Tag: breach
-
French DIY etailer ManoMano admits customer data stolen
Crooks claim they helped themselves to over 37M accounts during January hit on subcontractor First seen on theregister.com Jump to article: www.theregister.com/2026/02/27/manomano_breach/
-
French DIY etailer ManoMano admits customer data stolen
Crooks claim they helped themselves to over 37M accounts during January hit on subcontractor First seen on theregister.com Jump to article: www.theregister.com/2026/02/27/manomano_breach/
-
North Korea’s APT37 Expands Toolkit to Breach Air-Gapped Networks
The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking group First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-apt37-expands-toolkit/
-
ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks
The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more payloads and an implant that uses removable media to relay commands and breach air-gapped networks.The campaign, codenamed Ruby Jumper by Zscaler ThreatLabz, involves the…
-
Why application security must start at the load balancer
Tags: application-security, attack, authentication, breach, business, compliance, control, credentials, defense, detection, encryption, exploit, finance, guide, healthcare, identity, incident response, infrastructure, Internet, nist, risk, service, technology, threat, tool, waf, zero-trustInternet traffic hits the load balancerThe load balancer forwards traffic as fast as possibleSecurity happens laterThe problem is simple. If the first system doesn’t enforce trust, everything behind it is already compromised by design. Example 1: Financial services: The team invested heavily in downstream security tools. But the load balancer accepted weak TLS versions and…
-
Data Broker Breaches Fueled Nearly $21 Billion in Identity-Theft Losses
A report copublished by WIRED sparked a probe into opt-out pages hidden by data brokers. Now congressional Democrats say breaches tied to the industry have cost people tens of billions of dollars. First seen on wired.com Jump to article: www.wired.com/story/data-broker-breaches-fueled-dollar209-billion-in-identity-theft-losses/
-
Europe’s ManoMano Hit: 38M Customer Records Compromised in Vendor Breach
ManoMano is notifying 38 million customers after a third-party customer service breach exposed personal data, highlighting growing supply chain security risks. The post Europe’s ManoMano Hit: 38M Customer Records Compromised in Vendor Breach appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-manomano-38m-third-party-data-breach/
-
ManoMano data breach impacted 38 Million customer accounts
European DIY platform ManoMano suffered a data breach via a third-party provider, exposing personal data of 38 million customers. European DIY e-commerce platform ManoMano disclosed a major data breach affecting 38 million customers. Hackers accessed personal information by compromising a third-party service provider, prompting notifications and potential security measures for impacted users across multiple countries.…
-
Infostealers Drive Massive Brute-Force Attacks on Corporate SSO Gateways with Stolen Credentials
The cybersecurity community is witnessing a rise in credential”‘stuffing attacks targeting corporate Single Sign”‘On (SSO) systems, with recent campaigns focusing on F5 BIG”‘IP devices. To understand the source of the stolen logins, Defused Cyber analyzed a dataset of 70 unique email”‘password pairs used in the attack. When cross”‘referenced with Hudson Rock’s cybercrime database of Infostealer…
-
1 Million Records from Dutch Telco Odido Leaked Online in Massive Data Breach
The Dutch telecommunications company Odido suffered a massive data breach that exposed the personal information of nearly 700,000 customers. The incident, which included an extortion attempt, has raised serious concerns about customer privacy and data security in the telecom sector. Following the breach, attackers leaked the stolen information online in two separate dumps. Extent of…
-
OpenClaw Insights: A CISO’s Guide to Safe Autonomous Agents FireTail Blog
Tags: access, ai, api, breach, ciso, compliance, control, data, data-breach, detection, endpoint, finance, firewall, framework, governance, guide, LLM, network, open-source, risk, risk-management, software, strategy, technology, tool, vulnerabilityFeb 27, 2026 – Alan Fagan – The “OpenClaw” crisis has board members asking, “Could this happen to us?” The answer isn’t to ban AI agents. It’s to govern them. By now, the dust is settling on the OpenClaw (aka MoltBot) incident. The technical post-mortems (including our own) have been written, the exposed ports have…
-
Your Drug Formulas, Clinical Trials, and Manufacturing Lines Are Under Attack. Here’s How to Fight Back.
