticulous and well-coordinated supply chain attack appears to have been in the making since at least October 2019, when the…

Read MoreNew Findings Indicate SolarWinds’ Codebase Was Compromised to Insert a Backdoor

Airbus Faces Data Breach, Exposing Information of Certain Employees

In a recent announcement, Airbus, the European aerospace manufacturer, confirmed a data breach that affected its Commercial Aircraft business information systems, leading to the unauthorized access of certain employee personal data. While the specifics of the breach have not been fully disclosed, Airbus indicated that the hack does not impact…

Read MoreAirbus Faces Data Breach, Exposing Information of Certain Employees

Inotiv Pharmaceutical Company Confirms Data Breach After Ransomware Attack – CybersecurityNews

Pharma Firm Inotiv Confirms Data Breach Following Ransomware Attack In a significant cybersecurity incident, pharmaceutical company Inotiv has reported a data breach that was triggered by a recent ransomware attack. The company disclosed the breach to its stakeholders, emphasizing its commitment to investigating the potential impact on sensitive information. This…

Read MoreInotiv Pharmaceutical Company Confirms Data Breach After Ransomware Attack – CybersecurityNews

Experts Uncover New Vulnerabilities in Azure HDInsight’s Spark, Kafka, and Hadoop Services

Recent findings have unveiled three significant security vulnerabilities in Azure HDInsight, particularly affecting its Apache Hadoop, Kafka, and Spark services. These vulnerabilities could potentially be exploited to facilitate privilege escalation and launch a regular expression denial-of-service (ReDoS) attack, leaving systems vulnerable to unauthorized access and operational disruption. The flaws primarily…

Read MoreExperts Uncover New Vulnerabilities in Azure HDInsight’s Spark, Kafka, and Hadoop Services

Vietnam Government Certification Authority Targeted by Software Supply Chain Attack

Recent reports reveal a sophisticated supply-chain attack targeting the Vietnam Government Certification Authority (VGCA). This breach involved the manipulation of the agency’s digital signature toolkit, allowing hackers to implant a backdoor into affected systems. The incident was brought to light by Slovak cybersecurity firm ESET, which identified the assault, referred…

Read MoreVietnam Government Certification Authority Targeted by Software Supply Chain Attack

Google’s New Tool Notifies You When Compromised Credentials Are Used on Any Website

Google Launches Privacy-Focused Password Checkup Service Amid Rising Data Breaches In an era of escalating data breaches, where compromised credentials are frequently traded across the web, users face a daunting challenge: determining if their login information has been exposed. Recognizing this critical threat, Google has taken an affirmative step by…

Read MoreGoogle’s New Tool Notifies You When Compromised Credentials Are Used on Any Website

Australia Drops Proposed Mandatory AI Regulations in New Strategy

Australia Shifts to Voluntary AI Framework, Leaving Regulatory Gaps On December 2, 2025, the Australian government unveiled a national strategy that favors voluntary frameworks for artificial intelligence, diverging sharply from its earlier proposal for enforceable regulations. Three months prior, officials had advocated for a set of ten mandatory guardrails designed…

Read MoreAustralia Drops Proposed Mandatory AI Regulations in New Strategy