OnSolve CodeRED Cyberattack Hits Emergency Systems
The OnSolve CodeRED cyberattack disrupted emergency alert services across the United States and exposed sensitive user data. CodeRED supports thousands of municipalities, police departments and public-safety agencies. When attackers breached the system, the incident raised serious concerns about the resilience of national emergency-communication infrastructure. Attack Overview Attackers claimed they infiltrated the CodeRED platform on November 1, 2025. They stated they
Iberia data leak exposes supplier-level security weaknesses
Iberia, one of Europe’s largest airlines and the flag carrier of Spain, is dealing with a security incident involving customer information accessed through a compromised vendor system. The Iberia data leak emerged after the supplier reported a breach that exposed limited passenger details, prompting the airline to launch its internal security protocol. The disclosure also revived interest in a separate
PlushDaemon Supply Chain Attacks Reveal Update Security Flaws
A recent investigation reveals how the PlushDaemon supply chain threat actor compromises trusted software updates through DNS manipulation and a multi-stage malware operation. The group redirects update traffic to malicious servers by exploiting vulnerable routers and injecting hidden implants. Their campaign exposes a critical weakness in modern update paths, where many organisations rely on automated downloads without validating the source.
Logitech Data Breach Exposes Private Information
A recent Logitech data breach has raised serious concerns after the company confirmed an extortion attack linked to the Clop ransomware group. Logitech reported that attackers stole internal data by exploiting a third-party zero-day vulnerability. The incident highlights ongoing risks in enterprise systems and underscores growing pressure on global companies to strengthen supply-chain security. How the Attack Began Logitech disclosed
DoorDash Data Breach Exposes User Contact Information
A new DoorDash data breach surfaced in late October 2025 and raised fresh concerns about security inside major delivery platforms. DoorDash confirmed an unauthorized party accessed user contact information after a social-engineering attack compromised an employee. The incident adds pressure to a company already criticized for past security failures and increases the risk of future targeted fraud. What Happened During
Miljödata Data Breach Exposes 1.5 Million Records in Sweden
A large-scale cyberattack has shaken Sweden after the Miljödata data breach exposed sensitive information belonging to about 1.5 million people. The incident, affecting a major municipal software supplier, has prompted national investigations by IMY and CERT-SE. How the Breach Happened Miljödata, one of Sweden’s most widely used IT suppliers for municipalities, revealed in late August 2025 that its systems had
Gmail Data Breach Claims Once Again Denied by Google
Recent rumors of a Gmail data breach sparked widespread concern online, with reports claiming millions of accounts had been compromised. Google swiftly dismissed these allegations, explaining that the supposed “breach” stemmed from previously stolen data recycled from old leaks and malware logs, not a new compromise of Gmail’s systems. False reports spark panic The controversy began when online posts alleged
Sotheby’s Data Breach Exposes Employee Financial Information
Sotheby’s data breach has sparked alarm across the luxury art world. The prestigious auction house confirmed that an unknown attacker accessed internal systems, exposing sensitive financial and personal information belonging to employees. The incident occurred in late July 2025. It was discovered after suspicious activity was detected within Sotheby’s network. The company quickly launched an investigation and involved external cybersecurity
SonicWall VPN Breach Hits Over 100 Accounts in Cyberattacks
The SonicWall VPN breach has triggered urgent warnings for organizations worldwide. Security analysts report that attackers accessed more than 100 SonicWall SSL VPN accounts using stolen credentials. The coordinated campaign, active since early October, has already affected multiple corporate environments across several countries. Investigators confirm that the intrusions relied on valid login information rather than brute-force methods. Once inside, attackers
Crimson Collective Launches Advanced AWS Attacks for Data Theft
The Crimson Collective hacker group has launched a new wave of cyberattacks aimed at Amazon Web Services (AWS) cloud environments. Their operations focus on stealing sensitive data from misconfigured instances, exposing how vulnerable cloud infrastructures can become when security practices are neglected. How the Group Infiltrates AWS Environments Researchers report that Crimson Collective exploits exposed AWS access credentials often found
