Cybersecurity Incident: Mandiant Analyst Data Breach Exposes Sensitive Information A significant cybersecurity breach has reportedly compromised the data of a senior analyst at Mandiant, a Virginia-based cybersecurity firm owned by FireEye. According to sources, an anonymous hacking group claims to have infiltrated Mandiant’s internal networks, allegedly maintaining access since 2016.…
Equifax Suffers Major Data Breach, Affecting Millions In a stark reminder of the vulnerabilities within cybersecurity defenses, Equifax—a leading credit reporting agency—has acknowledged a significant data breach that compromised the personal information of approximately 143 million individuals in the United States. The breach reportedly occurred between mid-May and July, with…
The Equifax data breach has intensified, revealing that an additional 2.5 million U.S. consumers were affected, raising the total number of potential victims from 143 million to 145.5 million. This data breach, initially reported last month, involves the exposure of highly sensitive personal information, including names, Social Security numbers, birth…
Recent cybersecurity alerts highlight the exploitation of a critical vulnerability in Citrix NetScaler application delivery control (ADC) and Gateway appliances by numerous threat actors, including affiliates of the notorious LockBit ransomware group. This new wave of attacks takes advantage of CVE-2023-4966, a severe flaw that has allowed adversaries to infiltrate…
Coupang data breach: Culprit identified, all customers’ leaked data deleted In a significant security incident, Coupang, a leading South Korean e-commerce platform, has encountered a severe data breach that has compromised the personal information of over 33 million customers. On December 25, 2025, the company announced that it had successfully…
Barracuda Networks disclosed a serious cybersecurity incident involving a zero-day vulnerability within its Email Security Gateway (ESG) appliances, allegedly exploited by Chinese threat actors. This vulnerability has been designated as CVE-2023-7102 and has led to the deployment of backdoors on a select number of affected devices. The vulnerability involves an…
Recent reports have detailed a sophisticated cybersecurity incident affecting Ivanti Connect Secure (ICS) VPN appliances, where suspected nation-state actors have exploited two critical zero-day vulnerabilities since early December 2023. The vulnerabilities, identified as CVE-2023-46805 and CVE-2024-21887, have enabled attackers to deploy multiple malware families, allowing them to bypass authentication mechanisms…
Mass Exploitation of SSRF Vulnerability in Ivanti Products A significant server-side request forgery (SSRF) vulnerability affecting Ivanti Connect Secure and Policy Secure products has been widely exploited. Recent reports indicate that attacks are emanating from over 170 distinct IP addresses, indicating a coordinated effort to establish unauthorized access, including reverse…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Chinese-Linked Malware Campaign Targets Critical Environments With Weak Monitoring Chris Riotta (@chrisriotta) • December 4, 2025 Image: Shutterstock The U.S. federal government has issued a warning regarding a sophisticated malware campaign linked to Chinese state-sponsored actors, known as Brickstorm. This malicious software…
