Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
Coinbase was primary target of recent GitHub Actions breaches
Description: Researchers have determined that Coinbase was the primary target in a recent GitHub Actions cascading supply chain attack that compromised secrets in hundreds of repositories. [...]
Source: BleepingComputer
March 21st, 2025 (3 months ago)
Oracle denies breach after hacker claims theft of 6 million data records
Description: Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company's Oracle Cloud federated SSO login servers [...]
Source: BleepingComputer
March 21st, 2025 (3 months ago)
Former Michigan football coach indicted in hacks of athlete databases of more than 100 colleges
Description: Federal prosecutors said Matthew Weiss, a former assistant football coach at the University of Michigan, learned hacking skills to breach online databases, primarily targeting "female college athletes."
Source: The Record
March 20th, 2025 (3 months ago)
SpyX Spyware Breach Exposes Thousands of Apple iCloud Passwords
Description: A data breach at the spyware operation SpyX has exposed nearly 2 million user accounts, including thousands of Apple customers, revealing personal information such as email addresses, IP addresses, and even plaintext iCloud credentials. The breach, which dates back to June 2024 but has only now come to light, underscores the ongoing risks associated with … The post SpyX Spyware Breach Exposes Thousands of Apple iCloud Passwords appeared first on CyberInsider.
Source: CyberInsider
March 20th, 2025 (3 months ago)
SpyX - 1,977,011 breached accounts
Description: In June 2024, spyware maker SpyX suffered a data breach that exposed almost 2M unique email addresses. The breach also exposed IP addresses, countries of residence, device information and 6-digit PINs in the password field. Further, a collection of iCloud credentials likely used to monitor targets directly via the cloud were also in the breach and contained the target's email address and plain text Apple password.
Source: HaveIBeenPwnedLatestBreaches
March 19th, 2025 (3 months ago)
Malware campaign 'DollyWay' breached 20,000 WordPress sites
Description: A malware operation dubbed 'DollyWay' has been underway since 2016, compromising over 20,000 WordPress sites globally to redirect users to malicious sites. [...]
Source: BleepingComputer
March 19th, 2025 (3 months ago)
Alleged Data Breach of Silent Prospector
Description: Alleged Data Breach of Silent Prospector
Source: DarkWebInformer
March 19th, 2025 (3 months ago)
Pennsylvania education union data breach hit 500,000 people
Description: The Pennsylvania State Education Association (PSEA), the largest public-sector union in Pennsylvania, is notifying over half a million individuals that attackers stole their personal information in a July 2024 security breach. [...]
Source: BleepingComputer
March 19th, 2025 (3 months ago)
Infosys Settles $17.5M Class Action Lawsuit After Sprawling Third-Party Breach
Description: Several major companies in the finance sector were impacted by the third-party breach, prompting them to notify thousands of customers of their compromised data.
Source: Dark Reading
March 19th, 2025 (3 months ago)
Half a million people impacted by Pennsylvania State Education Association data breach
Description: More than 500,000 people were impacted by a cyberattack on the Pennsylvania State Education Association (PSEA) that took place in July 2024.
Source: The Record
March 19th, 2025 (3 months ago)