Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: A threat actor posted data on Breachforums from an alleged supply-chain attack that affected more than 140K tenants, claiming to have compromised the cloud via a zero-day flaw in WebLogic, researchers say.
March 24th, 2025 (26 days ago)
|
|
Description: A hacker hijacked New York University’s (NYU) website on Saturday morning, leaking highly sensitive admissions data for more than 3 million applicants spanning over three decades. The breach, which lasted approximately two hours, also included accusations that NYU has continued to factor race into its admissions decisions despite the U.S. Supreme Court’s 2023 ban on …
The post NYU Website Hack Leads to the Exposure of 3 Million Applicants’ Data appeared first on CyberInsider.
March 24th, 2025 (26 days ago)
|
|
Description: The supply chain attack involving the GitHub Action "tj-actions/changed-files" started as a highly-targeted attack against one of Coinbase's open-source projects, before evolving into something more widespread in scope.
"The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for further compromises,"
March 23rd, 2025 (28 days ago)
|
|
Description: Alleged Data Breach of Empik.com Exposes 24.7 Million User Records
March 22nd, 2025 (28 days ago)
|
|
Description: Researchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised secrets in hundreds of repositories. [...]
March 21st, 2025 (29 days ago)
|
|
Description: Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company's Oracle Cloud federated SSO login servers [...]
March 21st, 2025 (29 days ago)
|
|
Description: Federal prosecutors said Matthew Weiss, a former assistant football coach at the University of Michigan, learned hacking skills to breach online databases, primarily targeting "female college athletes."
March 20th, 2025 (30 days ago)
|
|
Description: A data breach at the spyware operation SpyX has exposed nearly 2 million user accounts, including thousands of Apple customers, revealing personal information such as email addresses, IP addresses, and even plaintext iCloud credentials. The breach, which dates back to June 2024 but has only now come to light, underscores the ongoing risks associated with …
The post SpyX Spyware Breach Exposes Thousands of Apple iCloud Passwords appeared first on CyberInsider.
March 20th, 2025 (about 1 month ago)
|
|
Description: In June 2024, spyware maker SpyX suffered a data breach that exposed almost 2M unique email addresses. The breach also exposed IP addresses, countries of residence, device information and 6-digit PINs in the password field. Further, a collection of iCloud credentials likely used to monitor targets directly via the cloud were also in the breach and contained the target's email address and plain text Apple password.
March 19th, 2025 (about 1 month ago)
|
|
Description: A malware operation dubbed 'DollyWay' has been underway since 2016, compromising over 20,000 WordPress sites globally to redirect users to malicious sites. [...]
March 19th, 2025 (about 1 month ago)
|