Datadog Inc.
APM and logging data from 340 enterprise customers exposed via compromised CI/CD pipeline
Technology & Software Data Breaches (1270 indexed)
Spark New Zealand
450K customer records exposed in targeted attack
Booking.com
2.3M guest records compromised in phishing campaign targeting hotels
Bosch Group
560K manufacturing and IoT device records exposed
NEC Corporation
560K corporate client records stolen
ABB Ltd (Switzerland)
560K automation records exposed
Instagram (Alleged Leak)
17.5M account records posted to BreachForums
BreachForums (2025)
672,247 records exposed — Email addresses, Forum posts, Passwords, Private messages and 1 more
Linear (Project Management)
120K workspace records exposed via OAuth misconfiguration
Hewlett Packard Enterprise (HPE) OneView
Hewlett Packard Enterprise (HPE) OneView Code Injection Vulnerability — Hewlett Packard Enterprise (HPE) OneView contains a code injection vulnerability that allows a remote unauthenticated user to perform remote code ex
Microsoft Office
Microsoft Office PowerPoint Code Injection Vulnerability — Microsoft Office PowerPoint contains a code injection vulnerability that allows remote attackers to execute arbitrary code via a PowerPoint file with an OutlineT
Bandai Namco (Japan)
340K gaming records exposed in ransomware
MongoDB MongoDB and MongoDB Server
MongoDB and MongoDB Server Improper Handling of Length Parameter Inconsistency Vulnerability — MongoDB Server contains an improper handling of length parameter inconsistency vulnerability in Zlib compressed protocol head
WIRED
2,364,431 records exposed — Dates of birth, Display names, Email addresses, Genders and 4 more
Digiever DS-2105 Pro
Digiever DS-2105 Pro Missing Authorization Vulnerability — Digiever DS-2105 Pro contains a missing authorization vulnerability which could allow for command injection via time_tzsetup.cgi.
WIRED / Conde Nast
2.3M subscriber records leaked on hacking forum
WatchGuard Firebox
WatchGuard Firebox Out of Bounds Write Vulnerability — WatchGuard Fireware OS iked process contains an out of bounds write vulnerability in the OS iked process. This vulnerability may allow a remote unauthenticated attac
The Botting Network
96,320 records exposed — Dates of birth, Email addresses, Passwords, Usernames
AUTOSUR
487,226 records exposed — Email addresses, Names, Phone numbers, Physical addresses and 3 more
Cisco Multiple Products
Cisco Multiple Products Improper Input Validation Vulnerability — Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows thr
SonicWall SMA1000 appliance
SonicWall SMA1000 Missing Authorization Vulnerability — SonicWall SMA1000 contains a missing authorization vulnerability that could allow for privilege escalation appliance management console (AMC) of affected devices.
ASUS Live Update
ASUS Live Update Embedded Malicious Code Vulnerability — ASUS Live Update contains an embedded malicious code vulnerability client were distributed with unauthorized modifications introduced through a supply chain compro
Web Hosting Talk
515,149 records exposed — Email addresses, IP addresses, Passwords, Usernames
Fortinet Multiple Products
Fortinet Multiple Products Improper Verification of Cryptographic Signature Vulnerability — Fortinet FortiOS, FortiSwitchMaster, FortiProxy, and FortiWeb contain an improper verification of cryptographic signature vulner