*About 5,000 Okta employees had their data accessed during a third-party data breach on October 12. The breach involved stolen information, including names, Social Security numbers, and medical insurance details of both current and former employees.
*The AP News website was down because of a DDoS attack. Only some pages and story links didn’t load, but the delivery to customers and mobile apps worked fine.
By infosecbulletin
/ Friday , July 11 2025
AMD has revealed four new vulnerabilities that could enable attackers to access sensitive data via timing-based side-channel attacks. These vulnerabilities,...
Read More
By infosecbulletin
/ Thursday , July 10 2025
GitLab has released security updates for its Community Edition (CE) and Enterprise Edition (EE) to fix vulnerabilities that could enable...
Read More
By infosecbulletin
/ Thursday , July 10 2025
A newly found vulnerability (CVE-2025-7206) in the D-Link DIR-825 router firmware version 2.10 poses a significant risk to home and...
Read More
By infosecbulletin
/ Thursday , July 10 2025
Zoom released a security update addressing six newly discovered vulnerabilities in its Workplace, Rooms, and SDK products for Windows, macOS,...
Read More
By infosecbulletin
/ Wednesday , July 9 2025
Jack Dorsey, co-founder of Twitter and Block Head, launched a new peer-to-peer messaging app called Bitchat, which operates solely over...
Read More
By infosecbulletin
/ Wednesday , July 9 2025
Splunk has issued critical security updates for SOAR versions 6.4.0 and 6.4 to fix several vulnerabilities in third-party packages. The...
Read More
By infosecbulletin
/ Wednesday , July 9 2025
Cybersecurity researcher Jeremiah Fowler found an unsecured database with 245,949 records, reported to vpnMentor. It likely belonged to a tax...
Read More
By infosecbulletin
/ Wednesday , July 9 2025
Fortinet has issued a critical patch for a critical vulnerability in its FortiWeb product, a web application firewall commonly used...
Read More
By infosecbulletin
/ Wednesday , July 9 2025
Microsoft's Patch Tuesday in July 2025 is critical, featuring updates for 137 vulnerabilities, including a zero-day in Microsoft SQL Server....
Read More
By infosecbulletin
/ Tuesday , July 8 2025
ThreatFabric researchers have discovered a new sophisticated campaign by the Anatsa banking trojan targeting mobile banking users in the U.S....
Read More
*MITRE has released version 14 of the ATT&CK framework. It includes improvements to detections and ICS and mobile matrices. The new version covers a total of 760 software, 143 activity groups, and 24 campaigns in enterprise, mobile, and ICS matrices.
*48 malicious packages were found in the npm repository. These packages can deploy a reverse shell on compromised systems. They used legitimate names to deceive users.