The Breach News

Alert: New Zoho ManageEngine Vulnerability Actively Under Attack

December 4, 2021

Zoho has issued a warning regarding a newly patched critical vulnerability in its Desktop Central and Desktop Central MSP products, which is currently being exploited by cybercriminals. This marks the third security flaw in Zoho’s offerings found to be targeted in just four months. The vulnerability, identified as CVE-2021-44515, is an authentication bypass that enables attackers to bypass security measures and execute arbitrary code on the Desktop Central MSP server.

“If exploited, attackers can gain unauthorized access by sending a specially crafted request, resulting in remote code execution,” Zoho cautioned in its advisory. “Given the signs of active exploitation, we strongly recommend that customers update to the latest build immediately.” The company has also provided an Exploit Detection Tool to assist customers in identifying any potential vulnerabilities.

Zoho, a well-known enterprise software provider, issued a critical warning regarding a security vulnerability recently identified in its Desktop Central and Desktop Central MSP products. This vulnerability, tracked as CVE-2021-44515, has been categorized as an authentication bypass flaw, enabling malicious actors to evade authentication measures and execute arbitrary code on…

Read More

Alert: New Zoho ManageEngine Vulnerability Actively Under Attack

December 4, 2021

Zoho has issued a warning regarding a newly patched critical vulnerability in its Desktop Central and Desktop Central MSP products, which is currently being exploited by cybercriminals. This marks the third security flaw in Zoho’s offerings found to be targeted in just four months. The vulnerability, identified as CVE-2021-44515, is an authentication bypass that enables attackers to bypass security measures and execute arbitrary code on the Desktop Central MSP server.

“If exploited, attackers can gain unauthorized access by sending a specially crafted request, resulting in remote code execution,” Zoho cautioned in its advisory. “Given the signs of active exploitation, we strongly recommend that customers update to the latest build immediately.” The company has also provided an Exploit Detection Tool to assist customers in identifying any potential vulnerabilities.

The Washington Post Hit by Cyber Intrusion for the Third Time in Three Years

December 20, 2013

Mandiant, a security intelligence firm, has uncovered a new breach of The Washington Post’s network, marking the third such incident in three years. As of this writing, the extent of the breach and potential losses remain unclear. Mandiant reported this week that the attacked data included hashed employee credentials. “Hackers accessed The Washington Post’s servers, compromising employee usernames and passwords, making it at least the third intrusion in recent years,” company officials stated on Wednesday. Earlier in 2013, The New York Times revealed it had faced cyber espionage efforts from Chinese hackers, similar to attacks on other major American news outlets. These hackers aimed to compromise journalists’ email accounts to obtain sensitive information.

The Washington Post Faces Third Cyber Intrusion in Three Years On December 20, 2013, Mandiant, a leading cybersecurity intelligence firm, announced a new breach in the network of The Washington Post, marking the publication’s third significant cybersecurity incident in as many years. While details regarding the full scope of the…

Read More

The Washington Post Hit by Cyber Intrusion for the Third Time in Three Years

December 20, 2013

Mandiant, a security intelligence firm, has uncovered a new breach of The Washington Post’s network, marking the third such incident in three years. As of this writing, the extent of the breach and potential losses remain unclear. Mandiant reported this week that the attacked data included hashed employee credentials. “Hackers accessed The Washington Post’s servers, compromising employee usernames and passwords, making it at least the third intrusion in recent years,” company officials stated on Wednesday. Earlier in 2013, The New York Times revealed it had faced cyber espionage efforts from Chinese hackers, similar to attacks on other major American news outlets. These hackers aimed to compromise journalists’ email accounts to obtain sensitive information.

Safeguarding the Agentic Era: Unveiling Astrix’s AI Agent Control Plane

AI agents are swiftly becoming integral to enterprises, seamlessly integrating into workflows, functioning with autonomy, and making critical decisions regarding system access and usage. However, with their increasing power and independence come heightened risks and threats. Recent studies reveal that 80% of organizations have encountered unintended actions by AI agents, ranging from unauthorized system access to data breaches. These incidents are not isolated; they are the predictable consequences of deploying AI agents at scale without tailored security measures. Traditional Identity and Access Management (IAM) systems were not designed to handle this paradigm shift. Agents operate rapidly and continuously, relying on non-human identities (NHIs) to dictate their permissions. So, how can organizations secure systems they can neither see nor fully manage? To tackle this challenge, a new, purpose-driven approach is essential—one that facilitates secure-by-design deployment of AI agents throughout the enterprise. Introducing: Astrix’s Agent Control Plane (ACP).

