VulnHub

Inotiv, an American pharmaceutical company, has reported a data breach following a ransomware attack that occurred in August 2025, compromising the personal information of thousands of individuals. This incident highlights the ongoing risks associated with ransomware attacks and the importance of data protection in the pharmaceutical sector.

The Louvre Museum is enhancing its safety and security systems following a significant burglary incident in October. This initiative involves a public tender worth €57 million, indicating the museum's commitment to improving its protection against potential threats.

Cloudflare is experiencing outages, causing numerous websites to display a 500 Internal Server Error. The company is currently investigating the issue, which is impacting a wide range of online services and platforms.

The UK's National Cyber Security Center (NCSC) has launched a new service called Proactive Notifications aimed at alerting organizations about vulnerabilities in their systems. This initiative is crucial for enhancing cybersecurity awareness and proactive defense strategies among organizations in the UK.

Qilin ransomware has claimed responsibility for stealing internal data from the Church of Scientology, providing 22 screenshots as evidence of the breach. The Church has not confirmed the incident, highlighting the ongoing concerns regarding ransomware attacks and data security within organizations.

The article discusses newly published guidance from global cybersecurity agencies on the safe deployment of artificial intelligence in operational technology (OT), which is essential for critical infrastructure. This guidance aims to address potential security risks associated with AI in OT environments.

Two Virginia brothers have been charged with conspiring to steal sensitive information and wipe government databases after being terminated from their roles as federal contractors. This incident raises concerns about insider threats and the potential for significant data loss in government systems.

Cybersecurity agencies have released guidance aimed at ensuring the secure integration of artificial intelligence into operational technology (OT) systems. This guidance highlights the importance of addressing potential vulnerabilities and threats associated with AI in critical infrastructure.

ASUS has confirmed a data breach caused by a third-party vendor, with the Everest ransomware group claiming to have leaked sensitive data from ASUS, ArcSoft, and Qualcomm. The breach involved exposure of some phone camera source code but did not impact internal systems or products.

The article discusses a critical vulnerability known as 'React2Shell' in the React Server Components (RSC) 'Flight' protocol, which allows remote code execution without authentication in React and Next.js applications. This severe flaw poses significant risks to developers and organizations using these frameworks, as it could lead to unauthorized access and control over servers.