Tag: breach
-
CarGurus data breach exposes information of 12.4 million accounts
The ShinyHunters extortion group has published personal information in more than 12 million records allegedly stolen from CarGurus, a U.S.-based digital auto platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cargurus-data-breach-exposes-information-of-124-million-accounts/
-
Marquis sues firewall provider SonicWall, alleges security failings with its firewall backup led to ransomware attack
Fintech giant Marquis is suing its firewall provider SonicWall, claiming that an earlier breach with SonicWall allowed hackers to deploy ransomware on Marquis’ network. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/24/marquis-sonicwall-lawsuit-ransomware-firewall-breach/
-
Amazon: Low-Skill Hacker Used AI Tools to Breach FortiGate Devices Globally
Amazon says a Russian speaking low-skill hacker used AI tools to breach hundreds of FortiGate devices worldwide, showing how AI can scale cyberattacks with basic methods. First seen on hackread.com Jump to article: hackread.com/amazon-hacker-ai-tools-breach-fortigate-devices/
-
Teenagers charged over public bike service breach that exposed 4.62 million records
Two South Korean teenagers have been charged in connection with a cyberattack that compromised the personal data of 4.62 million users of Seoul’s public bike service, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/24/south-korean-teens-bike-service-cyberattack-charges/
-
Conduent data breach grows, affecting at least 25M people
The number of people affected by a data breach at government contractor giant Conduent is growing, as millions of people continue to receive notices warning them that hackers stole their personal data. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/24/conduent-data-breach-grows-affecting-at-least-25m-people/
-
Shai-Hulud-style NPM worm hits CI pipelines and AI coding tools
Poisoning the AI developer interface: The campaign was specifically flagged for its direct targeting of AI coding assistants. The malware deploys a malicious Model Context Protocol (MCP) server and injects it into configurations of popular AI tools, embedding itself as a trusted component in the assistant’s environment.Once this is achieved, prompt-injection techniques can trick the…
-
Korean cops charge teens over bike hire breach that exposed data on 4.62M riders
Public prosecutor mulls sentencing following investigations into two separate attacks First seen on theregister.com Jump to article: www.theregister.com/2026/02/24/korean_bike_breach_charges/
-
ShinyHunters extortion gang claims Odido breach affecting millions
The ShinyHunters extortion gang has claimed responsibility for breaching Dutch telecommunications provider Odido and stealing millions of user records from its compromised systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shinyhunters-extortion-gang-claims-odido-breach-affecting-millions/
-
Massive Conduent Data Breach Exfiltrates 8 TB Affects Over 25 Million Americans
A massive data breach at business services giant Conduent has compromised the sensitive personal information of over 25 million Americans, making it one of the largest cybersecurity incidents in recent history. The breach, which went undetected for nearly three months, involves the exfiltration of approximately 8 terabytes of data by the SafePay ransomware group. While…
-
Everest ransomware hits Vikor Scientific ‘s supplier, data of 140,000 patients stolen
Everest ransomware claims an attack on diagnostic firm Vikor Scientific (Vanta Diagnostics), exposing data of nearly 140,000 people. The Everest ransomware group has claimed responsibility for a cyberattack on Vikor Scientific, now operating as Vanta Diagnostics. The healthcare diagnostic firm disclosed a data breach impacting nearly 139,964 individuals, as reported by the US Department of…
-
Master Your Passwordless Future: Introducing Thales Authenticator Lifecycle Manager
Tags: access, attack, authentication, automation, breach, compliance, container, control, data, fido, Hardware, identity, login, msp, phishing, service, software, tool, zero-trustMaster Your Passwordless Future: Introducing Thales Authenticator Lifecycle Manager madhav Tue, 02/24/2026 – 07:53 The move to passwordless authentication is no longer a distant goal; it’s a present-day necessity. Organizations are rapidly adopting FIDO2 authenticators to defend against phishing and strengthen their security posture. While this shift enhances security, it introduces a new challenge: managing…
-
So You Think You Have Cyber Insurance? The Breach is Only the First Incident. The Claim is the Second.
Explore the complexities of cyber insurance, including common claim denials, coverage disputes, and evolving risks like ransomware, AI fraud, and BEC. Learn how to navigate insurance ecosystems to secure reliable coverage that stands firm in loss situations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/so-you-think-you-have-cyber-insurance-the-breach-is-only-the-first-incident-the-claim-is-the-second/
-
The rise of the evasive adversary
Tags: access, ai, attack, authentication, breach, china, cloud, credentials, crime, crowdstrike, crypto, data, defense, endpoint, exploit, finance, firewall, group, identity, infrastructure, intelligence, korea, lazarus, leak, mail, malicious, malware, microsoft, monitoring, network, north-korea, open-source, phishing, ransomware, remote-code-execution, russia, saas, service, software, strategy, supply-chain, tactics, theft, threat, tool, update, vpn, vulnerability, windows, zero-dayBig game hunters tighten their grip: CrowdStrike’s research highlights how big game hunting (BGH) ransomware actors have remained the dominant force in the eCrime landscape.Punk Spider, a group responsible for developing and maintaining Russian-language Akira ransomware, and its associated Akira dedicated leak site, conducted 198 intrusions in 2025, a 134% increase year over year. Victim-shaming operations…
-
Odido Faces Alleged Data Breach as ShinyHunters Claims 21M Records Exposed
A notorious cybercriminal group, ShinyHunters, has claimed responsibility for a massive data breach involving Odido and BEN, exposing millions of customer records. The group asserts that Odido, a Dutch telecommunications provider, was not truthful in its initial disclosure of the incident. This development suggests the breach may be significantly larger and more severe than initially…
-
Hackers Exploit DeepSeek and Claude AI to Launch Global Attacks on FortiGate Devices
Hackers are using commercial AI models DeepSeek and Claude to automate attacks against FortiGate firewalls worldwide, turning basic misconfigurations into a high”‘volume intrusion campaign. In early February 2026, a misconfigured SimpleHTTP server running on 212.11.64[.]250:9999 was found exposing more than 1,400 files and 139 subdirectories, including stolen FortiGate configurations, Active Directory maps, credential dumps, exploit…
-
Data Breaches in 2026: What’s old, what’s new?
