Tag: data-breach
-
Silent Guardian of Your Codebase: The Role of SAST
In 2025, the average cost of a data breach reached an alarming Rs 22 Crore; a 13% increase from the previous year. This trend highlights how breaches are not only more frequent and sophisticated but also increasingly costly, putting an organization’s reputation and finances at risk. To combat these threats, companies are investing in robust……
-
Over 60 Malicious RubyGems Packages Used to Steal Social Media and Marketing Credentials
Socket’s Threat Research Team has exposed a persistent campaign involving over 60 malicious RubyGems packages that masquerade as automation tools for platforms like Instagram, Twitter/X, TikTok, WordPress, Telegram, Kakao, and Naver. Active since at least March 2023, the threat actor operating under aliases such as zon, nowon, kwonsoonje, and soonje has deployed these gems to…
-
Datenlecks bei Air France, KLM
Tags: data-breachMomentan jagen sich die Meldungen über Datenlecks bei Fluggesellschaften und Firmen. Air France und KLM musste einen Datenabfluss bekannt geben. Die australische Fluggesellschaft Quantas hat ebenfalls kürzlich einen Datenschutzvorfall erlitten. Datenleck bei Air France Blog-Leser Alfredo informierte mich gerade, dass … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/08/08/datenlecks-bei-air-france-klm/
-
UnitedHealth Group’s Latest Health Data Breach Woes
Lawmakers Demand Answers From UHG Amid New Breach and Growing Fallout When you’ve been the victim of the largest health data breach in U.S. history, and you’ve been under intense public and regulatory scrutiny for months, the last thing you want to do is to report another major breach less than a year after the…
-
Breach Roundup: Chinese Duo Held for Illegal AI Chip Exports
Also: Ukrainian Hackers Find Evidence of Russian Child Abduction. This week, a Chinese duo arrested in Los Angeles for illegal artificial intelligence chip exports back to China, France extradited an accused Nigerian hacker, Ukraine hacked Crimean servers, Florida prison email leak, Tea App clone exposed users’ IDs. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-chinese-duo-held-for-illegal-ai-chip-exports-a-29148
-
Air France, KLM Alert Authorities of Data Breach
While no sensitive financial data like credit card information was compromised, the threat actors were able to get away with names, email addresses, phone numbers, and more. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/air-france-klm-data-breach
-
Survey: Many Organizations Hit by Ransomware Fall Victim Multiple Times
A global survey of 2,000 senior security decision-makers in organizations with between 50 and 2,000 employees finds well over a third (38%) of those who were impacted by a data breach caused by a ransomware attack were victimized multiple times in the last 12 months. Conducted by the market research firm Vanson Bourne on behalf..…
-
Splunk Unveils PLoB Tool to Detect Compromised Credential Usage
Splunk has introduced PLoB (Post-Logon Behaviour Fingerprinting and Detection) in a world where compromised credentials remain the primary vector for initial access in more than half of cybersecurity incidents, as noted in the Cisco Talos IR Trends report for Q1 2025 and supported by the Verizon Data Breach Investigations Report, which shows 22% of breaches…
-
Bouygues Telecom confirms data breach impacting 6.4 million customers
Bouygues Telecom warns it suffered a data breach after the personal information of 6.4 million customers was exposed in a cyberattack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/bouygues-telecom-confirms-data-breach-impacting-64-million-customers/
-
We’re a Major Player in the 2025 IDC MarketScape for CNAPP. Here’s Why That Matters for Your Cloud Security.
Tags: access, attack, automation, business, ciso, cloud, compliance, control, cyber, cybersecurity, data, data-breach, detection, governance, iam, identity, incident response, infrastructure, metric, radius, risk, strategy, threat, tool, vulnerability, vulnerability-management“With a strong focus on CNAPP through Tenable Cloud Security and exposure management with Tenable One, Tenable provides visibility and control over hybrid attack surfaces, including on-premises, cloud, and hybrid environments,” according to the report. To successfully tackle your cloud security challenges, you need a partner that understands the landscape and offers you a powerful,…
-
Airlines KLM and Air France Detail Customer Data Breach
ShinyHunters May Have Struck Again. Airlines Air France and KLM said they suffered a data breach involving a third-party service storing customer data. The alert comes as the ShinyHunters extortion group continues to target Salesforce-using organizations and trick them into sharing direct access to their customer data. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/airlines-klm-air-france-detail-customer-data-breach-a-29143
-
Google Confirms Salesforce Data Breach by ShinyHunters via Vishing Scam
Google confirms a data breach by ShinyHunters hackers, who used a vishing scam to access a Salesforce database with small business customer info. First seen on hackread.com Jump to article: hackread.com/google-salesforce-data-breach-shinyhunters-vishing-scam/
-
Data breach at French telecom giant Bouygues affects millions of customers
This is the latest cyberattack to hit a French cellular carrier in recent weeks, following an attack on Orange Telecom in July. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/07/data-breach-at-french-telecom-giant-bouygues-affects-millions-of-customers/
