A massive data breach at Sydney Tools exposed over 34 million customer orders and sensitive employee data, including names, addresses, and salaries. The unsecured database ...

Columbia Eye Clinic in South Carolina suffered a data breach, potentially a ransomware attack, exposing patient data including names, contact information, and procedure codes.

Critical VMware Tools vulnerability (CVE-2025-22230) enables privilege escalation on Windows VMs. Immediate patching is paramount for enterprise security.

Numotion's latest data breach exposed the personal and health information of nearly 500,000 individuals, following a series of similar incidents, leading to multiple lawsuits.

Cloudflare's R2 service suffered a 77-minute outage due to a password rotation error, highlighting the risks of human error in cloud infrastructure.

Critical Next.js vulnerability (CVE-2025-29927) lets attackers bypass authorization, impacting versions before 15.2.3. Urgent updates are needed.

A major cyberattack targeted Ukraine's railway system, disrupting online services but not train operations. Restoration efforts are ongoing.

Astral Foods suffered a cyberattack causing a R20 million profit loss and operational disruption. Swift recovery was implemented, but the incident highlights the need for ...

The new VanHelsing ransomware targets various systems, employing advanced encryption techniques and demanding ransoms up to $500,000 from its victims.

INTERPOL's Operation Red Card resulted in the arrest of 306 cybercrime suspects across seven African nations, seizing thousands of devices used in various scams.

A massive Oracle Cloud breach exposed 6 million records, impacting 140,000 businesses. The attacker, "rose87168," is selling the data and demanding ransoms.

NYU's March 2025 data breach exposed millions of applicants' personal data, prompting a class action lawsuit investigation. Attorneys seek to recover compensation for affected individuals.

Microsoft's Trusted Signing service is being abused to code-sign malware using short-lived certificates. This allows malicious software to bypass security and appear legitimate. Microsoft is ...

A major GitHub Actions breach targeted Coinbase, exploiting the tj-actions/changed-files action to steal secrets. Although Coinbase claims no damage, the attack highlights supply chain vulnerabilities.

CISA warns of a critical NAKIVO backup flaw, CVE-2024-48248, allowing unauthorized file access, urging organizations to patch systems promptly.

A GitHub Action supply chain attack exposed secrets from 218 repositories due to malicious code in tj-actions/changed-files, impacting popular projects and potentially causing further supply ...

Critical remote code execution vulnerability in WordPress plugin WP Ghost allows attackers to hijack servers. Urgent updates are required.

Cisco's Smart Licensing Utility vulnerabilities CVE-2024-20439 and CVE-2024-20440 are now exploited, allowing unauthorized access through a backdoor admin account.

HellCat hackers are exploiting compromised Jira credentials in a worldwide hacking spree, targeting companies like Ascom and Jaguar Land Rover, stealing sensitive data including source ...