Tag: data-breach
-
Sanctioned spyware maker Intellexa had direct access to government espionage victims, researchers say
Based on a leaked video, security researchers alleged that Intellexa staffers have remote live access to their customers’ surveillance systems, allowing them to see hacking targets’ personal data. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/04/sanctioned-spyware-maker-intellexa-had-direct-access-to-government-espionage-victims-researchers-say/
-
ASUS confirms vendor breach as Everest gang leaks data, claims ArcSoft and Qualcomm
ASUS confirms a third-party breach after Everest leaks sample data. Hackers also claim ArcSoft and Qualcomm. ASUS says a third-party breach exposed data after Everest ransomware leaked samples, claiming they have hacked ASUS, ArcSoft, and Qualcomm. ASUS says a supplier breach exposed some phone camera source code but did not affect products, internal systems, or…
-
ATT Extends Deadline for Data Breach Settlement Claims
The deadline for 51 million affected customers to claim compensation from two massive data leaks is now Dec. 18. The post ATT Extends Deadline for Data Breach Settlement Claims appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-att-data-breach-settlement/
-
New Scanner Released to Detect Exposed ReactJS and Next.js RSC Endpoints (CVE-2025-55182)
Security researchers have released a specialized scanning tool to identify vulnerable React Server Component (RSC) endpoints in modern web applications, addressing a critical gap in the detection of CVE-2025-55182. New Detection Approach Challenges Existing Security Assumptions A newly available Python-based scanner is transforming how organizations assess their exposure to CVE-2025-55182 by introducing a sophisticated surface…
-
Marquis Data Breach Exposes Dozens of U.S. Banks and Credit Unions
A significant cybersecurity incident affecting multiple U.S. financial institutions came to light on November 26, 2025, when Marquis Software Solutions notified affected customers of a ransomware attack. The breach, discovered on August 14, 2025, compromised the personal information of thousands of customers across numerous banks and credit unions throughout the United States. Marquis Software Solutions,…
-
Post Office Escapes £1m Fine After Postmaster Data Breach
The Information Commissioner’s Office has chosen only to reprimand the Post Office after a 2024 breach First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/post-office-1m-fine-postmaster/
-
Twins with hacking history charged in insider data breach affecting multiple federal agencies
Muneeb and Sohaib Akhter previously pleaded guilty to hacking into the State Department and other cybercrimes in 2015. First seen on cyberscoop.com Jump to article: cyberscoop.com/muneeb-sohaib-akhter-government-contractors-insider-attack/
-
When ERP Systems Become the Attack Surface
Tags: attack, business, cyber, data-breach, flaw, oracle, skills, vulnerability, vulnerability-managementSkills Needed: Enterprise Architecture, Configuration and Vulnerability Management When a critical vulnerability surfaces in ERP systems such as the Oracle E-Business Suite flaw, attackers can go well beyond a single compromised server. The flaw exposed the need for cyber professionals who understand enterprise architecture, secure configuration and vulnerability interpretation. First seen on govinfosecurity.com Jump to…
-
Marquis data breach impacts over 74 US banks, credit unions
Financial software provider Marquis Software Solutions is warning that it suffered a data breach that impacted dozens of banks and credit unions across the US. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/marquis-data-breach-impacts-over-74-us-banks-credit-unions/
-
Post Office avoids £1m fine over botched website upgrade data breach
The Information Commissioner’s Office considered fining the Post Office £1m for a 2024 data breach that let subpostmasters down again First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366635582/Post-Office-avoids-1m-fine-over-botched-website-upgrade-data-breach
-
French DIY retail giant Leroy Merlin discloses a data breach
Leroy Merlin is sending security breach notifications to customers in France, informing them that their personal data was compromised. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/french-diy-retail-giant-leroy-merlin-discloses-a-data-breach/
-
Freedom Mobile discloses data breach exposing customer data
Freedom Mobile, the fourth-largest wireless carrier in Canada, has disclosed a data breach after attackers hacked into its customer account management platform and stole the personal information of an undisclosed number of customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/freedom-mobile-discloses-data-breach-exposing-customer-data/
-
Shai-Hulud 2.0 NPM malware attack exposed up to 400,000 dev secrets
The second Shai-Hulud attack last week exposed around 400,000 raw secrets after infecting hundreds of packages in the NPM (Node Package Manager) registry and publishing stolen data in 30,000 GitHub repositories. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/shai-hulud-20-npm-malware-attack-exposed-up-to-400-000-dev-secrets/
-
4.3M Users Exposed in ShadyPanda’s Long-Running Browser Hack
ShadyPanda spent years hiding inside Google-verified extensions before unleashing an RCE backdoor that compromised 4.3 million users. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/4-3m-users-exposed-in-shadypandas-long-running-browser-hack/
-
South Korean E-Commerce Giant Coupang Probes Massive Breach
