API & embeddable widgets
Recent Breaches publishes a free, open, CORS-enabled JSON API and a live embeddable widget so you can surface up-to-the-minute breach data on your own site, dashboard, or newsletter. No key, no signup — just a link back to Recent Breaches. Data is cached ~10 minutes.
JSON API
GEThttps://recentbreaches.com/api/breachesLatest ~50 published breaches. Optional ?limit= (cap 200).
GEThttps://recentbreaches.com/api/indexThe live Breach Index aggregate (24h/7d counts, delta, records).
GEThttps://recentbreaches.com/api/kevLatest ~50 CISA Known Exploited Vulnerabilities. Optional ?limit=.
GEThttps://recentbreaches.com/api/healthService health check ({"ok":true}).
GEThttps://recentbreaches.com/feed.xmlRSS 2.0 feed of the latest breaches (alias: /rss).
Example: /api/index
{
"index_today": 138,
"delta_pct": 38,
"count_24h": 11,
"count_7d": 52,
"baseline": 7.4,
"ransomware_7d": 19,
"records_leaked_7d": "4.2M",
"critical_7d": 6,
"updated": "2026-07-11T12:00:00Z"
}Example: /api/breaches
[
{
"title": "Example Corp data breach",
"organization": "Example Corp",
"slug": "example-corp-data-breach",
"url": "https://recentbreaches.com/breach/example-corp-data-breach",
"severity": "high",
"date": "2026-07-10"
}
]Example: /api/kev
[
{
"cve": "CVE-2026-12345",
"vendor": "Acme",
"product": "Gateway",
"name": "Acme Gateway RCE",
"dateAdded": "2026-07-09",
"dueDate": "2026-07-30",
"ransomware": true,
"nvd_url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12345"
}
]Embeddable Breach Index widget
Drop the live Breach Index (headline number, 24h delta and the five latest breaches) onto any page with one iframe. It is self-contained, dark, and mobile-friendly:
Copy-paste embed snippet:
<iframe src="https://recentbreaches.com/embed/breach-index" width="340" height="420" style="border:0" loading="lazy"></iframe>
RSS feed
Subscribe to the latest breaches in any reader, or pull them server-side, via https://recentbreaches.com/feed.xml (alias /rss).
Building something with our data?
Check if you’re exposed →