Tag: breach
-
Attackers Used AI to Breach an AWS Environment in 8 Minutes
Threat actors using LLMs needed only eight minutes to move from initial access to full admin privileges in an attack on a company’s AWS cloud environment in the latest example of cybercriminals expanding their use of AI in their operations, Sysdig researchers said. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/attackers-used-ai-to-breach-an-aws-environment-in-8-minutes/
-
Flickr emails users about data breach, pins it on 3rd party
Attackers may have snapped user locations and activity information, message warns First seen on theregister.com Jump to article: www.theregister.com/2026/02/06/flickr_emails_users_about_data_breach/
-
Substack Confirms Data Breach, Limited User Data Compromised
Substack did not specify the number of users affected by the data breach First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/substack-confirms-data-breach/
-
Flickr Notifies Users of Data Breach After External Partner Security Flaw
Flickr says a third-party email vendor flaw may have exposed user names, emails, IP data, and activity logs,… First seen on hackread.com Jump to article: hackread.com/flickr-data-breach-external-partner-security-flaw/
-
Asian State-Backed Group TGR-STA-1030 Breaches 70 Government, Infrastructure Entities
A previously undocumented cyber espionage group operating from Asia broke into the networks of at least 70 government and critical infrastructure organizations across 37 countries over the past year, according to new findings from Palo Alto Networks Unit 42.In addition, the hacking crew has been observed conducting active reconnaissance against government infrastructure associated with 155…
-
Ex-Nuance IT Worker Faces More Charges in Geisinger Breach
Terminated Employee Accused of Stealing 1 Million Patient Records. A former Nuance Communications IT worker is facing additional federal charges in an ongoing criminal case alleging he downloaded and stored on a personal hard drive with more than 1 million patient records of a Nuance client two days after he was terminated from his job…
-
How Samsung Knox Helps Stop Your Network Security Breach
As you know, enterprise network security has undergone significant evolution over the past decade. Firewalls have become more intelligent, threat detection methods have advanced, and access controls are now more detailed. However (and it’s a big “however”), the increasing use of mobile devices in business operations necessitates network security measures that are specifically First seen…
-
Flickr discloses potential data breach exposing users’ names, emails
Photo-sharing platform Flickr is notifying users of a potential data breach after a vulnerability at a third-party email service provider exposed their real names, email addresses, IP addresses, and account activity. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/flickr-discloses-potential-data-breach-exposing-users-names-emails/
-
Why Attackers no Longer Need to Break in: The Rise of Identity-Based Attacks
In 2026 stolen credentials and unmanaged machine identities drive breaches”, small buys, phone scams, and weak IAM make identity the real perimeter; prioritize inventory, least privilege, and stronger auth. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/why-attackers-no-longer-need-to-break-in-the-rise-of-identity-based-attacks/
-
Phishing and OAuth Token Vulnerabilities Lead to Full Microsoft 365 Breach
Two medium-severity vulnerabilities, an unsecured email API endpoint and verbose error messages exposing OAuth tokens, chain together to enable authenticated phishing that bypasses all email security controls, persistent access to Microsoft 365 environments While protocols like SPF, DKIM, and DMARC have made traditional domain spoofing difficult, attackers have evolved. They now seek ways to send…
-
Substack Breach: 662,752 User Records Leaked on Cybercrime Forum
Substack confirms a breach after hacker accessed internal user records now circulating on crime forums, exposing emails, phone numbers, and account metadata. First seen on hackread.com Jump to article: hackread.com/substack-breach-user-records-leak-cybercrime-forum/
-
Ex-Nuance IT Worker Face More Charges in Geisinger Breach
Terminated Employee Accused of Stealing 1M Patient Records. A former Nuance Communications IT worker is facing additional federal charges in an ongoing criminal case alleging he downloaded and stored on a personal hard drive with more than 1 million patient records of a Nuance client two days after he was terminated from his job in…
-
Breach Roundup: Italy Thwarts Russian Olympic Hacks
Also, Active Exploits Hit SolarWinds, Ivanti as APT28 Targets EU, Ukraine. This week, Italy blocked Russian cyberattacks targeting the Olympics. Flaws in SolarWinds, Ivanti and Microsoft Office. Russia’s APT28 ramped up attacks in Ukraine, supply chain attacks, regulators probed major breaches and a U.S. judge sentenced the operator of a darkweb drug marketplace. First seen…
-
Hacker claims theft of data from 700,000 Substack users; Company confirms breach
