Tag: breach
-
From Assistive to Agentic: The AI Shift That’s Redefining Threat Management
IntroductionThe average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often, these tools are working in siloes, generating (overlapping) alerts and data. And yet, breach dwell times remain stubbornly long (~43 days), response windows keep closing before teams can act, and analysts…
-
The Cyber Express Weekly Roundup: Cybersecurity Weekly Round on Emerging Threats, Data Breaches, and Global Policy Shifts
This week’s weekly roundup of cybersecurity developments highlights an expanding intersection of cyber risk, regulatory action, and enterprise vulnerability. Across healthcare, technology platforms, gaming companies, and government policy, organizations continue to confront a rapidly evolving cybersecurity landscape where data exposure, advanced intrusion tactics, and platform security failures are interconnected. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/tce-weekly-roundup-global-threats/
-
Nintendo Confirms Employee Data Exposed in TinyPulse Cyberattack
Nintendo of America has confirmed that employee survey data was exposed in the recent TinyPulse cyberattack, although the company emphasized that its own systems were not breached and that no customer or financial information was accessed. The disclosure follows claims by the threat actor Shadowbyt3$, which alleged it had stolen sensitive information linked to Nintendo employees. First…
-
24 Billion Stolen Credentials Exposed in Massive Data Leak
24 Billion Records Left Open Online: Passwords, Emails, and Everything Else Exposed database with 24 Billion records revealed stolen credentials from infostealers, Telegram channels, and breach collections, risking account takeovers. Cybernews researchers found an exposed Elasticsearch cluster on June 12th containing 24 billion records and more than 8.3 terabytes of data. They triple-checked the numbers.…
-
Companies are discarding the logs they need to catch a breach
Many large enterprises discard most of the log data their systems generate, and they do it on purpose to keep costs down. A Dynatrace survey of 450 senior IT leaders at large … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/19/report-log-management-security-risk/
-
Icarus threat actors exploit Klue OAuth breach to steal Salesforce data
First seen on scworld.com Jump to article: www.scworld.com/brief/icarus-threat-actors-exploit-klue-oauth-breach-to-steal-salesforce-data
-
Nintendo confirms employee survey data stolen from third-party service
First seen on scworld.com Jump to article: www.scworld.com/brief/nintendo-confirms-employee-survey-data-stolen-from-third-party-service
-
Texas Parks & Wildlife data breach exposes millions of driver’s licenses, passport numbers
First seen on scworld.com Jump to article: www.scworld.com/brief/texas-parks-wildlife-data-breach-exposes-millions-of-drivers-licenses-passport-numbers
-
AI-Driven Threats, Zero-Days, and Data Breaches Define This Week in Cybersecurity for June 2026
Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/ai-driven-threats-zero-days-and-data-breaches-define-this-week-in-cybersecurity-for-june-2026/
-
Breach Roundup: ShinyHunters Leaks 26M MSG Records
Tags: attack, breach, cisa, cybersecurity, data, data-breach, email, leak, linux, ransomware, russia, supply-chainAlso, Arch Linux Attack, Estonia Quarantines Russian Emails, Joomla Flaw. This week, ShinyHunters leaked alleged Madison Square Garden data, a U.S. senator pressed CISA on regional staffing cuts, an Arch Linux supply-chain attack, Mackay Sugar began recovery from a ransomware attack, Novo Nordisk faced dueling breach claims – and more compelling cybersecurity news. First seen…
-
Novo Nordisk Breach Exposes Software Development Pipeline Risk
A leaked GitHub token underscores what most organizations get wrong: Treating secrets management as a tooling problem rather than an identity problem. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/novo-nordisk-breach-exposes-dev-pipeline-risk
-
Nintendo confirms data stolen in WebMD subsidiary cyberattack
Nintendo of America has confirmed to BleepingComputer that threat actors stole survey data from the third-party TinyPulse service used internally, but its systems were not compromised. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nintendo-confirms-data-stolen-in-webmd-subsidiary-cyberattack/
-
Texas government data breach allowed hackers to steal 3 million driver’s licenses and passports
A data breach involving government-issued ID documents affects over three million people in Texas. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/18/texas-government-data-breach-allowed-hackers-to-steal-3-million-drivers-licenses-and-passports/
-
Attackers Steal Salesforce Data From Klue Battlecards Users
CRM Data Theft Tied to OAuth Tokens Stolen From Third-Party Market Intelligence App. Salesforce disabled connections to its customer relationship management environment from third-party app Klue Battlecards as a response to a security incident. Attackers breached Klue’s platform, generated OAuth tokens for Salesforce and stole data, now being held to ransom. First seen on govinfosecurity.com…
-
Klue OAuth breach linked to ‘Icarus’ Salesforce data theft attacks
