Tag: data-breach
-
Security gap in Perplexity’s Comet browser exposed users to system-level attacks
There is a serious security problem inside Comet, the AI-powered agentic browser made by Perplexity, SquareX researchers say: Comet’s MCP API allows the browser’s … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/20/perplexity-comet-browser-security-mcp-api/
-
Smashing Security podcast #444: We’re sorry. Wait, did a company actually say that?
Stop the press – a company has actually said “sorry” after a data breach, and hotels are helping hackers phish their own guests. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-444/
-
Smashing Security podcast #444: We’re sorry. Wait, did a company actually say that?
Stop the press – a company has actually said “sorry” after a data breach, and hotels are helping hackers phish their own guests. First seen on grahamcluley.com Jump to article: grahamcluley.com/smashing-security-podcast-444/
-
WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform
Tags: api, attack, bug-bounty, business, china, cloud, dark-web, data, data-breach, encryption, flaw, government, mobile, phishing, phone, privacy, spam, technology, vulnerability, windowsHey there You are using WhatsApp, marks this as one of the most embarrassing weaknesses yet in the world’s most widely-used communication app.The vulnerability was in WhatsApp’s contact discovery mechanism, the foundation of how this and many similar apps work. When WhatsApp is installed, it asks for permission to match mobile numbers in a user’s…
-
WhatsApp flaw allowed discovery of the 3.5 billion mobile numbers registered to the platform
Tags: api, attack, bug-bounty, business, china, cloud, dark-web, data, data-breach, encryption, flaw, government, mobile, phishing, phone, privacy, spam, technology, vulnerability, windowsHey there You are using WhatsApp, marks this as one of the most embarrassing weaknesses yet in the world’s most widely-used communication app.The vulnerability was in WhatsApp’s contact discovery mechanism, the foundation of how this and many similar apps work. When WhatsApp is installed, it asks for permission to match mobile numbers in a user’s…
-
‘Largest Data Leak in History’: WhatsApp Flaw Exposed Billions of Users
Austrian researchers used a WhatsApp contact-lookup flaw to map 3.5 billion phone numbers, revealing how basic metadata can build a directory of accounts. The post ‘Largest Data Leak in History’: WhatsApp Flaw Exposed Billions of Users appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-whatsapp-flaw-exposed-billions-users/
-
Compromised Credential Detection vs. Password Policy Enforcement
Credential detection finds exposed passwords your policy can’t. Learn how continuous credential checks close the security gap. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/11/compromised-credential-detection-vs-password-policy-enforcement/
-
DoorDash confirms data breach affecting users’ phone numbers and physical addresses
The delivery giant said “no sensitive information” was accessed, and did not specify the number of customers, delivery workers, and merchants who were affected by the breach. First seen on techcrunch.com Jump to article: techcrunch.com/2025/11/17/doordash-confirms-data-breach-impacting-users-phone-numbers-and-physical-addresses/
-
Overcome the myriad challenges of password management to bolster data protection
Tags: access, attack, authentication, automation, backup, best-practice, breach, business, cio, cloud, compliance, control, cyberattack, data, data-breach, gartner, GDPR, identity, infrastructure, international, kaspersky, mfa, password, risk, software, technology, tool, update[1]And both enterprises and small and mid-sized businesses have already made significant investments in authentication, access controls and identity and access management (IAM).[2]But these investments are not effective without robust passwords. At the same time, password management is a cost for IT and security teams, and an inconvenience for technology users.The scale of the problem…
-
Datenpanne bei Eurofiber France
Tags: access, bug, cloud, computer, cyberattack, data-breach, group, hacker, infrastructure, mail, software, sql, vpnDer TK-Anbieter Eurofiber France ist von Datendiebstahl betroffen.Der TK-Konzern Eurofiber Group hat sich auf die digitale Infrastruktur von Unternehmen spezialisiert und betreibt ein Glasfasernetz in den Niederlanden, Belgien, Frankreich und Deutschland. Die Tochtergesellschaft Eurofiber France meldete kürzlich, dass sich Hacker über eine Software-Lücke Zugriff auf das Ticket-Management-System verschafft hätten.Demnach wurden dabei auch Daten abgezogen. Um…
-
From Exposure to Action: How Proactive Identity Monitoring Turns Breached Data into Defense