Securing the Era of Autonomous AI Agents: The Launch of Astrix’s AI Agent Control Plane As of September 16, 2025, the integration of AI agents into enterprise environments is accelerating, fundamentally changing how businesses operate. These agents are not only woven into various workflows but are increasingly functioning autonomously, determining…

Read More

Safeguarding the Agentic Era: Unveiling Astrix’s AI Agent Control Plane

AI agents are swiftly becoming integral to enterprises, seamlessly integrating into workflows, functioning with autonomy, and making critical decisions regarding system access and usage. However, with their increasing power and independence come heightened risks and threats. Recent studies reveal that 80% of organizations have encountered unintended actions by AI agents, ranging from unauthorized system access to data breaches. These incidents are not isolated; they are the predictable consequences of deploying AI agents at scale without tailored security measures. Traditional Identity and Access Management (IAM) systems were not designed to handle this paradigm shift. Agents operate rapidly and continuously, relying on non-human identities (NHIs) to dictate their permissions. So, how can organizations secure systems they can neither see nor fully manage? To tackle this challenge, a new, purpose-driven approach is essential—one that facilitates secure-by-design deployment of AI agents throughout the enterprise. Introducing: Astrix’s Agent Control Plane (ACP).

Trump’s Budget Plan Proposes Major Cuts to CISA Following Challenging Year

Government, Industry Specific, Regulation White House Proposes Significant Cuts to Cyber Defense Agency’s Budget Chris Riotta (@chrisriotta) • April 6, 2026 The White House is proposing substantial reductions to CISA’s budget for fiscal year 2027. (Image: Shutterstock) The White House has unveiled a budget proposal for fiscal year 2027 that…

Read MoreTrump’s Budget Plan Proposes Major Cuts to CISA Following Challenging Year

Pegasus Spyware Allegedly Targeted iPhones of U.S. State Department Employees and Diplomats

December 4, 2021

Reports from Reuters and The Washington Post indicate that Apple has informed several U.S. Embassy and State Department staff that their iPhones might have been compromised by an unidentified attacker using state-sponsored spyware developed by the controversial Israeli firm NSO Group. At least 11 officials, either stationed in Uganda or involved in matters related to the country, reportedly had their iPhones, linked to their overseas numbers, singled out. The identities of the perpetrators and the specific information sought remain unclear. These incidents represent the first known use of this advanced surveillance tool against U.S. government personnel. NSO Group produces Pegasus, military-grade spyware that enables clients to discreetly access files, photos, and conversations.

Pegasus Spyware Compromises iPhones of U.S. State Department Officials On December 4, 2021, reports emerged indicating that iPhones belonging to employees of the U.S. State Department, including several stationed at the U.S. Embassy in Uganda, may have been compromised through the use of state-sponsored spyware developed by the Israeli firm…

Read More

Pegasus Spyware Allegedly Targeted iPhones of U.S. State Department Employees and Diplomats

December 4, 2021

Reports from Reuters and The Washington Post indicate that Apple has informed several U.S. Embassy and State Department staff that their iPhones might have been compromised by an unidentified attacker using state-sponsored spyware developed by the controversial Israeli firm NSO Group. At least 11 officials, either stationed in Uganda or involved in matters related to the country, reportedly had their iPhones, linked to their overseas numbers, singled out. The identities of the perpetrators and the specific information sought remain unclear. These incidents represent the first known use of this advanced surveillance tool against U.S. government personnel. NSO Group produces Pegasus, military-grade spyware that enables clients to discreetly access files, photos, and conversations.

