Tag: data-breach
-
Everest ransomware hits Vikor Scientific ‘s supplier, data of 140,000 patients stolen
Everest ransomware claims an attack on diagnostic firm Vikor Scientific (Vanta Diagnostics), exposing data of nearly 140,000 people. The Everest ransomware group has claimed responsibility for a cyberattack on Vikor Scientific, now operating as Vanta Diagnostics. The healthcare diagnostic firm disclosed a data breach impacting nearly 139,964 individuals, as reported by the US Department of…
-
Odido Faces Alleged Data Breach as ShinyHunters Claims 21M Records Exposed
A notorious cybercriminal group, ShinyHunters, has claimed responsibility for a massive data breach involving Odido and BEN, exposing millions of customer records. The group asserts that Odido, a Dutch telecommunications provider, was not truthful in its initial disclosure of the incident. This development suggests the breach may be significantly larger and more severe than initially…
-
Russian group uses AI to exploit weakly-protected Fortinet firewalls, says Amazon
Tags: access, ai, api, attack, authentication, business, ciso, control, credentials, cybersecurity, data-breach, detection, exploit, firewall, fortinet, group, Internet, linkedin, malicious, mfa, monitoring, network, password, russia, software, threat, tool, vpn, vulnerabilityRecommendations: The Amazon report makes a number of recommendations to network admins with FortiGate devices. They include ensuring device management interfaces aren’t exposed to the internet, or, if they have to be, restricting access to known IP ranges and using a bastion host or out-of-band management network. As basic cybersecurity demands, all default and common…
-
Microsoft Copilot Ignored Sensitivity Labels, Processed Confidential Emails
A code bug blew past every security label in the book”¦ and exposed the fatal flaw in how we govern AI. The post Microsoft Copilot Ignored Sensitivity Labels, Processed Confidential Emails appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-copilot-bug-confidential-emails/
-
Ad Tech Firm Optimizely Investigates Vishing Incident
Optimizely is investigating a vishing incident that exposed limited business contact data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/ad-tech-firm-optimizely-investigates-vishing-incident/
-
PayPal Ties Small Data Breach and Fraud to App Coding Error
Fintech Giant Says Personal Data Exposed for About 100 Business Users of Loan App. Financial services firm PayPal said it discovered a data breach that lasted for six months, exposed some business customers’ personal information and led to fraudulent charges. The company said about 100 customers were affected, and that it has fully refunded them…
-
Ad tech firm Optimizely confirms data breach after vishing attack
New York-based ad tech company Optimizely has notified an undisclosed number of customers of a data breach after threat actors compromised some of its systems in a voice phishing attack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ad-tech-firm-optimizely-confirms-data-breach-after-vishing-attack/
-
Over 200K Australian Driver’s Licences Exposed in youX Cyber Breach
A youX breach exposed sensitive borrower data in Australia, including over 200,000 driver’s licence numbers, raising fraud and phishing risks. The post Over 200K Australian Driver’s Licences Exposed in youX Cyber Breach appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-youx-data-breach-australia-drivers-licence-exposure/
-
PayPal Confirms Six-Month Data Exposure Linked to Loan System Error
PayPal has confirmed a data leak in its Working Capital loan system that exposed names, dates of birth, and Social Security numbers for six months. First seen on hackread.com Jump to article: hackread.com/paypal-confirms-loan-system-error-data-exposure/
-
1.2 Million Accounts Exposed in French Bank Registry Breach
Stolen government credentials were used to access France’s FICOBA registry, exposing data tied to roughly 1.2 million bank accounts. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/1-2-million-accounts-exposed-in-french-bank-registry-breach/
-
How Exposed Endpoints Increase Risk Across LLM Infrastructure
As more organizations run their own Large Language Models (LLMs), they are also deploying more internal services and Application Programming Interfaces (APIs) to support those models. Modern security risks are being introduced less from the models themselves and more from the infrastructure that serves, connects and automates the model. Each new LLM endpoint expands the…
-
Datenleck: Daten einiger Paypal-Nutzer monatelang geleakt
Von Juli bis Dezember 2025 konnten Angreifer Daten einiger Paypal-Business-Kunden abgreifen. Auch unbefugte Transaktionen wurden beobachtet. First seen on golem.de Jump to article: www.golem.de/news/datenleck-daten-einiger-paypal-nutzer-monatelang-geleakt-2602-205713.html
-
128M Users Exposed as Popular VS Code Extensions Reveal Critical Flaws
Serious vulnerabilities in four popular Visual Studio Code (VS Code) extensions, affecting over 128 million downloads. These flaws, including three assigned CVEs CVE-2025-65715, CVE-2025-65716, and CVE-2025-65717, highlight IDEs as the weakest link in organizational supply chain security. Developers often store sensitive data like API keys, business logic, database configs, and even customer info right in…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 85
