Tag: data-breach
-
Robotic surgery firm Intuitive reports data breach after targeted phishing attack
Intuitive suffered a phishing attack leading to a data breach exposing customer, employee, and corporate information. Intuitive is an American company that designs, manufactures, and sells robotic systems for minimally invasive surgery. Its most well-known products include the da Vinci Surgical System for general surgery and the Ion endoluminal system for precise procedures inside the…
-
Researchers disclose vulnerabilities in IP KVMs from four manufacturers
Internet-exposed devices that give BIOS-level access? What could possibly go wrong? First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/03/researchers-disclose-vulnerabilities-in-ip-kvms-from-4-manufacturers/
-
Sears Exposed AI Chatbot Phone Calls and Text Chats to Anyone on the Web
Customer conversations with chatbots can include contact information and personal details that make it easier for scammers to launch phishing attacks and commit fraud. First seen on wired.com Jump to article: www.wired.com/story/sears-exposed-ai-chatbot-phone-calls-and-text-chats-to-anyone-on-the-web/
-
Millions of UK firms on alert after Companies House data exposure
Companies House, the UK’s official company registry, said its WebFiling service is back online after being shut down on Friday to fix a security issue that may have exposed … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/17/companies-house-webfiling-service-vulnerability/
-
WebFiling Flaw at UK Companies House Exposed Director Data for Months
The UK Companies House recently disclosed a significant security vulnerability in its WebFiling service that exposed sensitive director information for several months. Chief Executive Andy King confirmed that the flaw was initially introduced during a system update in October 2025. This vulnerability allowed authenticated users to potentially view and alter the private details of other…
-
Inside Nevada’s Push for Secure Digital Government
Tags: ai, attack, cio, cybersecurity, data-breach, governance, government, identity, ransomware, resilienceState CIO Tim Galluzi on Identity Modernization, AI and Resident Services. The State of Nevada is accelerating its cybersecurity and digital modernization efforts after a major ransomware attack exposed the importance of resilience, workforce readiness and strong governance, said State CIO Tim Galluzi. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/inside-nevadas-push-for-secure-digital-government-a-31037
-
UK’s Companies House confirms security flaw exposed business data
Companies House, a British government agency that operates the registry for all U.K. companies, says its WebFiling service is back online after it was closed on Friday to fix a security flaw that exposed companies’ information since October 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/uks-companies-house-confirms-security-flaw-exposed-business-data/
-
Companies House Restores WebFiling After Flaw Exposed Director Details
Companies House fixed a WebFiling flaw that allowed users to view director details and alter company records before the service was taken offline and restored. First seen on hackread.com Jump to article: hackread.com/companies-house-webfiling-flaw-director-details/
-
UK Agency Exposed Corporate Executive Data
Directory Traversal Flaw Found in Companies House. The British government’s company register service temporarily deactivated its online filing service after someone found a serious vulnerability that allowed people to access directors’ sensitive personal data and potentially even amend companies’ records or file bogus accounts on their behalf. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/uk-agency-exposed-corporate-executive-data-a-31033
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
Don’t confuse asset inventory with exposure management
Tags: access, ai, api, attack, breach, business, chatgpt, cloud, compliance, control, credentials, cyber, cybersecurity, data, data-breach, detection, endpoint, flaw, framework, governance, government, identity, infrastructure, intelligence, Internet, leak, least-privilege, metric, mfa, monitoring, network, regulation, risk, saas, service, software, threat, tool, update, vulnerability, vulnerability-managementAsset discovery tells you what IT exists in your environment. Exposure management tells you what will get you breached. If your platform can’t connect vulnerabilities, identities, misconfigurations, and AI systems into real attack paths, you don’t have exposure management. You have inventory. Key takeaways True exposure management requires more than asset inventory. It’s about merging…
-
Security Affairs newsletter Round 567 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Starbucks data breach impacts 889 employees Storm-2561 lures victims to spoofed VPN sites to harvest corporate…
-
A Hacker Accidentally Broke Into the FBI’s Epstein Files
Plus: A porn-quitting app exposed the masturbation habits of hundreds of thousands of users, Russian hackers are trying to take over people’s Signal accounts, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-a-hacker-accidentally-broke-into-the-fbis-epstein-files/
-
An AI Agent Didn’t Hack McKinsey. Its Exposed APIs Did.
This week’s McKinsey incident should be a wake-up call for every enterprise moving fast to deploy AI. Not because AI itself is inherently insecure. But because too many organizations are still thinking about AI security at the model layer, while the real enterprise risk sits in the action layer: the APIs, MCP servers, internal services,…
-
AiLock Ransomware Claims England Hockey Data Breach
England Hockey is investigating a potential cyberattack claimed by the AiLock ransomware group. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/ailock-ransomware-claims-england-hockey-data-breach/
-
Starbucks HR Portal Breach Exposes Employee Information
A phishing attack on Starbucks’ HR portal exposed sensitive data for hundreds of employees. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/starbucks-hr-portal-breach-exposes-employee-information/
-
Autonomous Agent Hacked McKinsey’s AI in 2 Hours
Cybersecurity Startup Exposed Lilli Using a Flaw as Old as the Web. Security startup CodeWall disclosed this week that its autonomous AI agent breached McKinsey’s internal AI platform Lilli in two hours on Feb. 28, accessing tens of millions of messages and hundreds of thousands of files through a basic, years-old database flaw. First seen…
-
Autonomous Agent Hacked McKinsey’s AI in 2 Hours
Cybersecurity Startup Exposed Lilli Using a Flaw as Old as the Web. Security startup CodeWall disclosed this week that its autonomous AI agent breached McKinsey’s internal AI platform Lilli in two hours on Feb. 28, accessing tens of millions of messages and hundreds of thousands of files through a basic, years-old database flaw. First seen…
-
US Agencies Face CISA Deadline Over Critical Cisco SD-WAN Flaw
US agencies race to meet a CISA deadline after a critical Cisco SD-WAN Flaw exposed federal networks to long-term intrusion and forced security action. First seen on hackread.com Jump to article: hackread.com/us-agencies-cisa-deadline-critical-cisco-sd-wan-flaw/
-
Starbucks Data Breach Exposes Personal Data of Hundreds of Users
Starbucks Corporation recently disclosed a targeted cybersecurity incident that compromised the personal and financial information of 889 individuals. This internal platform is utilized by the company to manage human resources, employee benefits, and payroll details. While the number of impacted users represents a small fraction of the company’s global workforce, the highly sensitive nature of…