Live disclosure tracker · updated continuously

Technology & Software Data Breaches

SaaS platforms, cloud providers, developer tooling, and app-layer infrastructure are concentrated attack surfaces. One tech vendor breach can expose thousands of downstream customers. Below is every tech-sector breach LeakTrace has indexed.

98B+
Records Exposed
1333
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

Technology & Software Data Breaches (1333 indexed)

medium · tech · Jun 18, 2026

ThreatsDay Bulletin

The internet did not break this week. It got used exactly as designed, which is worse. Searches were siphoned through shady browser add-ons. AI chat links turned into malware delivery paths. macOS attacks ran in memory

View incident → Original disclosure Indexed 2 weeks, 1 day ago
high · tech · Jun 18, 2026

Splunk Enterprise

Splunk Enterprise Missing Authentication for Critical Function Vulnerability — Splunk Enterprise contains a missing authentication for critical function vulnerability which could allow an unauthenticated user to create o

View incident → Original disclosure Indexed 2 weeks, 1 day ago
medium · tech · Jun 15, 2026

Governing the ghost workforce

Every enterprise security team is fighting a workforce problem they cannot see on any org chart. Bots, service accounts, API keys, OAuth tokens, machine certificates — non-human identities now outnumber human ones in

View incident → Original disclosure Indexed 2 weeks, 4 days ago
medium · tech · Jun 15, 2026

⚡ Weekly Recap: Chrome 0-Day,

Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod. This week is the same lesson in a new form: phishing kits are easier

View incident → Original disclosure Indexed 2 weeks, 4 days ago
high · tech · Jun 15, 2026

LiteSpeed cPanel Plugin

LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability — LiteSpeed cPanel plugin contains a UNIX symbolic link (Symlink) following vulnerability that could allow a user with FTP or web shell access

View incident → Original disclosure Indexed 2 weeks, 4 days ago
high · tech · Jun 15, 2026

Cisco Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability — Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an authenticated, remote attacker to create a

View incident → Original disclosure Indexed 2 weeks, 4 days ago
medium · tech · Jun 13, 2026

Arch Linux AUR Packages Hijacked

Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built t

View incident → Original disclosure Indexed 2 weeks, 6 days ago
medium · tech · Jun 11, 2026

ThreatsDay Bulletin

It's been one of those weeks. You expect the usual noise: recycled malware, sloppy attacks, another easy target getting hit. Instead, there's a supply chain attack kit in a public repo, a $5,000-a-month RAT that clones b

View incident → Original disclosure Indexed 3 weeks, 1 day ago
high · tech · Jun 11, 2026

Ivanti Sentry

Ivanti Sentry OS Command Injection Vulnerability — Ivanti Sentry (formerly known as MobileIron Sentry) contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level

View incident → Original disclosure Indexed 3 weeks, 1 day ago
critical · tech · Jun 10, 2026

Autonomous AI agents duped into

AI agents given access to corporate email and business applications could become a new phishing target for attackers, according to cybersecurity researchers, after a test agent built on OpenClaw was tricked into sharing

View incident → Original disclosure Indexed 3 weeks, 2 days ago
high · tech · Jun 9, 2026

Google Chromium V8

Google Chromium V8 Out-of-Bounds Read and Write Vulnerability — Google Chromium V8 out-of-bounds read and write vulnerability that could allow a remote attacker to execute arbitrary code inside a sandbox via a crafted HT

View incident → Original disclosure Indexed 3 weeks, 3 days ago
high · tech · Jun 9, 2026

Cisco Catalyst SD-WAN Manager

Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability — Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerab

View incident → Original disclosure Indexed 3 weeks, 3 days ago
medium · tech · Jun 9, 2026

ServiceNow

ServiceNow is warning about a security incident after attackers exploited an unauthenticated access flaw through a vulnerable API endpoint, allowing them to query data from customer instances. [...]

View incident → Original disclosure Indexed 3 weeks, 3 days ago
high · tech · Jun 8, 2026

BerriAI LiteLLM

BerriAI LiteLLM Command Injection Vulnerability — BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrar

View incident → Original disclosure Indexed 3 weeks, 4 days ago
high · tech · Jun 8, 2026

Check Point Security Gateway

Check Point Security Gateway Improper Authentication Vulnerability — Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacke

View incident → Original disclosure Indexed 3 weeks, 4 days ago