Fortinet FortiClient EMS
Fortinet SQL Injection Vulnerability — Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP req
SaaS platforms, cloud providers, developer tooling, and app-layer infrastructure are concentrated attack surfaces. One tech vendor breach can expose thousands of downstream customers. Below is every tech-sector breach LeakTrace has indexed.
Fortinet SQL Injection Vulnerability — Fortinet FortiClient EMS contains a SQL injection vulnerability that may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP req
Adobe Acrobat Use-After-Free Vulnerability — Adobe Acrobat contains a use-after-free vulnerability that allows for code execution
Adobe Acrobat and Reader Prototype Pollution Vulnerability — Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution.
The online travel platform has not said how many customers’ booking information was exposed, but said the issue has been contained. The post Booking.com Says Hackers Accessed User Information appeared first on SecurityW
Microsoft Exchange Server Deserialization of Untrusted Data Vulnerability — Microsoft Exchange Server contains a deserialization of untrusted data that allows an authenticated attacker to achieve remote code execution.
Joe Tidy reports: Grand Theft Auto developer Rockstar Games has been targeted for a second time in three years by hackers. The data breach affecting the gaming giant was reported by cybersecurity news outlets on Saturday
Dutch healthcare IT firm ChipSoft suffered a ransomware attack, forcing services and its HiX platform offline, impacting hospitals and patients. ChipSoft, a major Dutch provider of EHR systems, was hit by a ransomware at
Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve malicious executables for the popular CPU-Z and HWMonitor tools. [...]
Dutch healthcare software vendor ChipSoft has been impacted by a ransomware attack that forced the company to take offline its website and digital services for patients and healthcare providers. [...]
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability — Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code executi
106,271 records exposed — Email addresses, Social media profiles
An active campaign has been observed targeting internet-exposed instances running ComfyUI, a popular stable diffusion platform, to enlist them into a cryptocurrency mining and proxy botnet. "A purpose-built Python s
Fortinet FortiClient EMS Improper Access Control Vulnerability — Fortinet FortiClient EMS contains an improper access control vulnerability that may allow an unauthenticated attacker to execute unauthorized code or comma
291,739 records exposed — Auth tokens, Avatars, Email addresses, Names and 2 more
TrueConf Client Download of Code Without Integrity Check Vulnerability — TrueConf Client contains a download of code without integrity check vulnerability. An attacker who is able to influence the update delivery path ca
Google Dawn Use-After-Free Vulnerability — Google Dawn contains an use-after-free vulnerability that could allow a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML pag
The European Commission has revealed details of a data breach impacting its AWS infrastructure
Lloyds app glitch exposed up to 447,936 customers’ transactions and personal data during update
Citrix NetScaler Out-of-Bounds Read Vulnerability — Citrix NetScaler ADC (formerly Citrix ADC), NetScaler Gateway (formerly Citrix Gateway) and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability wh
339,778 records exposed — Email addresses, Passwords, Usernames
1 petabyte data theft affecting 28 companies via multi-month breach by ShinyHunters
1 petabyte stolen by ShinyHunters including call records, FBI data
900K customer marketing contacts with names and email addresses exposed
User account metadata, contact details from January breach