The Breach News

SonicWall VPNs Experience a Breach Following September Cloud Backup Incident

New Discovery Unveils Credential-Driven Campaign Targeting SonicWall Devices Recent findings by cybersecurity firm Huntress reveal a new and concerning trend in cyberattacks, indicating a credential-based campaign aimed at SonicWall SSLVPN devices. The investigation, which began around October 4, detected significant login activity from IP addresses linked to attackers, including one…

Read MoreSonicWall VPNs Experience a Breach Following September Cloud Backup Incident

Severe SQL Injection Vulnerability in Apache Traffic Control Scores 9.9 CVSS — Immediate Patch Recommended

The Apache Software Foundation (ASF) has recently issued critical security updates to address a significant vulnerability in Apache Traffic Control. This flaw presents an opportunity for attackers to execute unauthorized Structured Query Language (SQL) commands against the database, should the exploit be successful. The vulnerability, identified as CVE-2024-45387, has been…

Read MoreSevere SQL Injection Vulnerability in Apache Traffic Control Scores 9.9 CVSS — Immediate Patch Recommended

Molerat Hackers Conceal New Espionage Attacks Within Public Cloud Infrastructure

An ongoing espionage initiative attributed to the threat group known as Molerats has been leveraging widely used cloud services, including Google Drive and Dropbox, as a method for distributing malware and facilitating command-and-control operations. This cyber offensive is reportedly focused on targets across the Middle East and has been active…

Read MoreMolerat Hackers Conceal New Espionage Attacks Within Public Cloud Infrastructure

Satellites Exposing Global Secrets: Intercepted Calls, Texts, and Sensitive Military and Corporate Information

Recent findings indicate that individuals around the globe could replicate a sensitive data collection operation, utilizing readily available satellite hardware. Researchers conducted an experiment employing standard satellite technology: a $185 satellite dish, a $140 roof mount, a $195 motor, and a $230 tuner card, all totaling under $800. This highlights…

Read MoreSatellites Exposing Global Secrets: Intercepted Calls, Texts, and Sensitive Military and Corporate Information

Uncover the Advantages of Proactive Web Security Over Traditional Antivirus Solutions

Certainly! Here’s a rewritten version of your content, tailored for a US-based, tech-savvy professional audience: Rethinking Web Security in the Digital Age As the digital landscape continues to change at a rapid pace, it’s imperative for organizations to reassess their web security strategies. While traditional antivirus approaches remain valuable for…

Read MoreUncover the Advantages of Proactive Web Security Over Traditional Antivirus Solutions

Pro-Russian TwoNet Hackers Target Water Utility Honeypot

Critical Infrastructure Security, Cybercrime, Fraud Management & Cybercrime Forescout Warns That Today’s Hacktivists Could Represent Tomorrow’s Threats Prajeet Nair (@prajeetspeaks) • October 13, 2025 Image: Shutterstock A pro-Russian hacktivist group announced on Telegram their alleged infiltration of a Western water treatment facility. However, security firm Forescout clarified that the group,…

Read MorePro-Russian TwoNet Hackers Target Water Utility Honeypot

The request could not be fulfilled.

Title: CloudFront Access Blockage Disrupts Service Availability In a recent incident, users encountered a significant disruption as a request intended for a specific online service was unable to be satisfied. This incident is attributed to configurations within the Amazon CloudFront service, which is designed to provide content delivery and caching.…

Read MoreThe request could not be fulfilled.

Apache MINA CVE-2024-52046: Critical RCE Vulnerability (CVSS 10.0) Due to Unsafe Serialization

The Apache Software Foundation (ASF) has unveiled critical patches to mitigate a severe vulnerability within the MINA Java network application framework, which could enable remote code execution under certain circumstances. This vulnerability, identified as CVE-2024-52046, has been assigned a maximum severity CVSS score of 10.0, affecting versions 2.0.X, 2.1.X, and…

Read MoreApache MINA CVE-2024-52046: Critical RCE Vulnerability (CVSS 10.0) Due to Unsafe Serialization

Hackers Employ Innovative Evasive Tactics to Distribute AsyncRAT Malware

A sophisticated phishing attack has emerged, delivering the AsyncRAT trojan as part of a malware campaign believed to have started in September 2021. This campaign has raised significant concerns among cybersecurity experts due to its innovative approach and potential for widespread damage. According to Michael Dereviashkin, a security researcher at…

Read MoreHackers Employ Innovative Evasive Tactics to Distribute AsyncRAT Malware