The Breach News

Everest Ransomware Reports AT&T Careers Data Breach Involving 576K Records – Hackread – Your Source for Cybersecurity News, Data Breaches, Tech, AI, Crypto, and More

A recent listing on a dark web data leak site operated by the Everest ransomware group claims to have accessed 576,686 personal records associated with AT&T Careers, the recruitment platform of the telecommunications giant. This platform facilitates role applications, resume submissions, and career management for both applicants and employees. This…

Read MoreEverest Ransomware Reports AT&T Careers Data Breach Involving 576K Records – Hackread – Your Source for Cybersecurity News, Data Breaches, Tech, AI, Crypto, and More

Oracle Alerts Users to Active Exploitation of Agile PLM Vulnerability

Oracle has issued a warning regarding a critical security vulnerability in its Agile Product Lifecycle Management (PLM) Framework, which has been actively exploited in real-world scenarios. The flaw, designated as CVE-2024-21287, boasts a CVSS score of 7.5, indicating its severity and potential impact. This vulnerability is particularly concerning because it…

Read MoreOracle Alerts Users to Active Exploitation of Agile PLM Vulnerability

Researchers Discover ‘Pink’ Botnet Malware Responsible for Infecting Over 1.6 Million Devices

Recent research has unveiled details of what is being referred to as the largest botnet discovered in the past six years, known as “Pink.” This sophisticated malware has reportedly infected over 1.6 million devices, predominantly located in China. Its primary objectives include orchestrating Distributed Denial-of-Service (DDoS) attacks and injecting ads…

Read MoreResearchers Discover ‘Pink’ Botnet Malware Responsible for Infecting Over 1.6 Million Devices

This Browser Promises “Perfect Privacy Protection,” Yet Functions Like Malware

The Universe Browser has drawn attention with bold claims, positioning itself as the fastest web browser while promising enhanced privacy and safety for its users. However, a deeper examination raises significant concerns about its operations and potential risks to users. Recent research by Infoblox, a network security firm, has uncovered…

Read MoreThis Browser Promises “Perfect Privacy Protection,” Yet Functions Like Malware

LastPass Data Breach: Engineer’s Oversight in Updating Plex Software Results in Major Security Incident

A significant security breach has compromised the password management platform LastPass, originating from a lapse in software maintenance by one of its engineers. This incident underscores the critical risks associated with neglecting timely software updates. In a disclosure made last week, LastPass provided insights into how attackers leveraged information obtained…

Read MoreLastPass Data Breach: Engineer’s Oversight in Updating Plex Software Results in Major Security Incident

Montana Officials Investigating BCBS Breach Linked to Vendor

Data Breach Notification, Data Security, Healthcare Regulators Investigate Potential Delay in Notification of Breach Affecting 462,000 Insurance Members Marianne Kolbasuk McGee (HealthInfoSec) • October 23, 2025 Montana state officials are probing a data breach at Blue Cross Blue Shield of Montana linked to a vendor. (Image: BCBSMT) Montana state regulators…

Read MoreMontana Officials Investigating BCBS Breach Linked to Vendor

Toys ‘R’ Us Canada Customer Data Breach: Information Exposed Online – SecurityWeek

Toys ‘R’ Us Canada Customer Information Leaked Online In a significant cybersecurity incident, customer information from Toys ‘R’ Us Canada has reportedly been exposed online. The breach raises critical concerns regarding the safety of sensitive consumer data in an era where digital transactions are commonplace. The leaked information, which may…

Read MoreToys ‘R’ Us Canada Customer Data Breach: Information Exposed Online – SecurityWeek

Apple Issues Critical Updates to Address Actively Exploited Zero-Day Vulnerabilities

Apple Addresses Zero-Day Vulnerabilities in Major Security Update In a swift response to emerging threats, Apple has deployed critical security updates across its operating systems, including iOS, iPadOS, macOS, visionOS, and Safari. These updates are aimed at mitigating two zero-day vulnerabilities that have reportedly been exploited by malicious actors in…

Read MoreApple Issues Critical Updates to Address Actively Exploited Zero-Day Vulnerabilities

US Imposes Sanctions on NSO Group and Three Others Over Spyware Sales

On Wednesday, the U.S. Commerce Department announced the addition of four companies, including two Israeli spyware firms—NSO Group and Candiru—to its list of foreign entities implicated in “malicious cyber activities.” This designation follows findings that both companies provided spyware to foreign governments, which in turn have targeted officials, journalists, business…

Read MoreUS Imposes Sanctions on NSO Group and Three Others Over Spyware Sales