Vulnerabilities - The Data Breach Times

September 26, 2025

215 views 28 secs 0

UK and US security agencies order urgent fixes as Cisco firewall bugs exploited in wild

The Register reports: Cybersecurity agencies on both sides of the Atlantic are sounding the alarm over Cisco firewall vulnerabilities that are being exploited by an “advanced threat actor.” The Cybersecurity and Infrastructure Security Agency (CISA) issued an Emergency Directive on Thursday, saying there is “an unacceptable risk” to government systems if Cisco’s Adaptive Security Appliance (ASA) […]

Commentaries and Analyses, Data Breach News, Vulnerabilities

September 17, 2025

623 views 23 secs 0

Self-Replicating Worm Hits 180+ Software Packages

KrebsOnSecurity.com reports: At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub, experts warn. The malware, which briefly infected multiple code packages from the security vendor CrowdStrike, steals and publishes even more credentials every time an infected package is installed. […]

Data Breach News, Vendor News, Vulnerabilities

September 13, 2025

1011 views 45 secs 0

FBI FLASH: Cyber Criminal Groups UNC6040 and UNC6395 Compromising Salesforce Instances for Data Theft and Extortion

The FBI has issued an alert, FLASH-20250912-001. Summary The Federal Bureau of Investigation (FBI) is releasing this FLASH to disseminate Indicators of Compromise (IOCs) associated with recent malicious cyber activities by cyber criminal groups UNC6040 and UNC6395, responsible for a rising number of data theft and extortion intrusions. Both groups have recently been observed targeting […]

Healthcare, Data Breach News, Miscellaneous News, News, Vulnerabilities

September 10, 2025

827 views 10 secs 0

HHS Releases Updated Security Risk Assessment Tool

From HHS OCR:

Data Breach News, Vulnerabilities

September 09, 2025

273 views 21 secs 0

Brazil lesbian dating app shuts down after security flaw exposes sensitive user data

The Record reports: A Brazilian dating app marketed as a safe space for lesbian women shut down this week after several users uncovered a flaw that reportedly could expose sensitive data, including identity verification photos. Sapphos, which launched in early September, required users to verify their identity by submitting a selfie holding a government-issued ID. But on […]

Data Breach News, Vulnerabilities

September 07, 2025

888 views 24 secs 0

Burger King hacked, systems described as ‘solid as a paper Whopper wrapper in the rain’; Tim Hortons and Popeyes hacked too

What happens when you don’t acknowledge ethical hackers? Sometimes nothing, but sometimes you get a lot of negative coverage. Tom’s Hardware reports: Ethical hackers BobDaHacker and BobTheShoplifter have detailed their claim that they uncovered “catastrophic” vulnerabilities in multiple platforms hosted by Restaurant Brands International (RBI). While RBI may not be a very familiar name, this […]

Vulnerabilities, News

August 24, 2025

943 views 57 secs 0

CISA warns of Apple zero-day used in targeted cyberattacks

The Record reports: A recently disclosed vulnerability affecting Apple products has prompted an order for government organizations to patch the bug. The Cybersecurity and Infrastructure Security Agency (CISA) gave civilian federal agencies until September 11 to implement a fix for CVE-2025-43300 — a vulnerability affecting popular brands of Apple phones, iPads and Macbooks. Apple said on Wednesday that […]

Vulnerabilities, Data Breach News

August 22, 2025

894 views 50 secs 0

Intel Websites Exploited to Hack Every Intel Employee and View Confidential Data

Cyber Security News reports: A series of critical vulnerabilities across multiple internal Intel websites allowed for the complete exfiltration of the company’s global employee database and access to confidential supplier information. The flaws, stemming from basic security oversights, exposed the personal details of over 270,000 Intel employees and workers. The investigation from Eaton Works revealed […]

Vulnerabilities, News

August 10, 2025

959 views 37 secs 0

In pitch to hacker community, Trump’s NSC cyber lead says AI key to future of cyberdefense

a combination of a human hand and robotic arm are positioned over a keyboard

NextGov reports: At DEF CON, Alexei Bulazel said AI-powered tools will give software developers “incredible abilities” to harden networks by adding multilayered checks to the code-scanning process and catching flaws that might otherwise slip through. In the next era of cybersecurity, the best defensive tool may be a line of AI-assisted code, according to President […]

Consumer Alerts, Vulnerabilities

August 09, 2025

984 views 10 secs 0

Akira ransomware abuses CPU tuning tool to disable Microsoft Defender

“Hey, no fair!” reports Mashable: Windows users should think about reinforcing their antivirus software. And while Microsoft Defender should provide a line of defense against ransomware, a new report claims that hackers have found a way to get around the ransomware tool to infect PCs with ransomware. A GuidePoint Security report (via BleepingComputer) found that hackers are using Akira […]