Checkmarx Confirms GitHub Repository Data Posted on Dark Web After March 23 Attack

Checkmarx has disclosed that its ongoing investigation tied to the supply chain security incident has revealed that a cybercriminal group published data related to the company on the dark web. "Based on current evidence, we believe this data originated from Checkmarx's GitHub repository, and that...

ShinyHunters Claims 350GB Data Breach at European Commission

ShinyHunters claims it breached European Commission systems, leaking 350GB of data. Officials are investigating, with no independent verification yet...

`tracing-check` was removed from crates.io for malicious code

This is part of an ongoing campaign to attempt to typosquat crates in the polymarket-client-sdk ecosystem to exfiltrate user credentials. The malicious crate had 1 version published on 2026-02-24 approximately 4 hours before removal and had no evidence of actual downloads. There were no crates...

CVE-2025-20393

A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due...

Coupang Data Breach Affects All 33.7 Million South Korean Accounts

Coupang confirms a data breach affecting 33.7 million users in South Korea, exposing names, contacts and order details. Investigation is ongoing...

AIPAC Discloses Data Breach, Says Hundreds Affected

AIPAC reports data breach after external system access, hundreds affected, investigation ongoing with added security steps...

Salesloft Drift Supply Chain Incident

We recently became aware of a widespread Salesloft / Drift supply chain incident that impacted third-party integrations with Drift. We are providing this update as part of our commitment to transparency and keeping our customers informed about the security of our platform and products. The key...

CVE-2024-28125

FitNesse all releases allows a remote authenticated attacker to execute arbitrary OS commands. Note: A contributor of FitNesse has claimed that this is not a vulnerability but a product specification and this is currently under further investigation...

PT-2024-22277 · Fitnesse · Fitnesse

Name of the Vulnerable Software and Affected Versions: FitNesse all releases Description: The issue allows a remote authenticated attacker to execute arbitrary OS commands. Note that this behavior is claimed by a contributor to be a product specification rather than a vulnerability, and this is...

SA40312 - September 22 2016 OpenSSL Security Advisory

Edit: 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. On September 22, 2016 the OpenSSL project announced a group of new security advisories. These issues affect all supported versions of Pulse Secure products. For a list of supported...

SA44676 - December 08 2020 OpenSSL Security Advisory

Problem On December 08 2020, the OpenSSL project announced a new security advisory. These issues may affect Pulse Secure product. Refer to KB43892 - What releases will Pulse Secure apply fixes to resolve security vulnerabilities? per our End of Engineering EOE and End of Life EOL policies. The...

Microsoft Says SolarWinds Hackers Accessed Some of Its Source Code

Microsoft on Thursday revealed that the threat actors behind the SolarWinds supply chain attack were able to gain access to a small number of internal accounts and escalate access inside its internal network. The "very sophisticated nation-state actor" used the unauthorized access to view, but no...

The Great $50M African IP Address Heist

A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly...

Binance Confirms Hacker Obtained Its Users' KYC Data from 3rd-Party Vendor

As suspected, the KYC details of thousands of Binance's customers that hackers obtained and leaked online earlier this month came from the company's third-party vendor, Malta-based cryptocurrency exchange Binance confirmed. For those unaware, Binance, the world's largest cryptocurrency exchange b...

Baltimore City Shuts Down Most of Its Servers After Ransomware Attack

For the second time in just over a year, the city of Baltimore has been hit by a ransomware attack, affecting its computer network and forcing officials to shut down a majority of its computer servers as a precaution. Ransomware works by encryption files and locking them up so users can't access...

Airbus Suffers Data Breach, Some Employees' Data Exposed

European airplane maker Airbus admitted yesterday a data breach of its "Commercial Aircraft business" information systems that allowed intruders to gain access to some of its employees' personal information. Though the company did not elaborate on the nature of the hack, it claimed that the...

Dixons Carphone Data Breach Affects 10 Million Customers

Dixons Carphone's 2017 data breach was worse than initially anticipated. In an announcement on Monday, Dixons Carphone, one of the largest consumer electronics and telecommunication retailers in Europe, admitted that the breach affected around 10 million customers, up from an initial estimate of...

20000 patient records Breach at Stanford Hospital

20000 patient records Breach at Stanford Hospital Last month Stanford University's hospital discovered a massive privacy breach when 20,000 emergency room records appeared online. The records included names, diagnosis codes, account numbers, dates of admission and discharge, and billing charges...

Citigroup hacked again - 92,000 customers info exposed from Japan

Citigroup hacked again - 92,000 customers info exposed from Japan For the second time this year, Citigroup has suffered a major breach of its credit customers' personal information; this time the breach involved 92,400 customers at its Japanese unit. Citigroup's Japanese credit card unit said...

IRIX telnetd vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: IRIX telnetd vulnerability Number: 20000801-01-A Date: August 14, 2000 SGI provides this information freely to the SGI user community for its consideration, interpretation, implementation and use. SGI recommends that this information...