Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Hunt quickly took to his blog to notify the public of the breach and provide further details on how this could have happened.
March 26th, 2025 (24 days ago)
|
|
Description: Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid. [...]
March 26th, 2025 (24 days ago)
|
|
Description: Cloud-based streaming company StreamElements confirms it suffered a data breach at a third-party service provider after a threat actor leaked samples of stolen data on a hacking forum. [...]
March 26th, 2025 (24 days ago)
|
|
Description: Arkana ransomware group has claimed responsibility for breaching WideOpenWest (WOW!), one of the largest U.S. cable and broadband providers. The attack, traced back to a September 2024 infection, reportedly exposed over 403,000 customer accounts and compromised backend systems critical to WOW!’s operations. Founded in 1996 and headquartered in Denver, WideOpenWest is the eighth-largest cable operator …
The post Arkana Ransomware Breached American ISP WideOpenWest (WOW!) appeared first on CyberInsider.
March 26th, 2025 (24 days ago)
|
CVE-2025-23203 |
Description: Icinga Director is an Icinga config deployment tool. A Security vulnerability has been found starting in version 1.0.0 and prior to 1.10.3 and 1.11.3 on several director endpoints of REST API. To reproduce this vulnerability an authenticated user with permission to access the Director is required (plus api access with regard to the api endpoints). And even though some of these Icinga Director users are restricted from accessing certain objects, are able to retrieve information related to them if their name is known. This makes it possible to change the configuration of these objects by those Icinga Director users restricted from accessing them. This results in further exploitation, data breaches and sensitive information disclosure. Affected endpoints include icingaweb2/director/service, if the host name is left out of the query; icingaweb2/directore/notification; icingaweb2/director/serviceset; and icingaweb2/director/scheduled-downtime. In addition, the endpoint `icingaweb2/director/services?host=filteredHostName` returns a status code 200 even though the services for the host is filtered. This in turn lets the restricted user know that the host `filteredHostName` exists even though the user is restricted from accessing it. This could again result in further exploitation of this information and data breaches. Icinga Director has patches in versions 1.10.3 and 1.11.1. If upgrading is not feasible, disable the director module for the users other than admin role for the ti...
CVSS: MEDIUM (5.5) EPSS Score: 0.04%
March 26th, 2025 (24 days ago)
|
|
Description: When people think of cybersecurity threats, they often picture external hackers breaking into networks. However, some of the most damaging breaches stem from within organizations. Whether through negligence or malicious intent, insiders can expose your organization to significant cybersecurity risks.
According to Verizon's 2024 Data Breach Investigations Report, 57% of companies experience over
March 26th, 2025 (24 days ago)
|
|
|
Description: The company reports that no sensitive information was breached or stolen in the cyber intrusion and that its operations are running normally again.
March 25th, 2025 (25 days ago)
|
|
Description: Alleged Data Breach of Worten.pt Exposes 9.6 Million Customer Records
March 25th, 2025 (25 days ago)
|
|
March 25th, 2025 (25 days ago)
|
|
Description: In March 2025, a phishing attack successfully gained access to Troy Hunt's Mailchimp account and automatically exported a list of people who had subscribed to the newsletter for his personal blog. The exported list contained 16k email addresses and other data automatically collected by Mailchimp including IP address and a derived latitude, longitude and time zone.
March 25th, 2025 (25 days ago)
|