Major Incidents or Breaches

  • Iberia has disclosed a customer data leak resulting from a security breach at a third-party supplier. The airline is notifying affected customers. The incident follows a threat actor’s claim of possessing Iberia customer data on a hacking forum.

Newly Discovered Vulnerabilities

  • Wireshark version 4.6.1 has been released, addressing two vulnerabilities and resolving 20 bugs in the network protocol analyzer.

Notable Threat Actor Activity

  • A threat actor has claimed responsibility for the compromise of Iberia customer data, posting about the breach on a hacking forum prior to the airline’s disclosure.

Trends, Tools, or Tactics of Interest

  • SmbCrawler has been released as a credentialed SMB share crawler designed for red teams to discover misconfigured SMB shares and hunt for secrets within Windows environments.
  • YARA-X 1.10.0 has been released, introducing a new command to fix warnings and improve rule management for malware researchers and threat hunters.
  • Passwork 7 has launched as a unified, self-hosted enterprise password and secrets management platform, offering automated credential workflows for organizations.