Tag: breach
-
iFood Confirms Data Breach Affecting 1.2 Million Users in Brazil
iFood confirms a data breach affecting 1.2 million customers in Brazil, while hackers on BreachForums claim the actual theft is much larger. First seen on hackread.com Jump to article: hackread.com/ifood-confirms-data-breach-brazil-users/
-
UN food agency discloses breach affecting 600,000 Gaza households
Tags: breachThe United Nations’ World Food Programme (WFP), the world’s largest humanitarian organization, revealed over the weekend that its self-registration application (SRA) for Palestine was breached. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/un-world-food-programme-breach-affects-600-000-gaza-households/
-
UN food agency investigates breach exposing data of Gaza aid recipients
In a message sent to aid recipients via Telegram over the weekend, the World Food Programme (WFP) said that “unauthorized parties” had accessed data stored in its self-registration application in Gaza. First seen on therecord.media Jump to article: therecord.media/un-food-agency-investigates-gaza-aid-breach
-
Dashlane issues opaque advisory warning 20 encrypted vaults were stolen
Security advisory leaves out key details. Dashlane maintains complete silence. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/06/dashlane-issues-opaque-advisory-warning-20-encrypted-vaults-were-stolen/
-
Ultrahuman says hackers accessed customers’ wellness data via internal tool
The breach at wearable ring maker Ultrahuman stemmed from credentials stolen from a malware-infected employee laptop. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/03/ultrahuman-says-hackers-accessed-customers-wellness-data-via-internal-tool/
-
The worst hacks and breaches of 2026 (so far)
From a massive DOGE data breach and the hacking of critical energy and water systems to the hack of an FBI surveillance system, here are the most damaging security incidents and data breaches of 2026. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/03/the-worst-hacks-and-breaches-of-2026-so-far/
-
Red Hat Confirms Supply Chain Breach Impacting @redhatservices npm Packages
Red Hat has confirmed a supply chain security breach impacting multiple npm packages under the @redhat-cloud-services namespace, as detailed in security bulletin RHSB-2026-006 released on June 2, 2026. The incident was publicly disclosed a day earlier and stems from a compromised GitHub account that introduced malicious code into trusted repositories maintained within Red Hat’s infrastructure.…
-
Most organizations that miss 24-hour patch window report breaches
First seen on scworld.com Jump to article: www.scworld.com/news/most-organizations-that-miss-24-hour-patch-window-report-breaches
-
California sues 23andMe over 2023 data breach
First seen on scworld.com Jump to article: www.scworld.com/brief/california-sues-23andme-over-2023-data-breach
-
ShinyHunters Alleges 42M Records Stolen from Charter Communications
Charter confirmed a cybersecurity incident after ShinyHunters claimed it stole customer data through a vishing attack. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/shinyhunters-alleges-42m-records-stolen-from-charter-communications/
-
64,000 accounts exposed in breach of GTA V cheat service Atlas Menu
Atlas Menu, a cheat service for Grand Theft Auto V and Counter-Strike 2, has been added to the Have I Been Pwned database following a data breach that exposed tens of … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/02/atlas-menu-cheat-service-data-breach/
-
Stolen Gemini API Keys Fuel Automated Telegram Influence Campaign
A long-running Telegram influence and fraud campaign where a solo threat actor leveraged stolen Google Gemini API keys and jailbroken AI to automate content generation, credential theft, and infrastructure operations at scale. Tracked as “bandcampro,” the Russian-speaking operator maintained a MAGA themed Telegram channel, @americanpatriotus, for nearly five years, amassing around 17,000 subscribers. The actor…
-
Beyond Assume-Breach: How AI-Native Security Will Reshape Enterprise Defense
Twenty years after Dark Reading launched, we’re looking ahead at what’s next for enterprise security. Spoiler: It’s hyper-segmented, AI-orchestrated, and way more sophisticated than your dad’s firewall. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/assume-breach-ai-native-security-reshape-enterprise-defense
-
Scottish residents granted permission for group action against Capita
People of Scotland given the go-ahead on group proceedings regarding the 2023 Capita cyber breach, in which the personal information of millions of people was stolen from Capita systems after a major cyber attack First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643816/Scottish-residents-granted-permission-for-group-action-against-Capita
-
Hackers duped Meta AI support chatbot to steal celebrity Instagram accounts
Pricey Instagram handles were stolen and resold before Meta patched the exploit. First seen on arstechnica.com Jump to article: arstechnica.com/ai/2026/06/meta-ai-support-chatbot-gave-hackers-access-to-notable-instagram-accounts/
-
Tina Peters, convicted in election-security breach, emerges defiant and vows legal fight
