Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
The Crowded Battle: Key Insights from the 2025 State of Pentesting Report
Description: In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises (200 from within the USA) to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks they have to handle. The findings reveal a complex picture of progress, challenges, and a shifting mindset
Source: TheHackerNews
May 20th, 2025 (18 days ago)
Fake KeePass password manager leads to ESXi ransomware attack
Description: Threat actors have been distributing trojanized versions of the KeePass password manager for at least eight months to install Cobalt Strike beacons, steal credentials, and ultimately, deploy ransomware on the breached network. [...]
Source: BleepingComputer
May 19th, 2025 (19 days ago)
Breaches at Serviceaide, Nationwide Recovery Services expose medical info of more than 500,000 people
Description: Hospitals tied to the two companies announced breaches over the last week involving Social Security numbers, financial information and sensitive health insurance data.
Source: The Record
May 19th, 2025 (19 days ago)
SK Telecom Confirms 29 Million Customers Exposed Since 2022
Description: SK Telecom has now confirmed that a massive data breach involving 26.95 million USIM records has affected nearly its entire subscriber base, raising serious concerns about the depth and duration of the compromise. The latest findings from a joint government-private investigation reveal that the company's systems were infected with 25 different strains of malware — … The post SK Telecom Confirms 29 Million Customers Exposed Since 2022 appeared first on CyberInsider.
Source: CyberInsider
May 19th, 2025 (19 days ago)
UK Legal Aid Agency confirms applicant data stolen in data breach
Description: The United Kingdom's Legal Aid Agency (LAA) has confirmed that a recent cyberattack is more serious than first believed, with hackers stealing a large trove of sensitive applicant data in a data breach. [...]
Source: BleepingComputer
May 19th, 2025 (19 days ago)
UK government confirms massive data breach following hack of Legal Aid Agency
Description: A large cache of sensitive data about people who applied for legal aid in the U.K. is potentially in the possession of cybercriminals, the government said.
Source: The Record
May 19th, 2025 (19 days ago)
Australian Human Rights Commission Leaks Docs in Data Breach
Description: An internal error led to public disclosure of reams of sensitive data that could be co-opted for follow-on cyberattacks.
Source: Dark Reading
May 16th, 2025 (22 days ago)
OPM urged to continue identity protection contracts shielding people affected by 2015 hack
Description: Sen. Mark Warner said the Office of Personnel Management must maintain ID protection services for millions of people whose data was stolen in a massive 2015 data breach at the agency.
Source: The Record
May 16th, 2025 (22 days ago)
Ransomware gangs increasingly use Skitnet post-exploitation malware
Description: Ransomware gang members increasingly use a new malware called Skitnet ("Bossnet") to perform stealthy post-exploitation activities on breached networks. [...]
Source: BleepingComputer
May 16th, 2025 (22 days ago)
Big Steelmaker Halts Operations After Cyber Incident
Description: Nucor made it clear its investigation is still in the early stages and didn't specify the nature or scope of the breach, nor who the threat actor might be.
Source: Dark Reading
May 15th, 2025 (23 days ago)