Tag: data-breach
-
Home Security Firm ADT Breach: 5.5M Customers’ Data Exposed
Prolific ShinyHunters Extortion Group Made ‘Pay or Leak’ Threat to Victim. Home security giant ADT has suffered a data breach that appears to have exposed personally identifiable information tied to 5.5 million customers. Prolific extortionist group ShinyHunters claimed credit for the attack, saying it stole Salesforce data after socially engineering an ADT employee. First seen…
-
As the NVD scales back CVE enrichment, here’s what Tenable customers need to know
Tags: access, ai, cisa, cloud, cve, cvss, data, data-breach, exploit, infrastructure, intelligence, kev, metric, mitre, nist, nvd, ransomware, risk, software, strategy, technology, threat, vulnerability, vulnerability-management, zero-dayNIST’s shift toward selective CVE enrichment creates significant visibility gaps for teams relying solely on the National Vulnerability Database. As AI accelerates vulnerability disclosure rates, organizations need independent, high-fidelity intelligence to prioritize risks that the NVD may now overlook. Key takeaways NIST is pivoting to a prioritized enrichment model, focusing only on specific criteria like…
-
Home security giant ADT data breach affects 5.5 million people
The ShinyHunters extortion group stole the personal information of 5.5 million individuals after breaching the systems of home security giant ADT earlier this month, according to data breach notification service Have I Been Pwned. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/home-security-giant-adt-data-breach-affects-55-million-people/
-
LINKEDIN BROWSERGATE
BrowserGate claims LinkedIn secretly fingerprints users via extensions and device data, sending encrypted results to third parties for tracking. BrowserGate is an investigation conducted by Fairlinked (browsergate.eu/), an association of commercial LinkedIn users, which documents what it describes as one of the largest data breach and corporate espionage scandals in digital history. The central thesis:…
-
LINKEDIN BROWSERGATE
BrowserGate claims LinkedIn secretly fingerprints users via extensions and device data, sending encrypted results to third parties for tracking. BrowserGate is an investigation conducted by Fairlinked (browsergate.eu/), an association of commercial LinkedIn users, which documents what it describes as one of the largest data breach and corporate espionage scandals in digital history. The central thesis:…
-
Researchers Warn macOS textutil, KeePassXC Can Fuel Automation Attacks
Researchers are warning that widely trusted local tools such as macOS’s textutil and KeePassXC can pose unexpected security risks when used within automated workflows. The issue is not traditional vulnerabilities such as memory corruption or code execution, but how normal features behave when exposed to attacker-controlled input. Many engineering teams treat built-in utilities as safe…
-
AI is reshaping DevSecOps to bring security closer to the code
Tags: access, ai, api, application-security, attack, authentication, automation, breach, business, cloud, communications, compliance, container, control, data, data-breach, detection, exploit, governance, infrastructure, injection, least-privilege, risk, service, skills, software, sql, strategy, supply-chain, threat, tool, training, vulnerabilityExplicit security requirements elevate AI benefits: While deploying AI with DevSecOps is helping to shift the emphasis on security to earlier in the development lifecycle, this requires “explicit instruction to do it right,” says Noe Ramos, vice president of AI operations at business software provider Agiloft.”AI coding assistants accelerate development meaningfully, but they optimize for…
-
Jetzt bei HaveIBeenPwned: Hacker erpressen Udemy und leaken Nutzerdaten
Eine bekannte Hackergruppe hat Daten geleakt, die von 1,4 Millionen Udemy-Nutzern stammen sollen. HaveIBeenPwned hat sie aufgenommen. First seen on golem.de Jump to article: www.golem.de/news/jetzt-bei-haveibeenpwned-hacker-erpressen-udemy-und-leaken-nutzerdaten-2604-208029.html
-
Black Hat Asia: Privacy and cyber security are inseparable
The separation of privacy and security is no longer tenable in a world where exposed personal data is increasingly the entry point for major cyber incidents, delegates at Black Hat Asia 2026 were told First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366642334/Black-Hat-Asia-Privacy-and-cyber-security-are-inseparable
-
ADT confirms data breach after ShinyHunters leak threat
Home security giant ADT has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data unless a ransom is paid. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/adt-confirms-data-breach-after-shinyhunters-leak-threat/
-
ShinyHunters Claims Udemy Data Breach of 1.4M Users
ShinyHunters claims to have breached Udemy and stolen 1.4 million user records. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/shinyhunters-claims-udemy-data-breach-of-1-4m-users/
-
UK Biobank Data Breach: Health Data of 500,000 Listed for Sale in China
UK government Minister confirms that breached health records of UK Biobank volunteers were up for sale on Chinese ecommerce platforms before being removed First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/uk-biobank-data-beach-health-data/
