Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Think you're safe because you're compliant? Think again. Recent studies continue to highlight the concerning trend that compliance with major security frameworks does not necessarily prevent data breaches. Learn more from Pentera on how automated security validation bridges the security gaps. [...]
February 18th, 2025 (2 months ago)
|
|
|
Description: Hudson Rock has exposed widespread infostealer malware infections affecting employees in the U.S. military, government agencies, and major defense contractors. The findings reveal that compromised credentials—available for as little as $10 on cybercrime marketplaces—could be exploited to gain unauthorized access to classified networks, VPNs, email systems, and development tools. Hudson Rock’s report highlights significant breaches …
The post U.S. Military and Defense Contractors Hit by Infostealer Malware appeared first on CyberInsider.
February 17th, 2025 (2 months ago)
|
|
|
Description: Financial technology giant Finastra is notifying victims of a data breach after their personal information was stolen by unknown attackers who first breached its systems in October 2024. [...]
February 17th, 2025 (2 months ago)
|
|
|
Description: In mid-2019, the e-commerce website Storenvy suffered a data breach that exposed millions of customer records. A portion of the breached records were subsequently posted to a hacking forum with cracked password hashes, whilst the entire corpus of 23M rows was put up for sale. The data contained 11M unique email addresses alongside usernames, IP addresses, the user's city, gender date of birth and original salted SHA-1 password hash.
February 16th, 2025 (2 months ago)
|
CVE-2023-20198 |
Description: A newly uncovered cyber espionage campaign led by the Chinese state-sponsored hacking group Salt Typhoon (Red Mike) has compromised vulnerable Cisco devices worldwide, targeting telecommunications providers across multiple countries, including the United States, the United Kingdom, and South Africa. The attack exploits two critical privilege escalation vulnerabilities, CVE-2023-20198 and CVE-2023-20273, found in Cisco IOS XE …
The post Chinese Hackers Breach Cisco Devices in Global Telecom Attacks appeared first on CyberInsider.
CVSS: CRITICAL (10.0)
February 14th, 2025 (2 months ago)
|
|
|
Description: Rapid7's vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. [...]
February 14th, 2025 (2 months ago)
|
|
|
Description: China's Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. [...]
February 14th, 2025 (2 months ago)
|
|
|
Description: Zacks Investment Research (Zacks) last year reportedly suffered another data breach that exposed sensitive information related to roughly 12 million accounts. [...]
February 13th, 2025 (2 months ago)
|
|
|
Description: A threat actor going by the name “Gloomer” has claimed responsibility for a significant data breach at OmniGPT, an AI aggregator platform. The hacker alleges that over 34 million user-chatbot interactions, 30,000 email addresses, and phone numbers have been leaked on BreachForums, a notorious hacking forum. Additionally, the breach is said to include links to …
The post OmniGPT Allegedly Breached: 34 Million User Messages Leaked appeared first on CyberInsider.
February 13th, 2025 (2 months ago)
|
|
|
Description: Zacks Investment Research has suffered a data breach exposing nearly 12 million user accounts, according to reports on a hacking forum. The breach, which allegedly occurred in June 2024, includes sensitive user information such as names, email addresses, physical addresses, phone numbers, usernames, IP addresses, and unsalted SHA-256 password hashes. This marks the second major …
The post Zacks Investment Suffers Data Breach Impacting 12M Accounts appeared first on CyberInsider.
February 13th, 2025 (2 months ago)
|