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Ninja Browser & Lumma Infostealer Ghost Tapped: Tracking the Rise of Chinese Tap-to-pay Android Malware Hudson Rock Identifies Real-World Infostealer Infection Targeting OpenClaw Configurations Divide and conquer: how the new Keenadu backdoor exposed links…
-
UK council faces data breach claim after mishandling trans complaints
Confidential complainant details passed to local politician following debate First seen on theregister.com Jump to article: www.theregister.com/2026/02/22/cornwall_council_complaints_breach/
-
PayPal Flaw Exposed Email Addresses, Social Security Numbers for 6 Months
PayPal disclosed a software error in its Working Capital platform that exposed sensitive customer data, including Social Security numbers, for months in 2025. The post PayPal Flaw Exposed Email Addresses, Social Security Numbers for 6 Months appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-paypal-working-capital-data-exposure-2025/
-
PayPal discloses extended data leak linked to Loan App glitch
PayPal disclosed a six-month data breach that exposed sensitive user data, including Social Security numbers, due to a software error. PayPal has disclosed a data breach caused by a software bug in its PayPal Working Capital loan app. The flaw exposed sensitive customer information, including customers’ business contact details (name, email, phone number, address), along…
-
PayPal Flaw Exposed Sensitive Data in Lending App for Six Months
A PayPal loan app error exposed sensitive customer data, including SSNs, for nearly six months in 2025. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/paypal-flaw-exposed-sensitive-data-in-lending-app-for-six-months/
-
QA: Organisations Are Spending Millions on Cybersecurity and Still Getting It Wrong
Cybersecurity threats continue to escalate in scale, speed and sophistication, placing growing pressure on organisations to move beyond reactive defences and rethink how risk is governed at leadership level. As digital systems underpin everything from national infrastructure to day-to-day business operations, failures in governance, communication and accountability are increasingly being exposed as critical vulnerabilities. At…
-
‘God-Like’ Attack Machines: AI Agents Ignore Security Policies
Microsoft Copilot recently summarized and leaked user emails; but any AI agent will go above and beyond to complete assigned tasks, even breaking through their carefully designed guardrails. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/ai-agents-ignore-security-policies
-
Data breach at French bank registry impacts 1.2 million accounts
The French Ministry of Finance has published an announcement informing of a cybersecurity incident that has impacted 1.2 million accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/data-breach-at-french-bank-registry-impacts-12-million-accounts/
-
PayPal Data Breach 6 Months of Users’ Data Leaked Online
PayPal has begun notifying a small number of customers about a significant cybersecurity incident in which their personally identifiable information (PII) was exposed for nearly six months due to a software error in its PayPal Working Capital (PPWC) loan application. The exposure, which affected business contact details combined with highly sensitive personal data, lasted from…
-
Age verification vendor Persona left frontend exposed
Behind a basic age check, researchers say Persona’s system runs extensive identity, watchlist, and adverse-media screening. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/age-verification-vendor-persona-left-frontend-exposed/
-
PayPal discloses data breach that exposed user info for 6 months
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paypal-discloses-data-breach-exposing-users-personal-information/
-
PayPal discloses data breach that exposed user info for 6 months
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paypal-discloses-data-breach-exposing-users-personal-information/
-
PayPal discloses data breach that exposed user info for 6 months
PayPal is notifying customers of a data breach after a software error in a loan application exposed their sensitive personal information, including Social Security numbers, for nearly 6 months last year. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/paypal-discloses-data-breach-exposing-users-personal-information/
-
Two Petabytes Worth Data of Israeli’s Siphoned, Says Cyber Head
Two petabytes, or two quadrillion bytes of information, has been stolen from Israelis in recent years, according to Yossi Karadi, head of the Israel National Cyber Directorate (INCD). Speaking to The Jerusalem Post, Karadi described the scope of the Israel data breach incidents as unprecedented. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/israel-data-breach-incd-head/
-
Datenleck-Websites: Das Druckmittel der Ransomware-Bande von heute
Wenn Unternehmensdaten auf einer Leak-Site offengelegt werden, kann dies langfristige Folgen haben First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/ransomware/datenleck-websites-das-druckmittel-der-ransomware-bande-von-heute/