Coverage
Data Breaches
258 articles on breaches and ransomware
Advertisement
SonicWall Gen6 SSL-VPN MFA Bypass: Incomplete Patching Leads to Compromise
Hackers are bypassing MFA on SonicWall Gen6 SSL-VPN appliances via brute-force due to incomplete patching, enabling ransomware tool deployment.
_Brain_light_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale)
Analyzing Process and Culture Gaps in Modern Data Breaches
Analysis of recent breach data reveals that culture and visibility issues are primary drivers of security incidents despite legislative mandates.
Grafana Breach After TanStack Attack: Token Rotation Failure
Grafana suffered a data breach due to a GitHub workflow token not rotated after the TanStack npm supply-chain attack, impacting user data. Learn the details.
Microsoft Disrupts Fox Tempest Malware-Signing-as-a-Service Operation
Microsoft disrupts the Fox Tempest MSaaS operation which weaponized Artifact Signing to facilitate global ransomware attacks and compromise thousands of networks.
Grafana GitHub Breach: Source Code Exposed via TanStack npm Attack
Grafana Labs confirms a GitHub breach exposing internal source code following a TanStack npm supply chain attack. No customer production systems compromised.
GitHub Internal Repo Breach Claimed by TeamPCP – Code at Risk
GitHub investigates TeamPCP's claim of breaching internal repositories, potentially exposing 4,000 private codebases. Defenders must secure supply chains.
GitHub Investigates Claimed TeamPCP Breach of 4,000 Internal Repos
GitHub is investigating a potential breach of 4,000 internal repositories claimed by TeamPCP, highlighting the risk of source code leaks for enterprises.
DBIR 2026: Vulnerability Exploitation Now Top Breach Vector
Verizon's 2026 DBIR reveals vulnerability exploitation as the leading breach vector, surpassing credential theft. AI accelerates attacks, patching delays persist, and
Microsoft Disrupts MSaaS Operation Abusing Artifact Signing Service
Microsoft shuts down a malware-signing-as-a-service provider that leveraged fraudulent certificates to bypass security controls for ransomware groups.
Microsoft Disrupts Fox Tempest Malware Signing Service
Microsoft dismantled the Fox Tempest (Storm-1152) malware signing service, which issued over 10,000 fraudulent certificates to mask ransomware and other malware.
CISA Contractor Leaked AWS GovCloud Keys on GitHub: Critical Exposure
A CISA contractor publicly exposed highly privileged AWS GovCloud and internal system credentials on GitHub, detailing CISA's software development. This leak poses a
US Healthcare Data Breaches: Millions Impacted via Tracking Pixels
Millions of patient records were exposed in major healthcare breaches at Kaiser Permanente, City of Hope, and HealthEC due to tracking pixels and system access.