The former Colorado election clerk struck an unrepentant pose in her first interview after her prison sentence was commuted by Colorado Governor Jared Polis. First seen on cyberscoop.com Jump to article: cyberscoop.com/tina-peters-unapologetic-bannon-interview-polis-commutation/
-
Google Chrome’s New Feature Takes Aim at Cookie Theft, Account Hijacking
Chrome’s DBSC update binds login sessions to user devices, making stolen session cookies harder to reuse in account hijacking attacks. The post Google Chrome’s New Feature Takes Aim at Cookie Theft, Account Hijacking appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-chrome-dbsc-session-cookie-theft/
-
Attackers Exploit Docker, Kubernetes Misconfigs to Breach Hosts
Attackers are increasingly targeting Docker and Kubernetes environments by exploiting misconfigurations, weak isolation boundaries, and insecure APIs to compromise host systems and entire clusters. As containerization becomes the backbone of modern cloud infrastructure, threat actors are shifting focus from traditional endpoints to container ecosystems, where a single weakness can expose critical services at scale. A…
-
OpenAI Codex Authentication Tokens Stolen in codexui-android npm Supply Chain Attack
Tags: android, attack, authentication, breach, cybersecurity, github, malicious, openai, supply-chain, toolCybersecurity researchers have disclosed details of a new malicious supply chain campaign that’s targeting developers using OpenAI Codex through a legitimate-looking remote web UI.The tool, named codexui-android, is advertised on GitHub and npm as a remote web UI for OpenAI Codex, attracting over 29,000 weekly downloads. The package is still available for download from the…
-
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks
Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/
-
ShinyHunters Leaks Charter Communications Data, Potentially Impacting 5 Million Customers
Cybercrime group ShinyHunters leaked data allegedly stolen from Charter Communications, exposing millions of customer records after a failed extortion attempt. The ShinyHunters extortion group has published data allegedly stolen from Charter Communications after the company apparently refused to pay a ransom. Charter Communications is one of the largest telecommunications companies in the United States. It…
-
Oncology Firm Says Vendor Hack Compromised Patient Data
Breach Is Among Several Recent Major Incidents Involving Billing Software Providers. A publicly traded cancer treatment firm notified investors that a yet-undisclosed number of patients’ information was compromised in a 2025 cybersecurity incident involving a third-party billing software vendor. The Oncology Institute provides cancer treatment care to nearly 2 million patients. First seen on govinfosecurity.com…
-
Charter confirms data breach after ShinyHunters extortion threat
U.S. telecommunications giant Charter Communications has confirmed it suffered a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/charter-confirms-data-breach-after-shinyhunters-extortion-threat/
-
Iranian hackers blamed for breach of Los Angeles transit system that took weeks to recover
An Israeli cybersecurity firm said Iran’s government is behind Ababil of Minab, a fake hacktivist persona that has claimed a series of data breaches after the start of the war in Iran. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/iranian-hackers-blamed-for-breach-of-los-angeles-transit-system-that-took-weeks-to-recover/
-
7-Eleven data breach affects over 185,000 people’s personal data
The data breach included names, dates-of-birth, postal addresses, and Social Security numbers, according to a state government listing. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/26/7-eleven-data-breach-affects-over-185000-peoples-personal-data/
-
7-Eleven data breach exposes personal information of 185,000 people
The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in April, according to data breach notification service Have I Been Pwned. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/7-eleven-data-breach-exposes-personal-information-of-185-000-people/
-
Third-Party Cyberattack Impacts Patient Information at The Oncology Institute
The Oncology Institute disclosed a data breach tied to a third-party vendor, potentially exposing patient information after a 2025 cyberattack. The Oncology Institute has confirmed that patient information was impacted in a cybersecurity incident involving a third-party software provider. The healthcare network first disclosed the security breach in November 2025 while the vendor’s investigation was…
-
340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks
A hacker is selling a 340M-strong OnlyFans-linked dataset built by correlating old breaches and public data, not by hacking OnlyFans directly. A threat actor is adverertising a purported database containing data of 340 million OnlyFans users, but the available evidence points to something less dramatic than a direct breach. According to HackRead, which reported the…
-
340 Million OnlyFans Profiles Allegedly Rebuilt from Leaks
A hacker is selling a 340M-strong OnlyFans-linked dataset built by correlating old breaches and public data, not by hacking OnlyFans directly. A threat actor is adverertising a purported database containing data of 340 million OnlyFans users, but the available evidence points to something less dramatic than a direct breach. According to HackRead, which reported the…