Tag: data-breach
-
Gamers furious as indie studio Cloud Imperium quietly admits to data breach
Slow disclosure and odd reassurance that exposing names and contact details won’t be a problem isn’t going down well First seen on theregister.com Jump to article: www.theregister.com/2026/03/03/brit_games_studio_cloud_imperium/
-
NCSC Warns UK Organisations to Prepare for Potential Iran-Linked Cyber Activity
Tags: advisory, attack, awareness, breach, business, china, cyber, cybercrime, data, data-breach, espionage, exploit, finance, government, group, incident response, infrastructure, international, Internet, iran, leak, malware, middle-east, military, monitoring, phishing, resilience, risk, russia, service, supply-chain, tactics, threat, tool, update, vulnerability, vulnerability-managementGeopolitical conflict rarely stays confined to physical battlefields. Increasingly, it spills into the digital domain. The latest escalation of tensions in the Middle East has prompted the UK’s National Cyber Security Centre (NCSC) to issue a warning to organisations to review their cyber security posture and prepare for possible cyber activity linked to Iran. While…
-
NCSC Warns UK Organisations to Prepare for Potential Iran-Linked Cyber Activity
Tags: advisory, attack, awareness, breach, business, china, cyber, cybercrime, data, data-breach, espionage, exploit, finance, government, group, incident response, infrastructure, international, Internet, iran, leak, malware, middle-east, military, monitoring, phishing, resilience, risk, russia, service, supply-chain, tactics, threat, tool, update, vulnerability, vulnerability-managementGeopolitical conflict rarely stays confined to physical battlefields. Increasingly, it spills into the digital domain. The latest escalation of tensions in the Middle East has prompted the UK’s National Cyber Security Centre (NCSC) to issue a warning to organisations to review their cyber security posture and prepare for possible cyber activity linked to Iran. While…
-
NCSC Warns UK Organisations to Prepare for Potential Iran-Linked Cyber Activity
Tags: advisory, attack, awareness, breach, business, china, cyber, cybercrime, data, data-breach, espionage, exploit, finance, government, group, incident response, infrastructure, international, Internet, iran, leak, malware, middle-east, military, monitoring, phishing, resilience, risk, russia, service, supply-chain, tactics, threat, tool, update, vulnerability, vulnerability-managementGeopolitical conflict rarely stays confined to physical battlefields. Increasingly, it spills into the digital domain. The latest escalation of tensions in the Middle East has prompted the UK’s National Cyber Security Centre (NCSC) to issue a warning to organisations to review their cyber security posture and prepare for possible cyber activity linked to Iran. While…
-
Dev stunned by $82K Gemini bill after unknown API key thief goes to town
Probably not an isolated incident only as researchers have already found 2,863 live API keys exposed First seen on theregister.com Jump to article: www.theregister.com/2026/03/03/gemini_api_key_82314_dollar_charge/
-
Ariomex, Iran-based crypto exchange, suffers data leak
Resecurity says Iran’s Ariomex crypto exchange suffered a data leak exposing user and transaction data from 2022 to 2025. Resecurity (USA) reports that Ariomex’s database, one of Iran’s cryptocurrency exchange platforms, suffered a data leak. The report published by the cybersecurity company presents the findings of a structured analysis of the leaked database, which contains…
-
Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked
Madison Square Garden confirmed a data breach tied to the 2025 Oracle E-Business Suite hacking campaign. Madison Square Garden (MSG) has confirmed it was affected by a data breach linked to the 2025 cybercrime campaign targeting Oracle’s E-Business Suite (EBS) customers. Madison Square Garden (MSG) is a world-famous multi-purpose indoor arena located in New York…
-
LexisNexis confirms data breach as hackers leak stolen files
American data analytics company LexisNexis Legal & Professional has confirmed to BleepingComputer that hackers breached its servers and accessed some customer and business information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/lexisnexis-confirms-data-breach-as-hackers-leak-stolen-files/
-
Leaked Database Sheds Light on Iranian Crypto Sanctions Evasion