Title: Vulnerability of Small Satellite Terminals (VSATs) to Cyber Attacks

Published on: January 10, 2014

Military units relying on very small aperture terminals (VSATs) for satellite communications in remote areas face significant cyber attack risks. IntelCrawler, a cyber intelligence firm, has identified nearly 3 million VSATs, with a substantial number located in the United States. Alarmingly, around 10,000 of these systems are easily accessible due to configuration vulnerabilities. “Since 2010, we have scanned the entire IPv4 address space and continually update our Big Data intelligence database, which includes information about the satellite operators’ networks, such as INMARSAT, Asia Broadcast Satellite, and others, highlighting various vulnerabilities,” the researchers explained. The study indicates that VSATs, which support data transmission rates from 4 kbps to 16 Mbps for narrow and broadband applications, are particularly susceptible to cyber threats. These terminals are frequently employed for transmitting narrowband data like credit card transactions, polling, or RFID data, as well as broadband data for VoIP communications.

Small Satellite Terminals (VSATs) Present Cybersecurity Risks January 10, 2014 Recent investigative efforts by IntelCrawler, a cyber intelligence firm, have shed light on a significant vulnerability affecting military units dependent on very small aperture terminals (VSATs) for satellite communication. These terminals, widely used in remote locations, are exposing critical military…

Read More

Title: Vulnerability of Small Satellite Terminals (VSATs) to Cyber Attacks

Published on: January 10, 2014

Military units relying on very small aperture terminals (VSATs) for satellite communications in remote areas face significant cyber attack risks. IntelCrawler, a cyber intelligence firm, has identified nearly 3 million VSATs, with a substantial number located in the United States. Alarmingly, around 10,000 of these systems are easily accessible due to configuration vulnerabilities. “Since 2010, we have scanned the entire IPv4 address space and continually update our Big Data intelligence database, which includes information about the satellite operators’ networks, such as INMARSAT, Asia Broadcast Satellite, and others, highlighting various vulnerabilities,” the researchers explained. The study indicates that VSATs, which support data transmission rates from 4 kbps to 16 Mbps for narrow and broadband applications, are particularly susceptible to cyber threats. These terminals are frequently employed for transmitting narrowband data like credit card transactions, polling, or RFID data, as well as broadband data for VoIP communications.

Attackers Exploit Zero-Day Vulnerability in Fortinet Security Software

Governance & Risk Management, Network Firewalls, Network Access Control, Patch Management Vendor Releases Emergency Patch for Critical Vulnerability in FortiClient Endpoint Management Server Mathew J. Schwartz (euroinfosec) • April 6, 2026 Image: Shutterstock Fortinet has initiated an urgent response to a significant security threat by releasing emergency patches in light…

Read MoreAttackers Exploit Zero-Day Vulnerability in Fortinet Security Software

Urgent Log4J Vulnerability Poses Significant Threat to Internet Security

Dec 11, 2021

The Apache Software Foundation has addressed a critical zero-day vulnerability in the widely-used Apache Log4j Java logging library, actively exploited to execute malicious code and potentially gain full control over affected systems. Identified as CVE-2021-44228 and known as Log4Shell or LogJam, this flaw allows unauthenticated remote code execution (RCE) in applications utilizing this open-source tool, impacting versions from Log4j 2.0-beta9 to 2.14.1. The bug received a maximum severity score of 10 on the CVSS rating scale. The Apache Foundation’s advisory states, “An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.” Starting with Log4j version 2.15.0, this functionality has been disabled by default. Exploitation can be performed with minimal effort…

Severe Log4J Vulnerability Poses Significant Threat to Internet Security December 11, 2021 The Apache Software Foundation has disclosed critical updates addressing a zero-day vulnerability actively exploited within the widely adopted Apache Log4j Java logging library. This vulnerability has the potential to allow malicious actors to execute arbitrary code, resulting in…

Read More

Urgent Log4J Vulnerability Poses Significant Threat to Internet Security

Dec 11, 2021

The Apache Software Foundation has addressed a critical zero-day vulnerability in the widely-used Apache Log4j Java logging library, actively exploited to execute malicious code and potentially gain full control over affected systems. Identified as CVE-2021-44228 and known as Log4Shell or LogJam, this flaw allows unauthenticated remote code execution (RCE) in applications utilizing this open-source tool, impacting versions from Log4j 2.0-beta9 to 2.14.1. The bug received a maximum severity score of 10 on the CVSS rating scale. The Apache Foundation’s advisory states, “An attacker who can control log messages or log message parameters can execute arbitrary code loaded from LDAP servers when message lookup substitution is enabled.” Starting with Log4j version 2.15.0, this functionality has been disabled by default. Exploitation can be performed with minimal effort…