News

SharePoint ‘ToolShell’ vulnerabilities being exploited in the wild

Bys s July 21, 2025

Sophos X-Ops sees exploitation across multiple customer estates

News

HHS Office for Civil Rights Settles HIPAA Security Rule Investigation; Northeast Radiology agrees to corrective action plan and $350,000 monetary penalty
Bys s April 10, 2025

Over the past few years, DataBreaches has reported on a breach involving Northeast Radiology and its business associate, Alliance Healthcare Services. In March 2020, Northeast Radiology revealed its patient data was involved in a breach Alliance notified them about in January, 2020. TechCrunch had contacted Northeast Radiology about its unpatched PACS servers in 2019, but…

Read More HHS Office for Civil Rights Settles HIPAA Security Rule Investigation; Northeast Radiology agrees to corrective action plan and $350,000 monetary penalty
News

Gravity Forms Breach Hits 1M WordPress Sites
Bys s July 14, 2025

Victoria Mossi reports: In a startling revelation for the WordPress community, a critical security breach has been uncovered in the widely used Gravity Forms plugin, signaling a sophisticated supply chain attack. According to a detailed report by Patchstack, malicious code was embedded in manual installers available directly from the official Gravity Forms website, affecting versions…

Read More Gravity Forms Breach Hits 1M WordPress Sites
News

Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
Bys s March 3, 2025

Google has released its monthly Android Security Bulletin for March 2025 to address a total of 44 vulnerabilities, including two that it said have come under active exploitation in the wild. The two high-severity vulnerabilities are listed below – CVE-2024-43093 – A privilege escalation flaw in the Framework component that could result in unauthorized access…

Read More Google’s March 2025 Android Security Update Fixes Two Actively Exploited Vulnerabilities
News

Google Patches Critical Zero-Day Flaw in Chrome’s V8 Engine After Active Exploitation
Bys s July 1, 2025

Google has released security updates to address a vulnerability in its Chrome browser for which an exploit exists in the wild. The zero-day vulnerability, tracked as CVE-2025-6554 (CVSS score: N/A), has been described as a type confusing flaw in the V8 JavaScript and WebAssembly engine. “Type confusion in V8 in Google Chrome prior to 138.0.7204.96…

Read More Google Patches Critical Zero-Day Flaw in Chrome’s V8 Engine After Active Exploitation
News

How to Advance from SOC Manager to CISO?
Bys s July 22, 2025

Making the move from managing a security operations center (SOC) to being a chief information security officer (CISO) is a significant career leap. Not only do you need a solid foundation of tech knowledge but also leadership skills and business smarts. This article will guide you through the practical steps and skills you’ll need to…

Read More How to Advance from SOC Manager to CISO?
News

Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme
Bys s June 7, 2025

Jay Clayton, the United States Attorney for the Southern District of New York, and Christopher G. Raia, the Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), announced that KINGSLEY UCHELUE UTULU was sentenced today by U.S. District Judge Paul G. Gardephe to 63 months in prison for…

Read More Nigerian National Sentenced To More Than Five Years For Hacking, Fraud, And Identity Theft Scheme

Similar Posts