Hackread – Cybersecurity News, Data Breaches, AI and More
A significant data breach has affected approximately 3 million Texas license holders due to an attack on a third-party vendor associated with the Texas Parks and Wildlife Department. The breach has exposed sensitive information, including driver's license and passport numbers, raising concerns about identity theft and fraud. This incident underscores the risks that come with relying on third-party services, as the data of millions can be compromised through a single vulnerability. Texas authorities have not specified how the breach occurred or what immediate steps are being taken to address the situation. License holders are advised to monitor their accounts and consider identity theft protection services in light of this exposure.
A vulnerability in certain versions of the Gravity SMTP plugin for WordPress has been exploited by attackers to extract sensitive information. This flaw allows the leakage of API keys, tokens, server details, and other confidential data. Websites using outdated or unpatched versions of the plugin are particularly at risk. This incident is concerning because it can lead to unauthorized access and further exploitation of affected sites. Users and website administrators are urged to update their plugins to protect against these data leaks and ensure the security of their WordPress installations.
A new exploit called Usbliter8 has been discovered that bypasses Apple’s boot defenses, affecting millions of iPhones. This vulnerability cannot be patched, and researchers have released a proof-of-concept exploit, raising concerns about the potential for misuse. Users of affected iPhone models should be particularly vigilant, as this exploit could allow attackers to gain unauthorized access to devices. The widespread nature of this issue makes it critical for Apple to address, as it could lead to increased risks for personal data and security. As of now, there are no known patches or updates to mitigate this vulnerability, leaving many devices exposed.
Hackers are taking advantage of a recently patched vulnerability in the Gravity SMTP plugin for WordPress, which is used on around 100,000 websites. This security flaw, identified as CVE-2026-4020, allows attackers without authentication to access sensitive information, including API keys and OAuth tokens. The vulnerability has a medium severity score of 5.3, but the potential exposure of critical data makes it a significant concern for site administrators. Users of the Gravity SMTP plugin need to ensure they update to the latest version to protect their sites from these attacks. The urgency of addressing this issue is heightened by the fact that the vulnerability is currently being exploited in the wild.
Hackers are taking advantage of an unauthenticated information disclosure vulnerability in the Gravity SMTP plugin for WordPress, which is installed on around 100,000 websites. This vulnerability allows attackers to access sensitive information without needing to log in, potentially exposing user data and other critical site details. The flaw poses a serious risk to website owners and their users, as it could lead to further attacks or data breaches. Website administrators are urged to assess whether they are using this plugin and to take necessary actions to secure their sites. Ignoring this issue could leave users’ information vulnerable and put the integrity of the websites at risk.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a serious vulnerability in Splunk Enterprise that is currently being exploited by attackers. This flaw poses a significant risk to U.S. federal agencies and could potentially affect many organizations using this software. CISA has urged these agencies to take immediate action to secure their systems by applying the necessary patches by this Sunday. Failure to address this vulnerability could result in unauthorized access to sensitive data or system controls, making it crucial for organizations to prioritize this update. The urgency of the situation highlights the ongoing challenges in cybersecurity and the need for vigilance in maintaining software security.
A recently disclosed vulnerability in Splunk Enterprise, identified as CVE-2026-20253, has been exploited by attackers just days after it was made public. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged federal agencies to apply patches within three days to prevent potential unauthorized remote code execution. This vulnerability poses a serious risk, allowing attackers to execute malicious code without authentication, which could lead to significant data breaches or system compromises. Organizations using affected versions of Splunk Enterprise need to act quickly to secure their systems and protect sensitive information from exploitation.
A new type of cyber attack known as Agentjacking is taking advantage of artificial intelligence coding tools by using fake error reports. This method allows attackers to infiltrate systems without needing stolen credentials or direct access to networks. Instead, they exploit the coding tools that developers rely on, which could lead to unauthorized access and manipulation of sensitive data. This is particularly concerning for companies that use AI tools for software development, as it raises questions about the security of their coding environments. As this attack method evolves, organizations need to be vigilant and ensure their development tools are secure against such manipulations.