Ariomex database reveals potential sanctions evasion and capital transfers tied to Iranian actors First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/iranian-crypto-leaked-database/
-
1.2 Million Bank Accounts Exposed in Financial Systems Breach
When headlines break about a financial systems breach, most people assume malware was involved. Ransomware. Exploits. A zero-day vulnerability. But in February 2026, French authorities confirmed something different: approximately 1.2 million bank accounts were exposed after attackers accessed the national FICOBA registry using stolen credentials belonging to a government official. There was no forced entry….…
-
SloppyLemming Espionage Campaign Targets Pakistan, Bangladesh with BurrowShell Backdoor and Rust RAT
SloppyLemming, an India-linked espionage group also known as Outrider Tiger and Fishing Elephant, has run a year-long cyber campaign against high”‘value targets in Pakistan and Bangladesh using a new BurrowShell backdoor and a Rust-based remote access tool (RAT). This activity builds directly on earlier operations exposed by Cloudflare’s CloudForce One in 2024. However, it shows…
-
Hackers Exploit Telegram for Initial Access to Corporate VPN, RDP, and Cloud Systems
Tags: access, cloud, corporate, credentials, cyber, data-breach, exploit, hacker, marketplace, network, ransomware, vpnHackers are increasingly abusing Telegram as an initial access marketplace, turning stealer logs and leaked credentials into direct entry points for corporate VPN, RDP, and cloud environments. The platform now acts as a high-speed bridge between compromised credentials and full network compromise, supporting ransomware operators, Initial Access Brokers (IABs), and hacktivist collectives. Telegram hosts popular…
-
Epic Fury introduces new layer of enterprise risk
Tags: access, apt, attack, business, cisa, ciso, communications, country, credentials, cyber, cybersecurity, data-breach, disinformation, exploit, group, infrastructure, intelligence, international, Internet, iran, malware, middle-east, network, ransomware, resilience, risk, rust, service, software, technology, tool, ukrainePhysical attacks on US-linked locations through direct action or partner groups. We are already seeing Iranian missile launches into a variety of nations in the region.Cyber operations that include disruptive activity, targeted intrusions, credential and access harvesting, destructive malware deployment, and the use of compromised infrastructure to support broader influence or operational objectives.Proxy networks across…
-
UH Cancer Center data breach affects nearly 1.2 million people
The University of Hawaii confirmed that a ransomware gang stole the data of nearly 1.2 million individuals in August 2025 after breaching its Cancer Center’s Epidemiology Division. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/university-of-hawaii-cancer-center-ransomware-attack-affects-nearly-12-million-people/
-
Malvertising Campaign Spreads AMOS ‘malext’ macOS Infostealer via Fake Text-Sharing Ads
A large-scale malvertising operation targets macOS users with fake Google Ads leading to malicious text-sharing sites. These lures deliver the AMOS infostealer variant, dubbed >>malext,<< which steals sensitive data such as browser credentials and crypto wallets. Suspicious password prompts halted the compromise, revealing initial domains like optimize-storage-mac-os[.]medium[.]com, octopox[.]com, and vagturk[.]com."‹ Google Ads Library exposed over…
-
Gamers furious as Brit studio Cloud Imperium quietly admits to data breach
Slow disclosure and odd reassurance that exposing names and contact details won’t be a problem isn’t going down well First seen on theregister.com Jump to article: www.theregister.com/2026/03/03/brit_games_studio_cloud_imperium/
-
Middle east crisis prompts UK NCSC warning on potential Iranian cyber activity
UK’s NCSC warns of potential Iranian cyberattacks as Middle East tensions rise, urging vigilance from exposed organizations. The UK’s National Cyber Security Centre (NCSC) has warned organizations of a potential increase in Iranian cyber threats amid the escalating Middle East conflict. While it sees no immediate shift in the direct threat to Britain, officials stress…
-
South Korean Tax Agency Leak Leads to $4.8M Crypto Theft