Detect pharmaceutical IP theft, ransomware campaigns, and supply chain breaches in real time with Morpheus AI SOC. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/your-drug-formulas-clinical-trials-and-manufacturing-lines-are-under-attack-heres-how-to-fight-back/
-
Marquis v. SonicWall Lawsuit Ups the Breach Blame Game
When a company gets breached through a third-party security vendor, who should bear responsibility? For one FinTech company, the answer is the firewall provider. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/marquis-sonicwall-lawsuit-breach-blame-game
-
Breach Roundup: Finnish Hacker Sentenced to Nearly 7 Years
Also, More ShinyHunters Breaches, North Korea Laptop Farm Operator Sentenced. This week, Finland’s Aleksanteri Kivimäki sentenced. ShinyHunters breaches. Laptop farm rancher sentenced. Oregon state agency hacker sentenced. African scammers arrested. MuddyWater AI-assisted hacks. Advantest ransomware incident, SolarWinds and Microsoft patches. FileZen flaw. QualDerm breach. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-finnish-hacker-sentenced-to-nearly-7-years-a-30863
-
Nearly 38 Million Impacted in ManoMano Third-Party Breach
ManoMano is notifying nearly 38 million customers after a third-party breach exposed personal data and underscored growing vendor security risks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/nearly-38-million-impacted-in-manomano-third-party-breach/
-
Preventing Breaches MFA on Remote Access to Linux, Unix, and Infrastructure Systems
Most breaches don’t start with malware or zero-day exploits. They start with a login. An attacker gets hold of a password, maybe through phishing, reuse, or a leaked credential dump. They test it against a remote system. An SSH prompt appears. The credentials work. From there, everything unfolds quietly privilege escalation, lateral movement, persistence. By the time anyone notices, the damage is already done. ……
-
European DYI chain ManoMano data breach impacts 38 million customers
DIY store chain ManoMano is notifying customers of a data breach personal data, which was caused by hackers compromising a third-party service provider. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/european-dyi-chain-manomano-data-breach-impacts-38-million-customers/
-
The Conduent breach; from 10 million to 25 million (and counting)
A third-party breach at Conduent now affects 25 million Americans”, many never knew their data flowed through its systems. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-conduent-breach-from-10-million-to-25-million-and-counting/
-
When Payment Data Becomes the Weakest Link
Tags: access, awareness, breach, cloud, compliance, container, control, cybersecurity, data, data-breach, encryption, fraud, least-privilege, PCI, radius, risk, service, software, strategy, threatWhen Payment Data Becomes the Weakest Link madhav Thu, 02/26/2026 – 10:56 Most cybersecurity incidents don’t begin with an attack. They begin with a design decision. Four people experienced that reality in the same week. Different roles. Different systems. One shared outcome. Cybersecurity Karen Kelvie – Product Marketing, Data Protection More About This Author >…
-
Marquis Takes Legal Action Against SonicWall Over Ransomware Attack from Backup Breach
Tags: attack, backup, breach, cloud, cyber, cybersecurity, firewall, ransomware, service, software, vulnerabilityMarquis Software Solutions has filed a lawsuit against cybersecurity firm SonicWall, claiming a vulnerability in SonicWall’s cloud backup service led directly to a ransomware attack on its network. Filed in a Texas federal court, the complaint highlights a massive failure in securing sensitive firewall configuration files.”‹ On August 14, 2025, Marquis experienced a devastating ransomware…
-
Government Data Stolen After Hacker Jailbreaks Claude AI to Write Malicious Exploit Code
Tags: ai, breach, cyber, cyberattack, cybersecurity, data, exploit, government, hacker, malicious, vulnerabilityA hacker successfully manipulated Anthropic’s Claude AI to launch a sophisticated month-long cyberattack against Mexican government agencies. Between December 2025 and January 2026, the attacker utilized >>jailbreaking<< techniques to bypass safety guardrails, forcing the AI to identify vulnerabilities, generate functional exploit code, and exfiltrate sensitive data. The Jailbreak Method Cybersecurity firm Gambit Security revealed that…