Apple has released a security update to address a vulnerability in its Beats Studio Buds, identified as CVE-2025-20701. This flaw was uncovered by researchers Dennis Heinze and Frieder Steinmetz from ERNW GmbH. While the specific nature of the vulnerability has not been detailed, it poses a potential risk to users of the Beats Studio Buds, which are popular wireless earbuds. Users are encouraged to install the latest firmware update to ensure their devices are protected. Ignoring this update could leave users vulnerable to potential exploits that might compromise their audio experience or privacy.
A security vulnerability in FIFA's access control system could have allowed hackers to take over World Cup streaming services. The issue stems from FIFA's failure to enforce its Entra access controls, which could have been exploited to manipulate live streams. This situation raises concerns about the security of high-profile events, as attackers could disrupt broadcasts or inject malicious content. The potential for such a breach underscores the need for organizations to prioritize robust security measures, especially during major global events. As millions tune in to watch the World Cup, the implications of this vulnerability could have been significant, affecting viewers and FIFA's reputation alike.
A recent analysis has revealed that a majority of REDCap servers accessible via the internet are outdated and vulnerable. These servers, which are widely used in research and healthcare for data collection, are currently being targeted by a hacking group linked to China, known as UNC6508. Researchers found that these attackers use these vulnerabilities for initial access and to deploy backdoors, making it easier for them to exploit the systems further. The situation raises serious concerns for organizations relying on REDCap for sensitive data management, as outdated servers can lead to data breaches and compromise patient confidentiality. It's crucial for administrators to update their systems to defend against these ongoing attacks.
F5 has issued urgent patches for two critical vulnerabilities in NGINX, identified as CVE-2026-42530 and CVE-2026-42055, both rated with a CVSS score of 9.2. These flaws affect the HTTP modules and can be exploited remotely without any authentication, allowing attackers to execute arbitrary code and potentially corrupt memory. This presents a significant risk for organizations using affected NGINX versions, as it could lead to unauthorized access and system compromise. F5's out-of-band updates are crucial for users to secure their systems and prevent potential exploitation. Users are strongly advised to apply these patches promptly to mitigate the risks associated with these vulnerabilities.
A supply chain attack has targeted multiple WordPress plugins from ShapedPlugin, leading to the distribution of compromised updates to paying customers through the vendor's official update mechanism. This breach allowed attackers to inject malicious code into the plugins, potentially affecting numerous WordPress sites that rely on these tools. Users of affected plugins may face serious security risks, including unauthorized access and data breaches. The situation is alarming as it underscores the vulnerability of software supply chains, where attackers can exploit trusted sources to distribute malware. Website owners using these plugins should take immediate precautions, including checking for updates and reviewing security practices to mitigate any potential damage.
Apple has addressed a significant security vulnerability in its Beats Studio Buds wireless earbuds that could have allowed hackers within Bluetooth range to eavesdrop on conversations. This flaw posed a risk to users, as it could potentially compromise their privacy during sensitive discussions. Apple has rolled out security updates to fix this issue, emphasizing the importance of keeping devices up to date with the latest software. Users of Beats Studio Buds should ensure they apply these updates promptly to protect against potential unauthorized access. This incident serves as a reminder of the vulnerabilities that can exist in everyday technology and the need for manufacturers to prioritize user security.
Splunk has addressed a significant security flaw in its AI Toolkit, specifically an OS command injection vulnerability that could allow attackers to execute arbitrary commands on the operating system. Meanwhile, Atlassian has resolved numerous vulnerabilities found in third-party dependencies, which could potentially expose users to security risks. These updates are crucial as they protect users from possible exploitation by malicious actors who might take advantage of these weaknesses. Organizations using these tools should ensure they apply the latest patches to safeguard their systems. Keeping software up to date is essential to maintaining security and preventing unauthorized access.