Jira Down: Atlassian Users Face Widespread Service Disruption
Atlassian’s Jira platform suffered a significant outage, affecting thousands of users globally. The disruption, triggered by a faulty data migration script within Atlassian’s internal systems, impacted core services including Jira Software, Jira Work Management, and Jira Service Management. The issue cascaded across cloud services, leading to delayed updates and limited support access. Atlassian engineers rolled out rollback procedures and incremental service restoration began within 48 hours. Read more
Fake Binance Installers Spreading Malware in New Crypto-Themed Malvertising Campaign
Attackers are leveraging Google Ads to promote fake Binance installers, tricking users into downloading a backdoored Windows MSI file. The installer drops a Cobalt Strike beacon via a malicious DLL loaded through DLL sideloading techniques. The malware initiates PowerShell scripts to gain persistence and establish C2 communication. This campaign specifically targets crypto users and bypasses standard detection through obfuscation. Victims report cryptocurrency wallet compromises and credential theft. Read more
Endue Software Data Breach Exposes Health Information of Over 118,000 Patients Across U.S. Infusion Centers
A breach at Endue Software exposed sensitive patient health data across multiple U.S. infusion centers. Attackers gained unauthorized access to a legacy database via an unpatched server running outdated middleware. Exposed data includes names, DOBs, treatment details, and insurance info. The breach was detected after unusual outbound traffic was observed. Endue has since isolated the impacted environment and is coordinating with affected healthcare providers and regulators. Read more
4chan Offline After Cyberattack: Hackers Claim Full Admin Access and Leak Internal Data
4chan went offline after threat actors exploited a misconfigured backend server, gaining administrative access. Hackers dumped internal files, admin logs, and moderation notes on dark web forums. The breach allowed privilege escalation and lateral movement across systems. Logs revealed use of compromised admin credentials with no MFA enforcement. Site admins confirmed the breach and temporarily shut down the platform to investigate and implement new access controls. Read more
DaVita Confirms Ransomware Attack, Activates Containment Measures
DaVita disclosed a ransomware attack that encrypted internal systems, including patient scheduling and dialysis data. The attackers used a spear-phishing email to deploy ransomware payloads and disable EDR solutions. Lateral movement occurred via domain controller compromise, allowing attackers to escalate privileges. Containment included system isolation, server resets, and forensic investigation. DaVita is working with law enforcement and cyber response teams to prevent further damage. Read more
Landmark Admin Data Breach: 1.6 Million Affected Individuals
Landmark Admin Services suffered a breach that compromised PII of 1.6 million individuals. Attackers infiltrated the company’s cloud storage via exposed S3 bucket permissions and extracted sensitive policyholder records. The files included full names, social security numbers, and insurance data. Access was gained through a leaked API key discovered in a public GitHub repo. Landmark has revoked access, reset keys, and initiated an external security audit. Read more
Hertz Data Breach: Customer Information and Drivers’ Licenses Compromised in Cleo Zero-Day Attack
Hertz was affected by a data breach due to a zero-day vulnerability in Cleo Integration Cloud. The exploit enabled unauthorized access to customer data transfers, exposing driver’s licenses and contact information. Attackers used a crafted API request to bypass authentication in Cleo’s file transfer module. Hertz’s systems flagged abnormal activity post-breach, and incident response teams worked to patch the flaw and notify impacted users. Read more