Market intelligence platform Klue suffered a OAuth breach that enabled the “Icarus” threat actors to steal Salesforce CRM data from multiple organizations in an ongoing extortion campaign. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/klue-oauth-breach-linked-to-icarus-salesforce-data-theft-attacks/
-
Cyberspace Locked in a Nation-State Contest, Says NCSC CEO
Richard Horne Seeks to Reframe Discussion of Cyber Exposure. Britain’s top cybersecurity official sought Wednesday to reframe digital defense as a contest against a constantly shifting opponent rather than a risk to be managed, calling today’s spate of breaches and hacking incidents the opening salvos of a future war. First seen on govinfosecurity.com Jump to…
-
74,000 Fortinet firewall credentials exposed in FortiBleed data leak
Tags: breach, credentials, cybercrime, data, data-breach, firewall, fortinet, group, leak, russia, vpnA Russian-speaking cybercriminal group has stolen credentials contained in the configuration files of nearly 74,000 Fortinet firewalls and VPN gateways around the world. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/18/fortinet-fortibleed-data-leak/
-
Massive breach spills credentials for thousands of sensitive networks
The affected include Oracle, Lenovo, FedEx, a NATO contractor, and Fortinet. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/06/massive-breach-spills-credentials-for-thousands-of-sensitive-networks/
-
California water utility probes breach claim by Iran-linked actor
The group Handala said it attacked one of the nation’s largest water companies. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/california-water-utility-breach-iran-hacker/823148/
-
FortiBleed Attack Exposes Fortinet Firewall Credentials in 194 Countries
Researchers say FortiBleed used stolen and tested credentials to access exposed Fortinet firewalls, putting major organizations and public agencies at risk now. First seen on hackread.com Jump to article: hackread.com/fortibleed-attack-fortinet-firewalls-credentials/
-
Low-skilled attacker used Claude, Codex to breach 14 companies
Researchers have long warned that AI agents could lower the skill floor for offensive cyber operations, and a recent report by OALABS (Open Analysis) researchers bears that … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/ai-agents-offensive-cyber-operations-claude-codex/
-
Low-skilled attacker used Claude, Codex to breach 14 companies
Researchers have long warned that AI agents could lower the skill floor for offensive cyber operations, and a recent report by OALABS (Open Analysis) researchers bears that … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/ai-agents-offensive-cyber-operations-claude-codex/
-
Another healthcare firm attacked days after Novo Nordisk breach
Medical technology company iRhythm Holdings disclosed a cyberattack involving certain third-party-hosted business applications that resulted in the theft of patient protected … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/17/irhythm-data-breach-patient-health-information-stolen/
-
ESET MDR vs Sophos MDR: Compared Time to discover and respond to a threat
A detailed ESET MDR vs Sophos MDR comparison covering tiers, response speed, coverage, threat intelligence, pricing, and breach warranties to help you choose. First seen on hackread.com Jump to article: hackread.com/eset-mdr-vs-sophos-mdr/
-
The Top 10 Attack Surface Exposures in 2026
Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop, like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication, anything internet-facing is immediately at risk.With time-to-exploit now down to…
-
The Top 10 Attack Surface Exposures in 2026
Breaches don’t always start with a zero-day. An exposed admin panel can get brute-forced, or credentials reused from a previous attack. But when a vulnerability does drop, like MongoBleed earlier this year, which let attackers pull credentials and session tokens from server memory without authentication, anything internet-facing is immediately at risk.With time-to-exploit now down to…
-
EdTech Faces a Cybersecurity Crisis: Data Breaches Surge
EdTech firms face rising cyberattacks as ShinyHunters and FulcrumSec target schools, exposing sensitive data and disrupting services. Resecurity (USA) warns the education technology (EdTech) sector has become a prime target for cybercriminals, as attacks against educational institutions and related platforms continue to escalate. Recent high-profile incidents, including attacks by groups such as ShinyHunters and FulcrumSec,…
-
FulcrumSec Targets Novo Nordisk, Leaks Clinical and Research Data
FulcrumSec leaked data stolen from Novo Nordisk, claiming to have exfiltrated 1.3TB, including clinical records and AI research assets. On June 15, 2026, a data-theft extortion group calling itself FulcrumSec began leaking files from Novo Nordisk, the Danish maker of Ozempic and Wegovy, after the company refused a $25 million ransom demand. The attackers claimed…
-
Cybercriminals Are Targeting EdTech: Data Breaches and Ransomware Attacks on the Rise
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/cybercriminals-are-targeting-edtech-data-breaches-and-ransomware-attacks-on-the-rise
-
Kodak confirms data breach claimed by ShinyHunters extortion gang
Kodak has confirmed that it’s working with external cybersecurity experts to investigate a security breach after hackers gained access to some of the company’s data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/kodak-confirms-data-breach-claimed-by-shinyhunters-extortion-gang/