Data breaches in 2026 explained, new cyber threats, AI driven attacks, common breach causes, and practical security strategies for individuals and businesses First seen on hackread.com Jump to article: hackread.com/data-breaches-2026-whats-old-whats-new/
-
Conduent Breach Surges to Over 25M, Could Be Largest in US History
Tags: breachNew state filings suggest the Conduent breach may affect more than 25 million Americans, with Texas alone reporting 15.4 million impacted residents. The post Conduent Breach Surges to Over 25M, Could Be Largest in US History appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-conduent-data-breach-25-million-largest-us-history/
-
PayPal Ties Small Data Breach and Fraud to App Coding Error
Fintech Giant Says Personal Data Exposed for About 100 Business Users of Loan App. Financial services firm PayPal said it discovered a data breach that lasted for six months, exposed some business customers’ personal information and led to fraudulent charges. The company said about 100 customers were affected, and that it has fully refunded them…
-
Ad tech firm Optimizely confirms data breach after vishing attack
New York-based ad tech company Optimizely has notified an undisclosed number of customers of a data breach after threat actors compromised some of its systems in a voice phishing attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ad-tech-firm-optimizely-confirms-data-breach-after-vishing-attack/
-
Over 200K Australian Driver’s Licences Exposed in youX Cyber Breach
A youX breach exposed sensitive borrower data in Australia, including over 200,000 driver’s licence numbers, raising fraud and phishing risks. The post Over 200K Australian Driver’s Licences Exposed in youX Cyber Breach appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-youx-data-breach-australia-drivers-licence-exposure/
-
AI Let ‘Unsophisticated’ Hacker Breach 600 Fortinet Firewalls, AWS Says, As AI Lowers ‘The Barrier’ For Threat Actors
Hackers use AI, GenAI and LLMs to breach Fortinet FortiGate firewalls as cybersecurity and threat actors leverage AI for cyber-attacks, AWS report finds. First seen on crn.com Jump to article: www.crn.com/news/security/2026/ai-let-unsophisticated-hacker-breach-600-fortinet-firewalls-aws-says-as-ai-lowers-the-barrier-for-threat-actors
-
When identity isn’t the weak link, access still is
Stolen tokens and compromised devices let attackers reuse trust without breaking authentication. Specops Software explains why identity alone isn’t enough and how continuous device verification strengthens Zero Trust. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/when-identity-isnt-the-weak-link-access-still-is/
-
Ransomware, Zero-Days, and Data Breaches Shape This Week’s Cybersecurity Landscape
Weekly summary of Cybersecurity Insider newsletters First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/weekly-roundup/ransomware-zero-days-and-data-breaches-shape-this-weeks-cybersecurity-landscape/
-
1.2 Million Accounts Exposed in French Bank Registry Breach
Stolen government credentials were used to access France’s FICOBA registry, exposing data tied to roughly 1.2 million bank accounts. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/1-2-million-accounts-exposed-in-french-bank-registry-breach/
-
Police seize 100,000 stolen Facebook credentials in cybercrime raid
Officers from Poland’s Central Bureau for Combating Cybercrime (CBZC) dismantled an organized group that used phishing to seize Facebook accounts and extract BLIK payment … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/23/poland-cybercrime-facebook-phishing-ring/
-
Anthropic Didn’t Kill Cybersecurity. It Just Reminded Us There Are Two Doors.
Anthropic’s Claude Code Security sparked a sharp SaaS market selloff, but investors missed a critical reality: AI code scanning addresses only half of modern cyberattacks. Identity, credentials, and human factors remain the dominant breach vectors. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/anthropic-didnt-kill-cybersecurity-it-just-reminded-us-there-are-two-doors/
-
DPRK-Linked Hackers Continue Aggressive Crypto Attacks One Year After Bybit Breach
DPRK-linked operators are maintaining a relentless focus on the crypto sector, with activity accelerating rather than slowing in the year since the record-breaking Bybit breach. On 21 February 2025, threat actors linked to North Korea stole around 1.46 billion dollars in cryptoassets from Dubai-based exchange Bybit, in what remains the largest confirmed crypto theft to date. By…