Tag: breach
-
Snowflake customers hit in data theft attacks after SaaS integrator breach
Over a dozen companies have suffered data theft attacks after a SaaS integration provider was breached and authentication tokens stolen. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/snowflake-customers-hit-in-data-theft-attacks-after-saas-integrator-breach/
-
5 steps to strengthen supply chain security and improve cyber resilience
Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, control, credentials, cyber, data, defense, detection, dns, edr, email, endpoint, exploit, framework, governance, identity, infrastructure, mfa, monitoring, msp, network, radius, resilience, risk, saas, service, siem, soc, software, strategy, supply-chain, threat, tool, update, vulnerability, zero-trustAll software vendors and SaaS platformsOpen”‘source components embedded in your applicationsMSP or IT service providersCloud infrastructure and authentication servicesAPI integrations and automation workflowsOnce documented, classify each supplier by the impact they would have if compromised. A remote monitoring tool or authentication platform represents far greater risk than a basic productivity app. This prioritization helps you…
-
5 steps to strengthen supply chain security and improve cyber resilience
Tags: access, api, attack, authentication, automation, backup, breach, business, cloud, control, credentials, cyber, data, defense, detection, dns, edr, email, endpoint, exploit, framework, governance, identity, infrastructure, mfa, monitoring, msp, network, radius, resilience, risk, saas, service, siem, soc, software, strategy, supply-chain, threat, tool, update, vulnerability, zero-trustAll software vendors and SaaS platformsOpen”‘source components embedded in your applicationsMSP or IT service providersCloud infrastructure and authentication servicesAPI integrations and automation workflowsOnce documented, classify each supplier by the impact they would have if compromised. A remote monitoring tool or authentication platform represents far greater risk than a basic productivity app. This prioritization helps you…
-
React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data
The stolen information could help the hackers plan follow-up attacks and breach more organizations, Cisco researchers said. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/credential-harvesting-campaign-react2shell-cisco/816726/
-
Fast-moving Storm-1175 uses new exploits to breach networks and drop Medusa
Tags: access, attack, breach, china, data, data-breach, exploit, flaw, group, network, ransomware, theft, update, vulnerabilityChina-based actor Storm-1175 runs fast ransomware attacks, exploiting new flaws to breach systems and quickly deploy Medusa ransomware. China-based actor Storm-1175 carries out fast, financially driven ransomware attacks by exploiting newly disclosed vulnerabilities before organizations patch them. The group targets exposed systems and quickly moves from initial access to data theft and Medusa ransomware deployment,…
-
Support platform breach exposes Hims amp; Hers customer data
Healthcare companies handle some of the most personal data imaginable, and that makes them a magnet for hackers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/support-platform-breach-exposes-hims-amp-hers-customer-data/
-
Windmill Developer Platform Flaws Expose Users to RCE Attacks, ProofConcept Published
Tags: attack, breach, control, cyber, cybersecurity, data, flaw, network, rce, remote-code-execution, update, vulnerabilityCybersecurity researchers have discovered critical vulnerabilities in the Windmill developer platform and Nextcloud Flow, an integration embedding the Windmill engine. These severe flaws allow remote attackers to take full control of affected systems without requiring any passwords. System administrators must patch immediately to prevent catastrophic network breaches and data theft. Recently, security researcher Chocapikk released…
-
What we learned about TEE security from auditing WhatsApp’s Private Inference
WhatsApp’s new “Private Inference” feature represents one of the most ambitious attempts to combine end-to-end encryption with AI-powered capabilities, such as message summarization. To make this possible, Meta built a system that processes encrypted user messages inside trusted execution environments (TEEs), secure hardware enclaves designed so that not even Meta can access the plaintext. Our…
-
The Hidden Cost of Recurring Credential Incidents
When talking about credential security, the focus usually lands on breach prevention. This makes sense when IBM’s 2025 Cost of a Data Breach Report puts the average cost of a breach at $4.4 million. Avoiding even one major incident is enough to justify most security investments, but that headline figure obscures the more persistent problems…
-
Hackers Exploit Next.js React2Shell Vulnerability, Breach 766 Hosts in 24 Hours
Hackers are abusing a critical React2Shell vulnerability in Next.js applications to run an automated credential”‘theft operation that has already compromised at least 766 servers in under 24 hours. The threat activity is tracked as “UAT”‘10608”. It relies on a custom framework dubbed NEXUS Listener to systematically harvest and organize stolen secrets at scale. Cisco Talos describes UAT”‘10608…
-
The rise of proactive cyber: Why defense is no longer enough
Tags: attack, breach, ciso, control, country, cyber, cybersecurity, defense, framework, google, government, hacking, infrastructure, intelligence, korea, law, microsoft, network, north-korea, risk, threat, toolWhat ‘proactive cyber’ means: Despite the more aggressive language, this shift toward private-sector involvement doesn’t envision vigilante-style payback by aggrieved organizations. It instead embraces a more systematic effort to interfere with adversaries earlier in the attack chain using authorities and capabilities that already exist.”To be clear, this is not hacking back,” Joyce said. “This is…
-
The Attack Helix: Praetorian Guard’s AI Architecture for Offensive Security
The Kill Chain models how an attack succeeds. The Attack Helix models how the offensive baseline improves. Tipping Points One person. Two AI subscriptions. Ten government agencies. 150 gigabytes of sovereign data. In December 2025, a single unidentified operator used Anthropic’s Claude and OpenAI’s ChatGPT to breach ten Mexican government agencies and a financial institution….…
