News

Avnet Confirms EMEA Data Breach, Says Stolen Information Is Mostly Unreadable Without Internal Tools
Cybersecurity
Avnet Confirms EMEA Data Breach, Says Stolen Information Is Mostly Unreadable Without Internal Tools
Avnet confirmed a cyberattack on an EMEA cloud storage system. The company said stolen data was largely unreadable without its proprietary tools and global operations ...
Doctors Imaging Group Data Breach Exposes 171,000 Patients’ Medical and Financial Records
Cybersecurity
Doctors Imaging Group Data Breach Exposes 171,000 Patients’ Medical and Financial Records
A November 2024 breach at Doctors Imaging Group exposed PHI and PII for 171,000 patients; forensics concluded in August 2025 and patient notifications followed.
DraftKings Says Credential Reuse Behind Targeted Account Intrusions, Not Internal Breach
Cybersecurity
DraftKings Says Credential Reuse Behind Targeted Account Intrusions, Not Internal Breach
DraftKings confirmed credential stuffing attacks targeting customer accounts, exposing limited personal data. The company ordered password resets, mandated multifactor authentication, and confirmed no internal breach ...
BK Technologies Cyberattack Contained as Employee Data Accessed by Threat Actors
Cybersecurity
BK Technologies Cyberattack Contained as Employee Data Accessed by Threat Actors
BK Technologies confirmed a late-September cyberattack compromising internal systems and employee data, but swift containment and forensic analysis prevented further escalation or operational disruption.
Red Hat Data Breach Escalates as ShinyHunters Joins Extortion
Cybersecurity
Red Hat Data Breach Escalates as ShinyHunters Joins Extortion
Red Hat faces escalated extortion as ShinyHunters lists sampled Customer Engagement Reports from the breach; samples name major clients and set an October 10 ransom ...
RediShell Zero-Day in Redis Permits Remote Code Execution on Exposed Instances
Cybersecurity
RediShell Zero-Day in Redis Permits Remote Code Execution on Exposed Instances
Critical RediShell zero-day (CVE-2025-49844) enables Lua-based remote code execution on Redis; administrators must patch, disable Lua where possible and secure exposed instances immediately.
Oracle E-Business Suite Zero-Day Exploited, Authorities Urge Immediate Patching
Cybersecurity
Oracle E-Business Suite Zero-Day Exploited, Authorities Urge Immediate Patching
Oracle E-Business Suite zero-day CVE-2025-61882 is under active exploitation; emergency patches are available and organizations must patch and investigate potential compromise immediately.
NIST Flags DeepSeek Adoption Over Security, Censorship and Cost Concerns
Cybersecurity
NIST Flags DeepSeek Adoption Over Security, Censorship and Cost Concerns
NIST analysis finds DeepSeek models lag U.S. counterparts, cost more, are easier to hijack, and exhibit CCP-aligned censorship, prompting security and policy warnings for adopters.
Unity Engine Flaw Permits Code Execution on Android and Escalation on Windows
Cybersecurity
Unity Engine Flaw Permits Code Execution on Android and Escalation on Windows
A Unity runtime flaw (CVE-2025-59489) allows malicious apps or inputs to load attacker libraries, enabling code execution on Android and privilege escalation on Windows; developers ...
Salesforce Faces Extortion Threat After Salesloft OAuth Token Exploits
Cybersecurity
Salesforce Faces Extortion Threat After Salesloft OAuth Token Exploits
A hacking consortium claims Salesloft OAuth tokens were abused to extract CRM records from 700+ companies; Salesforce says claims relate to past or unverified incidents ...