Tag: data-breach
-
A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know
Here’s what we know, and what you need to know, about Coruna and DarkSword, two advanced iPhone hacking tools discovered by security researchers. DarkSword has now leaked online. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/26/a-major-hacking-tool-has-leaked-online-putting-millions-of-iphones-at-risk-heres-what-you-need-to-know/
-
New critical Citrix NetScaler hole of similar severity to CitrixBleed2, says expert
CSO in an email, because the hole allows an unauthenticated remote attacker to leak potentially sensitive information from the appliance’s memory.”This vulnerability is one that threat actors and researchers alike are paying attention to,” he said.The vulnerability carries similar ramifications to 2023’s CitrixBleed and 2025’s CitrixBleed2 memory leak vulnerabilities, Emmons added. Then, unauthenticated attackers with…
-
AI Has Created a New Attack Surface and Encryption Is Not Enough
Tags: access, ai, attack, ciso, cryptography, cybersecurity, data, data-breach, defense, encryption, endpoint, exploit, framework, injection, intelligence, leak, LLM, microsoft, mitigation, network, risk, service, side-channel, sql, training, vulnerability<div cla Executive Insight For decades, enterprises relied on strong encryption to protect sensitive data in transit, and encryption used to be the end of the conversation. If an organization could say “we use TLS 1.3 and modern cipher suites,” that was enough to reassure boards, regulators, and customers that data in transit was…
-
AI Has Created a New Attack Surface and Encryption Is Not Enough
Tags: access, ai, attack, ciso, cryptography, cybersecurity, data, data-breach, defense, encryption, endpoint, exploit, framework, injection, intelligence, leak, LLM, microsoft, mitigation, network, risk, service, side-channel, sql, training, vulnerability<div cla Executive Insight For decades, enterprises relied on strong encryption to protect sensitive data in transit, and encryption used to be the end of the conversation. If an organization could say “we use TLS 1.3 and modern cipher suites,” that was enough to reassure boards, regulators, and customers that data in transit was…
-
500GB Stolen From Namibia Airports A Wake Up Call for Aviation Security
Airports are critical infrastructure hubs that manage sensitive operational, passenger, and logistics data. A breach in such environments does not just impact data privacy. It can introduce broader risks to national security and operational continuity. New reporting from Africa Press reveals that hackers have claimed a 500GB data breach involving the Namibia Airports Company, raising…
-
Nearly 7M Email Addresses Exposed in Crunchyroll Third-Party Breach
Hackers claim they stole 6.8 million Crunchyroll email addresses through a third-party vendor breach, exposing support ticket data and other user details. The post Nearly 7M Email Addresses Exposed in Crunchyroll Third-Party Breach appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-crunchyroll-data-breach-third-party-vendor/
-
Recent Navia data breach impacts HackerOne employee data
A Navia breach exposed personal data of nearly 300 HackerOne employees after attackers compromised the benefits provider. HackerOne revealed that a data breach at Navia Benefit Solutions exposed the personal information of nearly 300 of its employees. The incident stems from an attack on the third-party benefits provider, highlighting how breaches at external partners can…
-
HackerOne Confirms Employee Data Stolen Following Linked Navia Hack
Tags: breach, bug-bounty, cyber, cyberattack, data, data-breach, network, security-incident, service, vulnerabilityHackerOne, a leading vulnerability coordination and bug bounty platform, has officially confirmed a data breach impacting its employees. The security incident did not occur directly on HackerOne’s internal network or infrastructure. Instead, the sensitive data was exposed through a targeted cyberattack on a third-party service provider known as Navia. Employee Data Stolen According to a…
-
Data breach at Dutch Ministry of Finance impacts staff following cyberattack
Dutch Ministry of Finance disclosed a data breach affecting some employees following a cyberattack, investigation is ongoing. The Dutch Ministry of Finance disclosed a cyberattack detected on March 19 after a third-party alert. Attackers breached some internal systems, the incident impacted a >>portion of the employees<<. Authorities are still investigating the incident and its full…
-
BSidesSLC 2025 Restless Guests Azure Exploit Exposed
Author, Creator & Presenter: Simon Maxwell-Stewart – Security Researcher And Data Scientist At BeyondTrust Our thanks to BSidesSLC for publishing their Creators, Authors and Presenter’s outstanding BSidesSLC 2025 content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/bsidesslc-2025-restless-guests-azure-exploit-exposed/
-
Cy4Data Labs Brings Real-Time Insider Threat Detection to RSAC 2026