Chinese Developer Formerly Employed by Company Suspected of Data Theft. South Korea’s biggest online retailer, Coupang, said a five-month breach exposed personal data pertaining to 34 million customers, and only came to light after it received an extortion demand. Police said a former developer at the company, a Chinese national who fled the country, is…
-
A data breach at analytics giant Mixpanel leaves a lot of open questions
We sent over a dozen questions to Mixpanel’s CEO about the company’s data breach. Here’s what we want to know. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/02/a-data-breach-at-analytics-giant-mixpanel-leaves-a-lot-of-open-questions/
-
A data breach at analytics giant Mixpanel leaves a lot of open questions
We sent over a dozen questions to Mixpanel’s CEO about the company’s data breach. Here’s what we want to know. First seen on techcrunch.com Jump to article: techcrunch.com/2025/12/02/a-data-breach-at-analytics-giant-mixpanel-leaves-a-lot-of-open-questions/
-
South Korean E-Commerce Giant Coupang Probes Massive Breach
Chinese Developer Formerly Employed by Company Suspected of Data Theft. South Korea’s biggest online retailer, Coupang, said a five-month breach exposed personal data pertaining to 34 million customers, and only came to light after it received an extortion demand. Police said a former developer at the company, a Chinese national who fled the country, is…
-
South Korean E-Commerce Giant Coupang Probes Massive Breach
Chinese Developer Formerly Employed by Company Suspected of Data Theft. South Korea’s biggest online retailer, Coupang, said a five-month breach exposed personal data pertaining to 34 million customers, and only came to light after it received an extortion demand. Police said a former developer at the company, a Chinese national who fled the country, is…
-
Kensington and Chelsea confirms IT outage was a data breach after all
Borough says attackers copied ‘historical’ info as three-council cyber woes drag on First seen on theregister.com Jump to article: www.theregister.com/2025/12/02/london_councils_data_breach/
-
North Korea lures engineers to rent identities in fake IT worker scheme
In an unprecedented intelligence operation, security researchers exposed how North Korean IT recruiters target and lure developers into renting their identities for illicit fundraising. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korea-lures-engineers-to-rent-identities-in-fake-it-worker-scheme/
-
North Korea lures engineers to rent identities in fake IT worker scheme
In an unprecedented intelligence operation, security researchers exposed how North Korean IT recruiters target and lure developers into renting their identities for illicit fundraising. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korea-lures-engineers-to-rent-identities-in-fake-it-worker-scheme/
-
SmartTube Android TV App Compromised After Signing Keys Leak
SmartTube, a popular open-source YouTube client for Android TV devices with over 25,900 GitHub stars, has been compromised after its digital signing keys were exposed, prompting an urgent security response from developer Yurii Liskov (yuliskov). The incident, disclosed on November 27, 2025, has forced affected users to reinstall the application under a new digital signature…
-
University of Pennsylvania confirms new data breach after Oracle hack
The University of Pennsylvania (Penn) has confirmed a new data breach after attackers stole documents containing personal information from its Oracle E-Business Suite servers in August. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/university-of-pennsylvania-confirms-data-theft-after-oracle-ebs-hack/
-
How a noisy ransomware intrusion exposed a long-term espionage foothold
Getting breached by two separate and likely unconnected cyber attack groups is a nightmare scenario for any organization, but can result in an unexpected silver lining: the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/12/02/threat-research-ransomware-espionage-attack/
-
Coupang Data Breach Exposes Personal Information of 33.7 Million Customers
South Korean e-commerce giant Coupang has admitted to a significant data breach that exposed the personal information of about 33.7 million customers. This figure is close to the company’s entire user base, making it one of the most significant known data breaches in the country. According to Coupang, the stolen data includes names, phone numbers,…
-
Edtech company settles with FTC in wake of data breach
Wisconsin-based Illuminate Education will implement a data security program and delete unnecessary data under an agreement with the Federal Trade Commission prompted by a 2021 breach of the company’s network. First seen on therecord.media Jump to article: therecord.media/illuminate-education-data-breach-settlement-ftc
-
Coupang Breach Exposes Data of Nearly 34 Million Customers
A massive Coupang breach exposed nearly 34 million customers, highlighting insider-risk dangers and gaps in South Korea’s data protections. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/coupang-breach-exposes-data-of-nearly-34-million-customers/
-
Edtech company settles with FTC in wake of data breach
Wisconsin-based Illuminate Education will implement a data security program and delete unnecessary data under an agreement with the Federal Trade Commission prompted by a 2021 breach of the company’s network. First seen on therecord.media Jump to article: therecord.media/illuminate-education-data-breach-settlement-ftc