-
Weaponizing Microsoft 365 Direct Send to Bypass Email Security Defenses
Security researchers at StrongestLayer, in collaboration with Jeremy, a seasoned Security Architect at a major manufacturing firm, have exposed a multi-layered spear phishing attack that exploits Microsoft 365’s Direct Send feature to infiltrate corporate email systems. The campaign, flagged initially by StrongestLayer’s AI system TRACE, masqueraded as innocuous voicemail notifications from services like RingCentral, but…
-
Cyberattack hits France’s third-largest mobile operator, millions of customers affected
Bouygues Telecom, a large French mobile carrier, disclosed a cyberattack and data breach affecting more than 6 million customer accounts. First seen on therecord.media Jump to article: therecord.media/bouygues-telecom-france-cyberattack-data-breach
-
Cyberattack hits France’s third-largest mobile operator, millions of customers affected
Bouygues Telecom, a large French mobile carrier, disclosed a cyberattack and data breach affecting more than 6 million customer accounts. First seen on therecord.media Jump to article: therecord.media/bouygues-telecom-france-cyberattack-data-breach
-
Cyberattack hits France’s third-largest mobile operator, millions of customers affected
Bouygues Telecom, a large French mobile carrier, disclosed a cyberattack and data breach affecting more than 6 million customer accounts. First seen on therecord.media Jump to article: therecord.media/bouygues-telecom-france-cyberattack-data-breach
-
Why the lifecycle of secrets defines your security posture
Over 39 million secrets were leaked on GitHub in 2024. Discover why most teams fail at secrets management and how lifecycle-aware practices can help. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/why-the-lifecycle-of-secrets-defines-your-security-posture/
-
1.2 Million Healthcare Devices and Systems Found Exposed Online Patient Records at Risk of Exposure, Latest Research from Modat
The Hague, Netherlands, 7th August 2025, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/1-2-million-healthcare-devices-and-systems-found-exposed-online-patient-records-at-risk-of-exposure-latest-research-from-modat/
-
Over 100 Dell models exposed to critical ControlVault3 firmware bugs
ReVault flaws in Dell ControlVault3 firmware allow firmware implants and Windows login bypass on 100+ laptop models via physical access. Cisco Talos reported five vulnerabilities collectively named ReVault (tracked as CVE-2025-24311, CVE-2025-25215, CVE-2025-24922, CVE-2025-25050, and CVE-2025-24919) in Dell’s ControlVault3 firmware that expose over 100 laptop models to firmware implants and Windows login bypass via physical…
-
Beef up AI security with zero trust principles
Tags: access, ai, attack, control, data, data-breach, defense, intelligence, LLM, mitigation, mitre, monitoring, risk, strategy, tactics, threat, update, vulnerability, zero-trustStrategies for CSOs: Brauchler offered three AI threat modelling strategies CSOs should consider:Trust flow tracking, the tracking of the movement of data throughout an application, and monitoring the level of trust that is associated with that data. It’s a defense against an attacker who is able to get untrusted data into an application to control…
-
Durch Datenlecks verursachte Kosten sind gefallen
Tags: ai, breach, cyberattack, data, data-breach, deep-fake, fraud, germany, ibm, infrastructure, phishing, risk, security-incident, service, usaDurch KI unterstützte Angriffe wie Phishing und Deepfakes nehmen weiter zu, doch Unternehmen zögern in gleichem Maße nachzurüsten.Die gute Nachricht zuerst: Wie IBM in seinem jährlich erscheinenden Cost of a Data Breach Report herausfand, sind die durchschnittlichen Kosten eines Datenlecks in Deutschland erstmals seit fünf Jahren wieder gesunken. Ein einzelner Vorfall kostete demnach 2024 im…
-
Durch Datenlecks verursachte Kosten sind gefallen
Tags: ai, breach, cyberattack, data, data-breach, deep-fake, fraud, germany, ibm, infrastructure, phishing, risk, security-incident, service, usaDurch KI unterstützte Angriffe wie Phishing und Deepfakes nehmen weiter zu, doch Unternehmen zögern in gleichem Maße nachzurüsten.Die gute Nachricht zuerst: Wie IBM in seinem jährlich erscheinenden Cost of a Data Breach Report herausfand, sind die durchschnittlichen Kosten eines Datenlecks in Deutschland erstmals seit fünf Jahren wieder gesunken. Ein einzelner Vorfall kostete demnach 2024 im…
-
Energy companies are blind to thousands of exposed services
Many of America’s largest energy providers are exposed to known and exploitable vulnerabilities, and most security teams may not even see them, according to a new report from … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/07/us-energy-sector-cybersecurity-vulnerabilities/
-
CVE-2025-54987, CVE-2025-54948: Trend Micro Apex One Command Injection Zero-Days Exploited In The Wild
Tags: access, advisory, attack, cve, cybersecurity, data-breach, endpoint, exploit, flaw, infrastructure, injection, mitigation, network, rce, remote-code-execution, service, threat, tool, update, vulnerability, zero-dayTrend Micro releases a temporary mitigation tool to reduce exposure to two unpatched zero-day command injection vulnerabilities which have been exploited. Background On August 5, Trend Micro released a security advisory for two critical flaws affecting on-prem versions of Apex One Management Console. According to the advisory, Trend Micro has observed active exploitation of the…