Live disclosure tracker · updated continuously

Technology & Software Data Breaches

SaaS platforms, cloud providers, developer tooling, and app-layer infrastructure are concentrated attack surfaces. One tech vendor breach can expose thousands of downstream customers. Below is every tech-sector breach LeakTrace has indexed.

98B+
Records Exposed
1333
Incidents
94+
Countries
+104%
Breach Velocity YoY
Browse by sector
All breaches Healthcare Finance Government Technology Retail Education Legal
Browse by year
2024 2025 2026 ★ Worst of 2026

Technology & Software Data Breaches (1333 indexed)

critical · tech · May 5, 2026

We Scanned 1 Million Exposed

While the software industry has made genuine strides over the past few decades to deliver products securely, the furious pace of AI adoption is putting that progress at risk. Businesses are moving fast to self-host LLM i

View incident → Original disclosure Indexed 1 month, 4 weeks ago
medium · tech · May 5, 2026

Edge browser leaves passwords

A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses. Tom Jøran Sønstebyseter Rønning found that passwords are being saved within the bro

View incident → Original disclosure Indexed 1 month, 4 weeks ago
medium · tech · May 3, 2026

Instructure

Educational tech giant Instructure has confirmed that data was stolen in a cyberattack, with the ShinyHunters extortion gang claiming responsibility. [...]

high · tech · May 1, 2026

Linux Kernel

Linux Kernel Incorrect Resource Transfer Between Spheres Vulnerability — Linux Kernel contains an incorrect resource transfer between spheres vulnerability that could allow for privilege escalation.

high · tech · Apr 28, 2026

Microsoft Windows

Microsoft Windows Protection Mechanism Failure Vulnerability — Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.

high · tech · Apr 28, 2026

ConnectWise ScreenConnect

ConnectWise ScreenConnect Path Traversal Vulnerability — ConnectWise ScreenConnect contains a path traversal vulnerability which could allow an attacker to execute remote code or directly impact confidential data and cri

high · tech · Apr 24, 2026

SimpleHelp SimpleHelp

SimpleHelp Path Traversal Vulnerability — SimpleHelp contains a path traversal vulnerability that allows admin users to upload arbitrary files anywhere on the file system by uploading a crafted zip file (i.e. zip slip).

View incident → Original disclosure Indexed 2 months, 1 week ago
high · tech · Apr 24, 2026

Samsung MagicINFO 9 Server

Samsung MagicINFO 9 Server Path Traversal Vulnerability — Samsung MagicINFO 9 Server contains a path traversal vulnerability that could allow an attacker to write arbitrary files as system authority.

View incident → Original disclosure Indexed 2 months, 1 week ago
high · tech · Apr 24, 2026

D-Link DIR-823X

D-Link DIR-823X Command Injection Vulnerability — D-Link DIR-823X contains a command injection vulnerability that allows an authorized attacker to execute arbitrary commands on remote devices by sending a POST request to

View incident → Original disclosure Indexed 2 months, 1 week ago
high · tech · Apr 24, 2026

SimpleHelp SimpleHelp

SimpleHelp Missing Authorization Vulnerability — SimpleHelp contains a missing authorization vulnerability that could allow low-privileged technicians to create API keys with excessive permissions. These API keys can be

View incident → Original disclosure Indexed 2 months, 1 week ago
high · tech · Apr 23, 2026

Marimo Marimo

Marimo Remote Code Execution Vulnerability — Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell access and execute arbitrary system commands.

View incident → Original disclosure Indexed 2 months, 1 week ago
critical · tech · Apr 23, 2026

RAMP Uncovered

Pierluigi Paganini reports: A leaked database from RAMP gives us a rare look behind the curtain. It shows how cybercrime works when it becomes structured, commercial, and repeatable. Instead of random hackers acting alon

View incident → Original disclosure Indexed 2 months, 1 week ago