Substack confirmed a data breach after a hacker leaked data from nearly 700,000 users, including email addresses and phone numbers. Substack is an online platform for publishing email”‘based newsletters and blogs, with built”‘in paid subscriptions and basic analytics. It’s free to start; creators pay a fee on paid plans. In 2026 it’s estimated to serve…
-
Spain’s Ministry of Science shuts down systems after breach claims
Tags: breachSpain’s Ministry of Science (Ministerio de Ciencia) announced a partial shutdown of its IT systems, affecting several citizen- and company-facing services. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/spains-ministry-of-science-shuts-down-systems-after-breach-claims/
-
Substack says intruder lifted emails, phone numbers in months-old breach
Contact details were accessed in an intrusion that went undetected for months, the blogging outfit says First seen on theregister.com Jump to article: www.theregister.com/2026/02/05/substack_admit_security_incident/
-
Cryptohack Roundup: Step Finance, CrossCurve Exploits
Also: US Sanctions UK-Registered Exchanges Over Iran Ties. This week, Step Finance and CrossCurve hacks, the United States sanctioned U.K.-registered exchanges over Iran ties, forfeiture finalization of funds linked to Helix, Coinbase data breach, 2025’s illicit crypto flows and a UK regulator banned Coinbase ads. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cryptohack-roundup-step-finance-crosscurve-exploits-a-30685
-
Proton Warns European Startups: No One Is Too Small to Be Targeted by Hackers
Tags: breach, business, cybercrime, cybersecurity, dark-web, data, hacker, monitoring, privacy, startupSwiss privacy company Proton is urging European startups to rethink their cybersecurity approach after new research based on dark-web breach monitoring found that early-stage companies are increasingly targeted by cybercriminals, with significant consequences for innovation, data protection, and business continuity. The push comes as Proton launches its new initiative, “Build in Private,” aimed at helping…
-
Substack warns customers of data breach following hacker’s dark web claims
Customers of the newsletter platform Substack were notified on Wednesday of a breach, following a hacker’s claims on the dark web of a trove of stolen data. First seen on therecord.media Jump to article: therecord.media/substack-data-breach-notification
-
Data breach at govtech giant Conduent balloons, affecting millions more Americans
The ransomware attack at Conduent allowed hackers to steal a “significant number of individuals’ personal information” from the govtech giant’s systems. Conduent handles personal and health data of more than 100 million people across America. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/05/data-breach-at-govtech-giant-conduent-balloons-affecting-millions-more-americans/
-
Substack confirms data breach affects users’ email addresses and phone numbers
Substack said that customer data was accessed in October 2025, but wasn’t discovered until early February. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/05/substack-confirms-data-breach-affecting-email-addresses-and-phone-numbers/
-
Newsletter platform Substack notifies users of data breach
Newsletter platform Substack is notifying users of a data breach after attackers stole their email addresses and phone numbers in October 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/newsletter-platform-substack-notifies-users-of-data-breach/
-
The silent security gap in enterprise AI adoption
Tags: access, ai, api, backup, breach, business, cloud, compliance, computer, computing, control, credentials, cryptography, data, data-breach, encryption, exploit, finance, group, healthcare, infrastructure, malicious, risk, service, technology, threat, toolInfoWorld explains in its analysis of why AI is all about inference now.This shift has happened quickly. In many organizations, AI systems have moved from pilot projects to core infrastructure in less than two years. Yet security architectures have not evolved at the same pace. The result is a widening gap between where sensitive data…
-
Data breach at fintech firm Betterment exposes 1.4 million accounts
Hackers stole email addresses and other personal information from 1.4 million accounts after breaching the systems of automated investment platform Betterment in January. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/data-breach-at-fintech-firm-betterment-exposes-14-million-accounts/
-
DragonForce Ransomware Targets Critical Businesses to Exfiltrate Sensitive Data
DragonForce is a ransomware group that emerged in late 2023 and has grown into a serious threat to businesses by combining data theft with file encryption. The group uses dual extortion: it steals sensitive data, encrypts systems, and then threatens to publish the stolen information on dark web leak sites if victims do not pay.”‹…
-
>>Can You Hear Me?<< BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS
The post >>Can You Hear Me?<< BlueNoroff Hackers Use Fake Audio Glitch to Breach macOS appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/can-you-hear-me-bluenoroff-hackers-use-fake-audio-glitch-to-breach-macos/