Major Data Breaches and Critical Vulnerabilities Hit Organizations Hard
Major Data Breaches and Critical Vulnerabilities Hit Organizations Hard
Today's cybersecurity landscape is marked by significant breaches and alarming vulnerabilities. GrubHub fell victim to a data breach that compromised the personal information of customers and delivery personnel due to a third-party vendor's account issue. The breach exposed names, email addresses, and partial payment card details, but full card numbers remain secure. Meanwhile, Mars Hydro reported a catastrophic IoT breach affecting around 2.7 billion records, revealing sensitive information like Wi-Fi passwords and IP addresses due to a misconfigured database.
In terms of vulnerabilities, CVE-2025-0108 was disclosed as a critical authentication bypass in Palo Alto Networks' PAN-OS, with reports of active exploitation in the wild. Also concerning is CVE-2025-21376, a severe remote code execution vulnerability in Microsoft’s Windows LDAP, which could allow worm propagation across networks. These vulnerabilities necessitate immediate patching and increased vigilance.
Also In Security Today
- Lee Enterprises faced operational disruptions from a cyberattack that hindered distribution and billing across its U.S. newspapers, emphasizing the continuing risk to media organizations. Read More.
- CVE-2025-0108 in Palo Alto Networks PAN-OS allows unauthenticated access and has been actively exploited. Organizations are urged to patch immediately. Learn More.
- CVE-2025-21376 in Microsoft’s Windows LDAP poses a critical threat with potential for widespread network worm propagation. Immediate action is required. Details Here.
- A comprehensive analysis reveals that IoT security remains a paramount concern as breaches like that of Mars Hydro expose vast quantities of sensitive data. Explore Further.