Oracle PeopleSoft Campaign
300+ orgs hit, 100+ confirmed victims globally
SaaS platforms, cloud providers, developer tooling, and app-layer infrastructure are concentrated attack surfaces. One tech vendor breach can expose thousands of downstream customers. Below is every tech-sector breach LeakTrace has indexed.
300+ orgs hit, 100+ confirmed victims globally
100+ orgs hit via zero-day CVE-2026-35273
4K code repositories stolen by TeamPCP group
14.2M email credentials exposed across six ISPs
A cloud intrusion that ended with the deployment of cryptomining malware has exposed a bigger risk for enterprises: AI gateways that concentrate access to cloud identities, permissions, and foundation models in a single,
14.2M email logins exposed including plaintext passwords
24B credential records from 36 infostealer sources
300 instances across 100 orgs breached
14.2M email credentials exposed across six ISPs
40M customer records exfiltrated by ShinyHunters
Japanese telecommunications giant KDDI says that millions of people had their email addresses and passwords exposed after attackers breached an email platform used by five internet service providers (ISPs) in the country
14.2M email credentials exposed across six ISPs
A financially motivated operation uses lures of cracked or pirated software to deliver a malware two-for-one combo for data theft and cryptomining.
14.2M email credentials exposed across 6 ISPs
Adobe ColdFusion Path Traversal Vulnerability — Adobe ColdFusion contains a path traversal vulnerability that could lead to arbitrary code execution in the context of the current user.
Joomlack Page Builder Improper Access Control Vulnerability — Joomlack Page Builder contains an improper access control vulnerability that could allow for remote code execution via unauthenticated arbitrary file upload.
Langflow Authorization Bypass Through User-Controlled Key Vulnerability — Langflow contains an authorization bypass through user-controlled key vulnerability which allows an authenticated attacker to execute any flow bel
JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability — JoomShaper SP Page Builder contains an unrestricted upload of file with dangerous type vulnerability that allows unauthenticated
Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability — Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code ove