Every 39 seconds, somewhere in the world, a new cyberattack is launched, and far too often, it’s not a sophisticated hack but the reuse of legitimate credentials already exposed online. As data breaches multiply and stolen credentials circulate across public and underground channels, one truth is clear: exposure is inevitable, but compromise doesn’t have… First…
-
From Exposure to Action: How Proactive Identity Monitoring Turns Breached Data into Defense
Every 39 seconds, somewhere in the world, a new cyberattack is launched, and far too often, it’s not a sophisticated hack but the reuse of legitimate credentials already exposed online. As data breaches multiply and stolen credentials circulate across public and underground channels, one truth is clear: exposure is inevitable, but compromise doesn’t have… First…
-
50,000 CCTVs Hacked in India: Intimate Hospital Footage Sold Online
A disturbing case of hacking CCTV systems in India has exposed a widespread cybercrime racket through which intimate videos from a maternity ward were stolen and sold online. Police in Gujarat state say the discovery has raised concern for surveillance practices in a country where cameras are routinely placed across public and private spaces. First…
-
Pennsylvania Office of the Attorney General (OAG) confirms data breach after August attack
The Pennsylvania Office of the Attorney General (>>OAGOAG
-
Omni Family Health Settles Lawsuits From 2024 Hack for $6.5M
Data of Nearly 470,000 Patients and Employees May Have Been Leaked on Dark Web. Omni Family Health, a California nonprofit network of community health centers, has agreed to pay $6.5 million to settle proposed class action lawsuits related to a 2024 hack that may have exposed the personal information of nearly 470,000 current and former…
-
Princeton University Confirms Data Breach Affecting Advancement Records
Princeton University has confirmed a breach of its Advancement database and is urging vigilance as investigators assess the exposed information. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/princeton-university-confirms-data-breach-affecting-advancement-records/
-
New ShadowRay attacks convert Ray clusters into crypto miners
A global campaign dubbed ShadowRay 2.0 hijacks exposed Ray Clusters by exploiting an old code execution flaw to turn them into a self-propagating cryptomining botnet. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-shadowray-attacks-convert-ray-clusters-into-crypto-miners/
-
Everest Ransomware Alleges Major Data Breach Targeting Under Armour
The alleged Everest ransomware breach could expose millions of Under Armour customers to serious security and privacy risks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/everest-ransomware-alleges-major-data-breach-targeting-under-armour/
-
French agency Pajemploi reports data breach affecting 1.2M people
Pajemploi, the French social security service for parents and home-based childcare providers, has suffered a data breach that may have exposed personal information of 1.2 million individuals. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/french-agency-pajemploi-reports-data-breach-affecting-12m-people/
-
A Simple WhatsApp Security Flaw Exposed 3.5 Billion Phone Numbers
By plugging tens of billions of phone numbers into WhatsApp’s contact discovery tool, researchers found “the most extensive exposure of phone numbers” ever”, along with profile photos and more. First seen on wired.com Jump to article: www.wired.com/story/a-simple-whatsapp-security-flaw-exposed-billions-phone-numbers/
-
DoorDash Confirms Data Breach Exposing Customer Personal Information
DoorDash has confirmed an October 2025 data breach that exposed customer names, phone numbers, addresses and email details First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/doordash-confirms-data-breach/
-
Microsoft Azure Blocks 15.72 Tbps Aisuru Botnet DDoS Attack
Microsoft Azure halted a record 15.72 Tbps DDoS attack from the Aisuru botnet exposing risks created by exposed home devices exploited in large-scale cyber attacks. First seen on hackread.com Jump to article: hackread.com/microsoft-azure-blocks-tbps-ddos-attack-botnet/
-
Rethinking identity for the AI era: CISOs must build trust at machine speed
Tags: access, ai, api, attack, authentication, business, ciso, cloud, control, cybersecurity, data, data-breach, google, governance, group, identity, infrastructure, injection, Internet, LLM, malicious, mitigation, network, risk, theft, threat, tool, training, vulnerabilityIdentity as a trust fabric: Most organizations currently rely on a welter of identity and access management systems for a variety of reasons. Some systems might be tied to a specific vendor’s technology; some might be legacy systems from mergers or acquisitions; some might be in place due to legal or regulatory requirements.”What happens even…