-
Australian Poultry Giant Hazeldenes Faces Operational Disruption After Cyberattack
One of the country’s largest poultry processors is working to restore operations after a cybersecurity breach disrupted production across its network. The Hazeldenes cyberattack has affected the Victoria-based business, prompting a phased return to normal activity as investigations continue. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/hazeldenes-cyberattack-australia/
-
DarkCloud Infostealer Escalates as Major Enterprise Threat with Scalable Credential Theft
Infostealers continue to dominate the initial access landscape in 2026, driving breaches through scalable credential theft. Among these, DarkCloud has emerged as a major threat, illustrating how low-cost, commercialized malware is reshaping enterprise compromise dynamics worldwide. Despite being promoted as “surveillance software,” its real function is unmistakable highvolume credential harvesting across browsers, email clients, file transfer tools, and…
-
Google Disrupts Chinese Hacker Network Behind 53 Telecom, Gov’t Breaches
Tags: breach, china, cyber, espionage, google, government, group, hacker, infrastructure, intelligence, mandiant, network, threatGoogle and its partners have disrupted a major Chinese state-linked cyber espionage campaign that breached at least 53 telecommunications and government entities across 42 countries on four continents. The operation, led by Google Threat Intelligence Group (GTIG) alongside Mandiant and industry partners, dismantled the infrastructure of a suspected People’s Republic of China (PRC) nexus group…
-
Marquis Sues SonicWall Over 2025 Firewall Data Breach
Tags: attack, authentication, backup, breach, cloud, credentials, data, data-breach, firewall, flaw, ransomware, softwareLawsuit Claims SonicWall Cloud Backup Flaw Led to Ransomware Attack Against Marquis. Marquis Software Solutions has sued SonicWall alleging a cloud backup data breach exposed firewall configuration files, including credentials and multifactor authentication scratch codes. The firm says the breach enabled an August 2025 ransomware attack and triggered dozens of class action lawsuits. First seen…
-
Conduent Says Hack Now Affects at Least 25 Million Patients
State Officials Investigating Breach of Back-Office Services Provider Found in 2025. The victim count in the 2024 hack on back-office support services vendor Conduent Business Services has just ballooned again, with the Xerox-spinoff now reporting to Wisconsin regulators that the incident affected 25 million-plus people nationwide. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/conduent-says-hack-now-affects-at-least-25-million-patients-a-30848
-
Medical device maker UFP Technologies warns of data stolen in cyberattack
American manufacturer of medical devices, UFP Technologies, has disclosed that a cybersecurity incident has compromised its IT systems and data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/medical-device-maker-ufp-technologies-warns-of-data-stolen-in-cyberattack/
-
US Sanctions Russian Exploit Broker Over Stolen US Cyber Tools
The US Treasury targets Sergey Zelenyuk and his firm Operation Zero for the illegal trade of stolen government cyber tools following the sentencing of Peter Williams. First seen on hackread.com Jump to article: hackread.com/us-sanctions-russian-exploit-broker-us-cyber-tools/
-
Treasury Sanctions Russian Exploit Brokerage
The U.S. sanctioned Russia-linked Operation Zero for trafficking stolen zero-day exploits tied to national security risks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/treasury-sanctions-russian-exploit-brokerage/
-
Health insurance tech provider TriZetto says more than 3 million impacted by 2024 breach
A breach of TriZetto software first described by counties in Oregon affected millions of Americans overall, according to public data released this week by the company. First seen on therecord.media Jump to article: therecord.media/trizetto-healthcare-tech-company-data-breach-update