A large-scale automated credential harvesting campaign has been actively exploiting CVE-2025-55182, the critical React Server Components vulnerability known as React2Shell,...
Also Known As: PCPcat, ShellForce, DeadCatx3, PersyPCP, CanisterWorm First Observed: September 2025 Primary Operations: Supply chain compromise, credential theft, ransomware...
Hims & Hers, the San Francisco-based telehealth company with nearly $1 billion in annual revenue, has confirmed a data breach...
A compliance technology vendor trusted with some of the most sensitive communications in financial services has allegedly been gutted. FulcrumSec,...
ShinyHunters posted a "FINAL WARNING" on their dark web leak site targeting Cisco, claiming possession of data stolen across 3...
Cisco's internal development environment was compromised through stolen credentials from the March 2026 Trivy vulnerability scanner supply chain attack, resulting...
The Iran-linked Handala Hack group posted claims on March 31, 2026 alleging compromise of IranWire, an independent news platform operated...
The Iran-affiliated Nasir Security group published claims on March 30, 2026 alleging months-long access to Dubai International Airport systems with...
On March 31, 2026, the widely used Axios HTTP client library was compromised in a supply chain attack that delivered...
The Worldleaks extortion group posted San Felipe Del Rio CISD, a Texas school district serving the Del Rio area, to...
Check your email against 12 billion+ leaked records — then set up alerts so you're the first to know if you appear in a new breach.
Powered by BreachNews
