Tag: breach
-
How Samsung Knox Helps Stop Your Network Security Breach
As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically First seen…
-
Flickr discloses potential data breach exposing users’ names, emails
Photo-sharing platform Flickr is notifying users of a potential data breach after a vulnerability at a third-party email service provider exposed their real names, email addresses, IP addresses, and account activity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/flickr-discloses-potential-data-breach-exposing-users-names-emails/
-
Why Attackers no Longer Need to Break in: The Rise of Identity-Based Attacks
In 2026 stolen credentials and unmanaged machine identities drive breaches”, small buys, phone scams, and weak IAM make identity the real perimeter; prioritize inventory, least privilege, and stronger auth. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/why-attackers-no-longer-need-to-break-in-the-rise-of-identity-based-attacks/
-
Phishing and OAuth Token Vulnerabilities Lead to Full Microsoft 365 Breach
Two medium-severity vulnerabilities, an unsecured email API endpoint and verbose error messages exposing OAuth tokens, chain together to enable authenticated phishing that bypasses all email security controls, persistent access to Microsoft 365 environments While protocols like SPF, DKIM, and DMARC have made traditional domain spoofing difficult, attackers have evolved. They now seek ways to send…
-
Substack Breach: 662,752 User Records Leaked on Cybercrime Forum
Substack confirms a breach after hacker accessed internal user records now circulating on crime forums, exposing emails, phone numbers, and account metadata. First seen on hackread.com Jump to article: hackread.com/substack-breach-user-records-leak-cybercrime-forum/
-
Ex-Nuance IT Worker Face More Charges in Geisinger Breach
Terminated Employee Accused of Stealing 1M Patient Records. A former Nuance Communications IT worker is facing additional federal charges in an ongoing criminal case alleging he downloaded and stored on a personal hard drive with more than 1 million patient records of a Nuance client two days after he was terminated from his job in…
-
Breach Roundup: Italy Thwarts Russian Olympic Hacks
Also, Active Exploits Hit SolarWinds, Ivanti as APT28 Targets EU, Ukraine. This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office. Russia’s APT28 ramped up attacks in Ukraine, supply chain attacks, regulators probed major breaches and a U.S. judge sentenced the operator of a darkweb drug marketplace. First seen…
-
Hacker claims theft of data from 700,000 Substack users; Company confirms breach
Substack confirmed a data breach after a hacker leaked data from nearly 700,000 users, including email addresses and phone numbers. Substack is an online platform for publishing email”‘based newsletters and blogs, with built”‘in paid subscriptions and basic analytics. It’s free to start; creators pay a fee on paid plans. In 2026 it’s estimated to serve…
-
Spain’s Ministry of Science shuts down systems after breach claims
Tags: breachSpain’s Ministry of Science (Ministerio de Ciencia) announced a partial shutdown of its IT systems, affecting several citizen- and company-facing services. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/spains-ministry-of-science-shuts-down-systems-after-breach-claims/
-
Substack says intruder lifted emails, phone numbers in months-old breach
Contact details were accessed in an intrusion that went undetected for months, the blogging outfit says First seen on theregister.com Jump to article: www.theregister.com/2026/02/05/substack_admit_security_incident/
-
Cryptohack Roundup: Step Finance, CrossCurve Exploits
Also: US Sanctions UK-Registered Exchanges Over Iran Ties. This week, Step Finance and CrossCurve hacks, the United States sanctioned U.K.-registered exchanges over Iran ties, forfeiture finalization of funds linked to Helix, Coinbase data breach, 2025’s illicit crypto flows and a UK regulator banned Coinbase ads. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-step-finance-crosscurve-exploits-a-30685
-
Proton Warns European Startups: No One Is Too Small to Be Targeted by Hackers
Tags: breach, business, cybercrime, cybersecurity, dark-web, data, hacker, monitoring, privacy, startupSwiss privacy company Proton is urging European startups to rethink their cybersecurity approach after new research based on dark-web breach monitoring found that early-stage companies are increasingly targeted by cybercriminals, with significant consequences for innovation, data protection, and business continuity. The push comes as Proton launches its new initiative, “Build in Private,” aimed at helping…
-
Substack warns customers of data breach following hacker’s dark web claims
Customers of the newsletter platform Substack were notified on Wednesday of a breach, following a hacker’s claims on the dark web of a trove of stolen data. First seen on therecord.media Jump to article: therecord.media/substack-data-breach-notification
-
Data breach at govtech giant Conduent balloons, affecting millions more Americans