Cy4Data Labs announced at RSAC 2026 that its flagship platform Cy4Secure now includes a Behavior Engine for insider threat detection, designed to bring the time it takes to identify and contain a data breach from more than 200 days down to seconds. The Behavior Engine is built around a three-phase response model: Detect, Deny, Eject……
-
OVHcloud Founder Denies Massive 590TB Data Breach Claims
OVHcloud denies breach after hacker claims 600TB data theft affecting millions of sites, with experts doubting authenticity due to weak proof First seen on hackread.com Jump to article: hackread.com/ovhcloud-founder-denies-590tb-data-breach-claims/
-
Introducing the Identity and Access Gaps in the Age of Autonomous AI Survey Report
2 min readThe Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload identity and access. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/introducing-the-identity-and-access-gaps-in-the-age-of-autonomous-ai-survey-report/
-
QualDerm Partners December 2025 data breach impacts over 3 Million people
Over 3.1M people affected as QualDerm Partners suffered a December 2025 breach, exposing personal, medical, and health insurance data. Over 3.1 million people are affected by a December 2025 data breach at QualDerm Partners, where hackers stole personal, medical, and health insurance information from the company’s internal systems. QualDerm Partners is a U.S.-based healthcare management…
-
Millions of Anonymous Student and Crime Tips Exposed in Major Data Breach
A reported breach of P3 Global Intel exposed millions of anonymous crime and school safety tips, raising new concerns about privacy and trust. The post Millions of Anonymous Student and Crime Tips Exposed in Major Data Breach appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-p3-global-intel-data-breach/
-
Anime streaming giant Crunchyroll says hacker stole data related to customer service tickets
The popular anime streaming platform Crunchyroll confirmed that a batch of customer information that was stolen through a third-party customer service vendor and leaked online is legitimate. First seen on therecord.media Jump to article: therecord.media/crunchyroll-hacker-anime-data-theft
-
HackerOne discloses employee data breach after Navia hack
Bug bounty platform HackerOne is notifying hundreds of employees that their data was stolen after attackers hacked Navia, one of its U.S. benefits administrators. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackerone-discloses-employee-data-breach-after-navia-hack/
-
Infinite Campus warns of breach after ShinyHunters claims data theft
Infinite Campus, a widely used K-12 student information system, is warning customers of a data breach following an extortion attempt by a threat actor. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/infinite-campus-warns-of-breach-after-shinyhunters-claims-data-theft/
-
HackerOne slams supplier for delayed breach notice after staff data exposed
Nearly 300 employees caught up in intrusion at benefits provider Navia First seen on theregister.com Jump to article: www.theregister.com/2026/03/24/hackerone_supplier_breach/
-
DarkSword Exploit Chain Leaked Online, Posing Risk to Millions of iPhones
Security researchers have confirmed that the sophisticated iOS exploit chain known as DarkSword is now accessible outside of its original threat actor groups. Recently, security researcher @matteyeux successfully achieved kernel read/write access on an iPad mini 6th generation running iOS 18.6.2 using the in-the-wild DarkSword exploit. This development demonstrates that the exploit kit is highly…
-
DarkSword iPhone Exploit Leaked Online, Hundreds of Millions at Risk
DarkSword exploit leak puts up to 270 million iPhones at risk, with hackers able to access data through… First seen on hackread.com Jump to article: hackread.com/darksword-iphone-exploit-leaked-online/
-
Threat Actors Target MS-SQL Servers to Deploy ICE Cloud Scanner Malware
Threat actors are continuing to aggressively target Microsoft SQL (MS-SQL) servers in 2026, with new evidence showing the deployment of a scanner malware known as ICE Cloud Client. Larva-26002 has maintained a consistent focus on poorly secured MS-SQL servers exposed to the internet. These systems are typically compromised through brute-force or dictionary attacks using weak…
-
Alleged Cyberattack on Crunchyroll Exposes Risks in Outsourced Systems
The reported Crunchyroll data breach has sparked a new debate across First seen on thecyberexpress.com Jump to article: thecyberexpress.com/crunchyroll-data-breach/
-
Mazda discloses security breach exposing employee and partner data
Mazda Motor Corporation (Mazda) announced that information belonging to its employees and business partners had been exposed in a security incident detected last December. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/mazda-discloses-security-breach-exposing-employee-and-partner-data/
-
Someone has publicly leaked an exploit kit that can hack millions of iPhones
Leaked “DarkSword” exploits published to GitHub allow hackers and cybercriminals to target iPhone users running old versions of iOS with spyware, according to cybersecurity researchers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/03/23/someone-has-publicly-leaked-an-exploit-kit-that-can-hack-millions-of-iphones/