Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Nearly 3,000 North Face website customer accounts breached as retail incidents continue
Description: The parent company of apparel brand The North Face sent data breach notification letters to about 3,000 customer accounts, saying attackers used the technique known as credential stuffing.
Source: The Record
June 4th, 2025 (4 days ago)
Your SaaS Data Isn't Safe: Why Traditional DLP Solutions Fail in the Browser Era
Description: Traditional data leakage prevention (DLP) tools aren't keeping pace with the realities of how modern businesses use SaaS applications. Companies today rely heavily on SaaS platforms like Google Workspace, Salesforce, Slack, and generative AI tools, significantly altering the way sensitive information is handled. In these environments, data rarely appears as traditional files or crosses networks
Source: TheHackerNews
June 4th, 2025 (4 days ago)
🏴‍☠️ Incransom has just published a new victim : cemeteries.local
Description: The Catholic Cemeteries of the Diocese of Hamilton provides burial and cremation services specifically for Catholics and their families, regardless of their family's religious affiliation. These cemeteries serve as sacred places for prayer, reflection, and honoring deceased loved ones, with a focus on maintaining a faithful representation of the community's beliefs. They offer pre-arrangement options for burial plots, cremation niches, and other memorial services without pressure sales tactics. The organization emphasizes compassionate care and respect for traditions within the Catholic faith.
Source: Ransomware.live
June 4th, 2025 (4 days ago)
🏴‍☠️ Lynx has just published a new victim : university of chile
Description: Universidad de Chile, located in Santiago, is the oldest and the most prestigious public university in Chile. It is recognized as one of the best universities in Latin America for its leadership and innovation in science, technology, social sciences, and arts. It was also listed among the 400 best universities in the world. Its five campuses and world-class facilities educate over 43,000 undergraduate and graduate students and offer more than 39 doctoral programs and 115 master programs. Notable alumni include Nobel laureates Pablo Neruda and Gabriela Mistral, twenty Chilean presidents and two presidents from other countries (Mexico and Ecuador)
Source: Ransomware.live
June 4th, 2025 (4 days ago)
Stronger Cloud Security in Five: 3 Quick Ways to Improve Kubernetes Security in GCP
Description: In this fifth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three best practices for quickly hardening your Kubernetes environment’s security in GCP: remove wide inbound access to cluster APIs; remove root permissions from containers; and remove privileged permissions from publicly accessible groups. Securing your Kubernetes environment is critical in order to protect your cloud application development lifecycle and your container orchestration. However, properly configuring and managing Kubernetes is complicated, and this often leads to lax security controls that put organizations at an elevated risk for a breach.As the “Tenable Cloud Risk Report 2024” found, security weaknesses in Kubernetes environments aren’t the exception – they’re the norm:78% of organizations have publicly accessible Kubernetes API servers, and 41% of those are set to allow inbound internet access.44% run privileged containers, which have access to the host’s resources and kernel capabilities, making them a major risk if attackers gain access to them.58% have cluster-admin role bindings, which give some users complete control over all of their organizations’ Kubernetes environments.Here we outline three best practices that take no more than five minutes to implement and that’ll quickly boost the security of your Google Cloud Platform’s (GCP) Kubernetes environment. Read on!Remove wide inbound access to clusters’ APIsThe Google Kubernetes Engine (GKE) API lets you q...
Source: Tenable Blog
June 4th, 2025 (4 days ago)
Acreed infostealer poised to replace Lumma after global crackdown
Description: The Acreed malware, which emerged earlier this year, is gaining ground with cybercriminals who otherwise might have used the Lumma infostealer, researchers said.
Source: The Record
June 4th, 2025 (4 days ago)
How to Approach Security in the Era of AI Agents
Description: Organizations need to implement these five essential security controls to safely harness the power of autonomous AI agents while still protecting enterprise assets.
Source: Dark Reading
June 4th, 2025 (4 days ago)
🏴‍☠️ Blacklock has just published a new victim : Solar City Tyre Service
Description: Established in 1994, Solar City Tyres is a local independent business servicing commercial companies, local farmers and earthmoving companies.
Source: Ransomware.live
June 4th, 2025 (4 days ago)
🏴‍☠️ Incransom has just published a new victim : Funktel GmbH
Description: With its head office in Salzgitter, funktel GmbH is a leading manufacturer of professional security and communication solutions based on DECT and TETRA for industry, public utilities and authorities. funktel GmbH become a victim of the largest data breach. 3.5TB sensitive data will be published soon in our blog.
Source: Ransomware.live
June 4th, 2025 (4 days ago)
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Description: Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens, once again demonstrating the variety of supply chain threats lurking in open-source ecosystems. The findings come from multiple reports published by Checkmarx,
Source: TheHackerNews
June 4th, 2025 (4 days ago)