The ransomware attack at Conduent allowed hackers to steal a “significant number of individuals’ personal information” from the govtech giant’s systems. Conduent handles personal and health data of more than 100 million people across America. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/05/data-breach-at-govtech-giant-conduent-balloons-affecting-millions-more-americans/
-
Substack confirms data breach affects users’ email addresses and phone numbers
Substack said that customer data was accessed in October 2025, but wasn’t discovered until early February. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/05/substack-confirms-data-breach-affecting-email-addresses-and-phone-numbers/
-
Newsletter platform Substack notifies users of data breach
Newsletter platform Substack is notifying users of a data breach after attackers stole their email addresses and phone numbers in October 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/newsletter-platform-substack-notifies-users-of-data-breach/
-
The silent security gap in enterprise AI adoption
Tags: access, ai, api, backup, breach, business, cloud, compliance, computer, computing, control, credentials, cryptography, data, data-breach, encryption, exploit, finance, group, healthcare, infrastructure, malicious, risk, service, technology, threat, toolInfoWorld explains in its analysis of why AI is all about inference now.This shift has happened quickly. In many organizations, AI systems have moved from pilot projects to core infrastructure in less than two years. Yet security architectures have not evolved at the same pace. The result is a widening gap between where sensitive data…
-
Data breach at fintech firm Betterment exposes 1.4 million accounts
Hackers stole email addresses and other personal information from 1.4 million accounts after breaching the systems of automated investment platform Betterment in January. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/data-breach-at-fintech-firm-betterment-exposes-14-million-accounts/
-
DragonForce Ransomware Targets Critical Businesses to Exfiltrate Sensitive Data
DragonForce is a ransomware group that emerged in late 2023 and has grown into a serious threat to businesses by combining data theft with file encryption. The group uses dual extortion: it steals sensitive data, encrypts systems, and then threatens to publish the stolen information on dark web leak sites if victims do not pay.”‹…
-
>>Can You Hear Me?<< BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS
The post >>Can You Hear Me?<< BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/can-you-hear-me-bluenoroff-hackers-use-fake-audio-glitch-to-breach-macos/
-
Significant Ransomware Firewall Misconfiguration Breach
When “Secure by Design” Fails at the Edge Firewalls are still widely treated as the first and final line of defense. Once deployed, configured, and updated, they are often assumed to be a stable control that quietly does its job in the background. Recent ransomware incidents suggest that the assumption is becoming dangerous. In early…
-
Hackers publish personal information stolen during Harvard, UPenn data breaches
The prolific cybercrime group ShinyHunters took responsibility for hacking Harvard and the University of Pennsylvania, and published the stolen data on its extortion website. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/04/hackers-publish-personal-information-stolen-during-harvard-upenn-data-breaches/
-
LookOut: Discovering RCE and Internal Access on Looker (Google Cloud On-Prem)
Tenable Research discovered two novel vulnerabilities in Google Looker that could allow an attacker to completely compromise a Looker instance. Google moved swiftly to patch these issues. Organizations running Looker on-prem should verify they have upgraded to the patched versions. Key takeaways Two novel vulnerabilities: Tenable Research discovered a remote code execution (RCE) chain via…
-
The Double-Edged Sword of Non-Human Identities
Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows how exposed machine credentials quietly grant attackers long-term access to enterprise systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-double-edged-sword-of-non-human-identities/
-
Big Breach or Smooth Sailing? Mexican Gov’t Faces Leak Allegations
A hacktivist group claims a 2.3-terabyte data breach exposes the information of 36 million Mexicans, but no sensitive accounts are at risk, says government. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/big-breach-or-nada-de-nada-mexican-govt-faces-leak-allegations
-
Big Breach or Nada de Nada? Mexican Gov’t Faces Leak Allegations
A hacktivist group claims a 2.3-terabyte data breach exposes the information of 36 million Mexicans, but no sensitive accounts are at risk, says government. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/big-breach-or-nada-de-nada-mexican-govt-faces-leak-allegations
-
Coinbase confirms insider breach linked to leaked support tool screenshots
Coinbase has confirmed an insider breach after a contractor improperly accessed the data of approximately thirty customers, which BleepingComputer has learned is a new incident that occurred in December. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/coinbase-confirms-insider-breach-linked-to-leaked-support-tool-screenshots/