SonicWall SMA1000 Appliances
SonicWall SMA1000 Appliances Code Injection Vulnerability — SonicWall SMA1000 Appliances contain a code injection vulnerability which in specific conditions could potentially enable a remote authenticated attacker as adm
SaaS platforms, cloud providers, developer tooling, and app-layer infrastructure are concentrated attack surfaces. One tech vendor breach can expose thousands of downstream customers. Below is every tech-sector breach LeakTrace has indexed.
SonicWall SMA1000 Appliances Code Injection Vulnerability — SonicWall SMA1000 Appliances contain a code injection vulnerability which in specific conditions could potentially enable a remote authenticated attacker as adm
Attackers whose methods line up with the data-extortion group ShinyHunters have spent the past year walking into corporate Salesforce environments without exploiting a single flaw in the platform. The way in h
Microsoft Active Directory Federation Services Insufficient Granularity of Access Control Vulnerability — Microsoft Active Directory Federation Services contains an insufficient granularity of access control vulnerabili
SonicWall SMA1000 Appliances Server-Side Request Forgery Vulnerability — SonicWall SMA1000 Appliances contain a server-side request forgery vulnerability that could allow a remote unauthenticated attacker to potentially
A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to distribute infostealer malware. [...]
Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability — Microsoft SharePoint contains a missing authentication for critical function vulnerability that allows an unauthorized attacker to
The retailer said the incident did not affect its online shopping platform itself but involved a separately stored customer database maintained by a third-party provider. According to notifications sent to Lidl's German,
Cisco IOS Cross-Site Request Forgery Vulnerability — Cisco IOS 12.4 contains multiple cross-site forgery vulnerabilities that allows remote attackers to execute arbitrary commands via (1) a certain "show privilege" comma
iCagenda Unrestricted Upload of File with Dangerous Type Vulnerability — iCagenda contains an unrestricted upload of file with dangerous type vulnerability that allows the upload of arbitrary files in the file attachment
Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability — Balbooa Forms contains an unrestricted upload of file with dangerous type vulnerability that allows an unauthenticated arbitrary file upload w
14.2M email credentials exposed across six ISPs
4K code repositories stolen by TeamPCP group
300 instances across 100 orgs breached
100+ orgs hit via zero-day CVE-2026-35273
300+ orgs hit, 100+ confirmed victims globally
14.2M email credentials exposed across six ISPs
40M customer records stolen via vishing attack
14.2M email logins exposed across six ISPs
300+ instances breached across 100 orgs via zero-day
300+ instances hit, 100+ orgs, HR/payroll data stolen
100+ orgs hit, SSNs and payroll records stolen