-
Medusa ransomware group using zero-days to launch attacks within 24 hours of breach, Microsoft says
Microsoft said it has been alarmed to see how effective Medusa actors are, citing multiple cases where the group can move from initial access to data exfiltration and ransomware deployment within 24 hours. First seen on therecord.media Jump to article: therecord.media/medusa-ransomware-group-zero-days-microsoft
-
Why Simple Breach Monitoring is No Longer Enough
Infostealers are harvesting credentials and session cookies at scale, bypassing traditional defenses. Lunar explains why simple breach monitoring alone can’t keep up with modern credential-based attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/why-simple-breach-monitoring-is-no-longer-enough/
-
Trojanized PyPI AI Proxy Steals Claude Prompt, Exfiltrates Data
A malicious PyPI package, hermes-px, that masquerades as a “Secure AI Inference Proxy” while secretly stealing user prompts and abusing a private university AI service. Marketed as an OpenAI-compatible, Tor-routed proxy requiring no API keys, the package actually hijacks a Tunisian university’s internal AI endpoint, injects a stolen Anthropic Claude system prompt, and exfiltrates every…
-
Drift Protocol Hit in $286M Suspected North Korea-Linked Crypto Heist
Hackers have stolen approximately $286 million from Drift Protocol, a leading decentralized perpetual futures exchange on the Solana blockchain, in what security researchers believe may be a North Korea-linked cyberattack. The incident occurred on April 1, 2026, and is already being described as the largest decentralized finance (DeFi) hack of the year. Drift Protocol quickly…
-
The AI-Enabled Society of the Future Must Be Breach Ready
I am now of the firm opinion that breach readiness cannot be an enterprise-only milestone; it must also be a societal goal. The die has been cast. As AI-enabled digital services become mainstream post-2026, the societal need for AI safety and the availability of its underlying and interconnected technology labyrinths will become mainstream. If we……
-
6th April Threat Intelligence Report
The European Commission, the European Union’s executive body, has confirmed a data breach after its Europa.eu platform was compromised through a third-party exchange linked to the Trivy supply chain attack. The incident […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/6th-march-threat-intelligence-report-2/
-
6 ways attackers abuse AI services to hack your business
Tags: ai, api, attack, backdoor, breach, business, ceo, china, control, cve, cyber, cybercrime, cybersecurity, data, email, espionage, exploit, framework, group, hacking, injection, leak, LLM, malicious, malware, marketplace, microsoft, monitoring, open-source, openai, service, skills, software, startup, supply-chain, threat, tool, vulnerabilityAbusing AI platforms as covert C2 channels: Cybercriminals are also abusing AI platforms as covert command-and-control (C2) channels by turning AI services into proxies that hide malicious traffic inside the flow of legitimate content.Instead of running a dedicated C2 server, malware is programmed to fetch commands and exfiltrate data through AI services, circumventing traditional security…
-
Cyberattack Disrupts Massachusetts Emergency Dispatch, 911 Services Remain Active
A Massachusetts emergency cyberattack has temporarily disrupted the operations of the Patriot Regional Emergency Communications Center, affecting several small towns in northern Massachusetts. The breach, which began on Tuesday, has compromised town and public safety computer systems, though 9-1-1 emergency phone lines remain operational. Non-emergency and business phone lines, however, are currently out of service. First seen on thecyberexpress.com…
-
Proven incident response and business continuity strategy
From cybersecurity breaches to natural disasters, disruptive events can occur suddenly and without warning. As a result, it is crucial for organizations to develop resilient plans that not only respond to incidents in real time but also ensure long-term operational survivability. This article examines the concepts of incident response and business continuity, exploring their differences…The…
-
Hackers Breach ILSpy WordPress Domain to Deliver Malware
The official WordPress website for ILSpy, a highly popular open-source tool used by software developers to examine .NET code, has been compromised. Hackers successfully breached the site to redirect visitors and deliver malware, turning a trusted developer resource into a dangerous trap. The Redirection Attack Cybersecurity research group vx-underground confirmed the breach after receiving video…
-
Why is proactive NHI management crucial
How Can Proactive NHI Management Transform Cybersecurity? What do machine identities have in common with tourists? In cybersecurity, Non-Human Identities (NHIs) represent the digital equivalent of tourists, and their secrets are akin to passports. Mismanagement of these identities can lead to vulnerabilities and potential breaches, much like unchecked individuals crossing borders without proper travel documents….…
-
The Hack That Exposed Syria’s Sweeping Security Failures
When Syrian government accounts were hijacked in March, the breach looked chaotic. But it revealed something more troubling: a state struggling with the most basic layer of cybersecurity. First seen on wired.com Jump to article: www.wired.com/story/inside-the-hack-that-exposed-syrias-security-failures/
-
Internet-Connected Coffee Machine Reportedly Led to Corporate Data Breach
What happened An internet-connected coffee machine reportedly led to a significant corporate data breach after attackers used the device as an entry point into a secure network. A digital forensics investigator identified only as TR examined the incident after a client suspected a rival had infiltrated its systems. Instead of finding malware, the investigator found…The…
-
European Commission breach exposed data of 30 EU entities, CERT-EU says
CERT-EU says a European Commission cloud hack exposed data from 30 EU entities and links the breach to the TeamPCP group. CERT-EU attributed a European Commission cloud breach to the TeamPCP threat group, revealing that data from at least 30 EU entities was exposed. The incident was publicly disclosed on March 27 after inquiries confirmed…