A South Korean tax agency press release exposed a seized wallet’s seed phrase, enabling a $4.8 million cryptocurrency theft. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/south-korean-tax-agency-leak-leads-to-4-8m-crypto-theft/
-
âš¡ Weekly Recap: SD-WAN 0-Day, Critical CVEs, Telegram Probe, Smart TV Proxy SDK and More
This week is not about one big event. It shows where things are moving. Network systems, cloud setups, AI tools, and common apps are all being pushed in different ways. Small gaps in access control, exposed keys, and normal features are being used as entry points.The pattern becomes clear only when you see everything together.…
-
ClawJacked flaw exposed OpenClaw users to data theft
“ClawJacked” flaw let malicious sites hijack OpenClaw AI agents to steal data; patch released in version 2026.2.26. A high-severity vulnerability called ClawJacked in OpenClaw allowed malicious websites to brute-force and take control of local AI agent instances. Oasis Security discovered the flaw, which enabled silent data theft. OpenClaw addressed the issue with version 2026.2.26, released…
-
ClawJacked flaw exposed OpenClaw users to data theft
“ClawJacked” flaw let malicious sites hijack OpenClaw AI agents to steal data; patch released in version 2026.2.26. A high-severity vulnerability called ClawJacked in OpenClaw allowed malicious websites to brute-force and take control of local AI agent instances. Oasis Security discovered the flaw, which enabled silent data theft. OpenClaw addressed the issue with version 2026.2.26, released…
-
Seed Phrase geleakt: Behördenpanne führt zu millionenschwerem Krypto-Diebstahl
Krypto-Anleger wissen, wie wichtig es ist, eine Seed Phrase sicher und geheim zu bewahren. Steuerfahnder aus Südkorea aber offenkundig nicht. First seen on golem.de Jump to article: www.golem.de/news/seed-phrase-geleakt-behoerdenpanne-fuehrt-zu-millionenschwerem-krypto-diebstahl-2603-205980.html
-
Security Affairs newsletter Round 565 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Canadian Tire 2025 data breach impacts 38 million users Iran ‘s Internet near-totally blacked out amid…
-
Canadian Tire 2025 data breach impacts 38 million users
A data breach at Canadian Tire exposed personal data from over 38 million accounts, including contact details and encrypted passwords. More than 38 million accounts were affected by an October 2025 data breach at Canadian retail giant Canadian Tire (CTC). The incident marks one of the largest retail data breaches in Canada, raising concerns about…
-
$4.8M in crypto stolen after Korean tax agency exposes wallet seed
South Korea’s National Tax Service accidentally exposed the mnemonic recovery phrase of a seized cryptocurrency wallet in an official press release, allowing hackers to steal 6.4 billion won ($4.8M) worth in cryptocurrency. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/48m-in-crypto-stolen-after-korean-tax-agency-exposes-wallet-seed/
-
How vCISO Services Reduce Cyber Risk Without Increasing Costs?
Smaller organizations are increasingly under attack, with ransomware emerging as the dominant threat. According to the Verizon 2025 Data Breach Investigations Report, ransomware was involved in 88% of breaches affecting small and medium-sized enterprises (SMEs), compared to 39% among large enterprises. Such incidents can disrupt operations, expose sensitive information, and drive up recovery costs. Despite……
-
Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement
New research has found that Google Cloud API keys, typically designated as project identifiers for billing purposes, could be abused to authenticate to sensitive Gemini endpoints and access private data.The findings come from Truffle Security, which discovered nearly 3,000 Google API keys (identified by the prefix “AIza”) embedded in client-side code to provide Google-related services…
-
Lovable-hosted app littered with basic flaws exposed 18K users, researcher claims
Who’s to blame the vibey platforms or the humans who ignore security warnings? First seen on theregister.com Jump to article: www.theregister.com/2026/02/27/lovable_app_vulnerabilities/
-
Security hole could let hackers take over Juniper Networks PTX core routers
The hole is “especially dangerous, because these devices often sit in the middle of the network, not on the fringes,” said Piyush Sharma, CEO of Tuskira. “If an attacker gains control of a PTX, the impact is bigger than a single device compromise because it can become a traffic vantage point and a control point…