The Breach News

Fortinet Issues Alert on Serious FortiWLM Vulnerability That May Allow Admin Access Exploits

Fortinet has recently issued a critical advisory regarding a significant security vulnerability affecting its Wireless LAN Manager, FortiWLM, which has been patched. This flaw has the potential to expose sensitive information and affects various versions of the FortiWLM software. The vulnerability, classified as CVE-2023-34990, has been assigned a high severity…

Read MoreFortinet Issues Alert on Serious FortiWLM Vulnerability That May Allow Admin Access Exploits

Ukrainian Government Accuses Russia of Recent Cyberattacks

The Ukrainian government has officially accused Russia of orchestrating a series of cyberattacks that targeted various public institutions and governmental websites over the past week. According to the Ministry of Digital Transformation, the evidence strongly indicates Russian involvement in this incident. The Ministry stated, “All evidence points to the fact…

Read MoreUkrainian Government Accuses Russia of Recent Cyberattacks

Feds Capture Unprecedented $15 Billion in Bitcoin from Alleged Scam Operation

In recent years, an alarming trend of romance and investment scams—colloquially termed “pig butchering”—has resulted in the theft of tens of billions of dollars from individuals globally. Law enforcement agencies have recently intensified their efforts against this expansive scam network, specifically targeting the operations of human trafficking victims forced to…

Read MoreFeds Capture Unprecedented $15 Billion in Bitcoin from Alleged Scam Operation

Share Your Secrets Without Revealing Them

The challenge of safeguarding digital secrets in an increasingly interconnected world has become increasingly urgent. GitGuardian’s engineers faced a critical task while developing their HasMySecretLeaked service, designed to assist developers in determining whether confidential information—such as passwords, API keys, and cryptographic certificates—has been inadvertently exposed within public GitHub repositories. The…

Read MoreShare Your Secrets Without Revealing Them

Elasticsearch Data Leak Exposes 6 Billion Records from Recent and Past Breaches

A misconfigured Elasticsearch server, holding an astonishing 1.12 terabytes of data, has been discovered leaking over 6 billion records without any security authentication. This server, suspected to be operated from Russia or a Russian-speaking region, contained sensitive information gathered through various means, including data breaches and website scraping, before it…

Read MoreElasticsearch Data Leak Exposes 6 Billion Records from Recent and Past Breaches

Athena Security Unveils AI-Driven Detection for Cell Phones and Smart Glasses to Safeguard BPOs Against Data Breaches

Recent advancements in technology are enabling call centers to safeguard against data breaches, uphold PCI and HIPAA standards, and protect customer confidentiality in real time. AUSTIN, Texas, Oct. 15, 2025 /PRNewswire/ — Athena Security, an innovator in AI-driven security and compliance solutions, has unveiled its new Cell Phone, Transmitting Device,…

Read MoreAthena Security Unveils AI-Driven Detection for Cell Phones and Smart Glasses to Safeguard BPOs Against Data Breaches

CISA Includes Critical Vulnerability in BeyondTrust Software on Exploited Vulnerabilities List

The Cybersecurity and Infrastructure Security Agency (CISA) has recently flagged a significant security vulnerability affecting BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) products. This vulnerability, designated as CVE-2024-12356, boasts a critical CVSS score of 9.8 and involves a command injection flaw that could be exploited by malicious actors…

Read MoreCISA Includes Critical Vulnerability in BeyondTrust Software on Exploited Vulnerabilities List

Ukraine: Recent Cyber Attacks Linked to Broader Scheme Aimed at Sabotaging Critical Infrastructure

Recent coordinated cyberattacks have disproportionately affected Ukrainian government websites, marked by the deployment of a sophisticated data-wiping malware known as WhisperGate. These incidents are indicative of a widespread malicious campaign targeting the nation’s critical infrastructure, underscoring a serious threat landscape for governmental entities. The Ukrainian Secret Service has confirmed a…

Read MoreUkraine: Recent Cyber Attacks Linked to Broader Scheme Aimed at Sabotaging Critical Infrastructure