Topic: api vulnerability
-
5.8M Customers Hit in 700Credit Dealership Data Breach
A data breach at 700Credit exposed sensitive personal information of approximately 5.8 million individuals, stemming from a security failure at an integration partner that was not promptly reported. The vulnerability was a poorly designed API that allowed unauthorized access and exfiltration of d...
Read More » -
State Actor Behind SonicWall Cloud Backup Hack
A state-sponsored threat actor breached SonicWall's cloud backup service using brute-force techniques, accessing all stored backup files through an API call in a sophisticated nation-state level operation. SonicWall confirmed that core products, internal systems, and customer infrastructures were...
Read More » -
Marquis Sues SonicWall Over Firewall Flaws That Enabled Ransomware
Marquis is suing SonicWall, alleging a 2025 breach at the cybersecurity vendor exposed firewall configuration data that hackers used to launch a ransomware attack against Marquis, causing significant harm. The stolen data included sensitive personal and financial information for at least 400,000 ...
Read More » -
Marquis Sues SonicWall After Backup Breach Enables Ransomware
A data analytics firm is suing cybersecurity vendor SonicWall, alleging a critical vulnerability in its cloud backup service allowed state-backed hackers to steal sensitive configuration data, leading to a major ransomware attack on financial institutions. The breach originated from a security ga...
Read More » -
State-Sponsored Hackers Breached SonicWall in September
State-sponsored hackers breached SonicWall's cloud environment in September, accessing firewall configuration backup files via an API call, but no products, firmware, or customer networks were compromised. The exposed backup files contained sensitive credentials, prompting SonicWall to advise aff...
Read More »