-
Over 10,000 Zimbra servers vulnerable to ongoing XSS attacks
Over 10,000 Zimbra Collaboration Suite (ZCS) instances exposed online are vulnerable to ongoing attacks exploiting a cross-site scripting (XSS) security flaw. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-says-zimbra-flaw-now-exploited-over-10k-servers-vulnerable/
-
UK Biobank Leak Prompts Urgent Review of Data Protection in Biomedical Research
The UK Biobank data breach has intensified scrutiny around the handling and protection of sensitive health information, even when such data is stripped of personally identifiable details. Widely regarded as one of the most significant biomedical research resources in the world, UK Biobank holds extensive genetic, lifestyle, and medical data contributed by around 500,000 volunteers. …
-
UK Biobank Leak Prompts Urgent Review of Data Protection in Biomedical Research
The UK Biobank data breach has intensified scrutiny around the handling and protection of sensitive health information, even when such data is stripped of personally identifiable details. Widely regarded as one of the most significant biomedical research resources in the world, UK Biobank holds extensive genetic, lifestyle, and medical data contributed by around 500,000 volunteers. …
-
Hackers Track 900+ React2Shell Exploits via Telegram Bots
Hackers are using Telegram bots and AI tooling to run a structured, at-scale exploitation campaign abusing the critical React2Shell vulnerability (CVE-2025-55182), with evidence of 900+ confirmed compromises. Investigators found an exposed server tied to the Bissa scanner platform, used for multi-victim exploitation, staging, and validation rather than simple data dumping. Logs and project artifacts show…
-
Apple Fixes iPhone Bug After FBI Retrieved Signal Messages
Apple patched an iPhone notification bug that let deleted messages linger in system storage, closing a privacy gap exposed by an FBI Signal case. The post Apple Fixes iPhone Bug After FBI Retrieved Signal Messages appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-fixes-iphone-notification-bug-fbi-signal-messages/
-
Cosmetics giant Rituals discloses data breach affecting customers
Dutch cosmetics giant Rituals disclosed a data breach after attackers stole the personal information of an undisclosed number of customers from its “My Rituals” membership database. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cosmetics-giant-rituals-discloses-data-breach-affecting-customers/
-
RAMP Uncovered: Anatomy of Russia’s Ransomware Marketplace
Leaked data from RAMP reveals Russia’s ransomware ecosystem, analyzing 1,732 threads, 7,707 users, and 340,000 IP records from the forum. RAMP was not just another dark web forum. It was one of the clearest examples of how ransomware has become an organized marketplace, with sellers, buyers, brokers, and recruiters all playing different roles in the…
-
University of Warsaw Data Breach Exposes 200,000+ Sensitive Files on Darknet
Over 200,000 files containing sensitive personal information from the University of Warsaw have been leaked online. The University of Warsaw cyberattack, which targeted the institution’s digital systems, resulted in the publication of the stolen data on the darknet in mid-April 2026. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/university-of-warsaw-cyberattack/
-
Riddled with flaws, serialEthernet converters endanger critical infrastructure
Tags: access, authentication, control, credentials, data, data-breach, exploit, firmware, flaw, infrastructure, malicious, network, open-source, password, rce, remote-code-execution, risk, service, threat, update, vulnerabilityNew RCE and other vulnerabilities: Aside from all the known vulnerabilities from open-source components, the Forescout researchers also performed manual security analysis and identified previously unknown flaws in the firmware of three specific devices from two vendors: Lantronix EDS3000PS Series, Lantronix EDS5000 Series, and Silex SD330-AC.The web-based management interface of the Lantronix EDS5000 had five…
-
Riddled with flaws, serialEthernet converters endanger critical infrastructure
Tags: access, authentication, control, credentials, data, data-breach, exploit, firmware, flaw, infrastructure, malicious, network, open-source, password, rce, remote-code-execution, risk, service, threat, update, vulnerabilityNew RCE and other vulnerabilities: Aside from all the known vulnerabilities from open-source components, the Forescout researchers also performed manual security analysis and identified previously unknown flaws in the firmware of three specific devices from two vendors: Lantronix EDS3000PS Series, Lantronix EDS5000 Series, and Silex SD330-AC.The web-based management interface of the Lantronix EDS5000 had five…
-
Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed
More than 1,300 internet-exposed SharePoint servers remain unpatched against CVE-2026-32201, a spoofing flaw Microsoft says was exploited as a zero-day. The post Microsoft Patch Still Leaves 1,300 SharePoint Servers Exposed appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-1300-sharepoint-servers-unpatched-zero-day-flaw/