Tag: data-breach
-
What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure
Tags: access, advisory, ai, attack, authentication, automation, backup, cctv, chatgpt, cisa, communications, compliance, control, credentials, crypto, cve, cyber, cybersecurity, data, data-breach, defense, detection, dns, email, exploit, finance, firewall, flaw, government, group, healthcare, infrastructure, intelligence, international, Internet, iot, iran, kev, leak, linux, malicious, malware, mitigation, mitre, monitoring, network, office, openai, password, radius, resilience, risk, router, service, siem, software, strategy, switch, technology, threat, tool, update, vpn, vulnerability, vulnerability-managementAn Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure sectors. Key takeaways: CyberAv3ngers is a state-directed threat group operating under Iran’s IRGC Cyber-Electronic Command. The U.S. Treasury sanctioned six named officials in February 2024 and the State Department…
-
Iranian attacks on US critical infrastructure puts 3,900 devices in crosshairs
Censys researchers warned that thousands of devices are exposed to the Iranian government’s campaign targeting energy, water, and U.S. government services and facilities. First seen on cyberscoop.com Jump to article: cyberscoop.com/iran-attackers-industrial-ot-government-energy-water-censys/
-
Eurail data breach impacted 308,777 people
Hackers breached Eurail in Dec 2025, stole names and passport data, and exposed over 300,000 travelers’ personal information. Threat actors breached Eurail in December 2025 and stole names and passport numbers from its network. The company now notifies 308,777 people that attackers exposed their personal data, raising concerns about identity theft and misuse of sensitive…
-
Der Leak des Claude-Codes von Anthropic zieht Malware-Kampagnen nach sich
Ende März 2026 wurde der vollständige Quellcode von Claude, dem terminal-basierten KI-Programmier-Agenten von Anthropic, versehentlich der Öffentlichkeit preisgegeben. Ausgelöst durch einen einfachen, aber gravierenden Fehler bei der Software-Paketierung hat dieses Datenleck weitreichende Konsequenzen für die IT-Sicherheitslandschaft und die Software-Supply-Chain. Das Zscaler-ThreatLabz-Team hat die Auswirkungen des Vorfalls analysiert und warnt aktuell vor aktiven Bedrohungskampagnen. Hacker und…
-
Massive Data Breach Exposes 337K LAPD-Linked Records
A massive breach exposed 337K LAPD-linked files, raising concerns over third-party risk, sensitive data exposure, and law enforcement cybersecurity gaps. The post Massive Data Breach Exposes 337K LAPD-Linked Records appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-lapd-data-breach-337k-files-exposed/
-
113,000 explicit prompts from AI girlfriend platform exposed, many linked to user IDs
MyLovely.AI, an AI girlfriend platform, suffered a data breach that exposed over 100,000 users. MyLovely.AI allows people to create personalized not safe for work (NSFW) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/09/mylovely-ai-data-breach-user-conversations/
-
113,000 explicit prompts from AI girlfriend platform exposed, many linked to user IDs
MyLovely.AI, an AI girlfriend platform, suffered a data breach that exposed over 100,000 users. MyLovely.AI allows people to create personalized not safe for work (NSFW) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/09/mylovely-ai-data-breach-user-conversations/
-
113,000 explicit prompts from AI girlfriend platform exposed, many linked to user IDs
MyLovely.AI, an AI girlfriend platform, suffered a data breach that exposed over 100,000 users. MyLovely.AI allows people to create personalized not safe for work (NSFW) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/09/mylovely-ai-data-breach-user-conversations/
-
113,000 explicit prompts from AI girlfriend platform exposed, many linked to user IDs
MyLovely.AI, an AI girlfriend platform, suffered a data breach that exposed over 100,000 users. MyLovely.AI allows people to create personalized not safe for work (NSFW) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/09/mylovely-ai-data-breach-user-conversations/
-
113,000 explicit prompts from AI girlfriend platform exposed, many linked to user IDs
MyLovely.AI, an AI girlfriend platform, suffered a data breach that exposed over 100,000 users. MyLovely.AI allows people to create personalized not safe for work (NSFW) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/09/mylovely-ai-data-breach-user-conversations/
-
NSFW app leak exposes 70,000 prompts linked to individual users
MyLovely.AI leaked personal data, explicit prompts, and images of over 100,000 users, exposing many to sextortion and doxxing. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/nsfw-app-leak-exposes-70000-prompts-linked-to-individual-users/
-
NSFW app leak exposes 70,000 prompts linked to individual users
MyLovely.AI leaked personal data, explicit prompts, and images of over 100,000 users, exposing many to sextortion and doxxing. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/nsfw-app-leak-exposes-70000-prompts-linked-to-individual-users-2/
-
Russian Hackers Exploit SOHO Routers for DNS Hijacking Campaign
The rise of SOHO router compromise campaigns has exposed a critical weakness in global network security, particularly as threat actors like Forest Blizzard continue to exploit poorly secured home and small-office devices. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/soho-router-compromise-forest-blizzard/
-
Russian Hackers Exploit SOHO Routers for DNS Hijacking Campaign
The rise of SOHO router compromise campaigns has exposed a critical weakness in global network security, particularly as threat actors like Forest Blizzard continue to exploit poorly secured home and small-office devices. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/soho-router-compromise-forest-blizzard/
-
Russian Hackers Exploit SOHO Routers for DNS Hijacking Campaign
The rise of SOHO router compromise campaigns has exposed a critical weakness in global network security, particularly as threat actors like Forest Blizzard continue to exploit poorly secured home and small-office devices. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/soho-router-compromise-forest-blizzard/
-
Eurail says December data breach impacts 300,000 individuals
Eurail B.V., a European travel operator that provides digital passes covering 33 national railways, says attackers stole the personal information of over 300,000 individuals in a December 2025 data breach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/eurail-says-december-data-breach-impacts-300-000-individuals/
-
Patch windows collapse as timeexploit accelerates
N-day exploitation: Rapid7 Labs validated its findings about a more febrile threat environment by producing both n-day and zero-day exploits using AI-assisted research, substantially reducing development time.In practice, n-day bugs, or the development of exploits against patched software, are a bigger problem than headline-grabbing zero-day vulnerabilities, adds Leeann Nicolo, incident response lead at Coalition, a technology…
-
Weak at the seams
Tags: advisory, ai, attack, automation, business, cloud, compliance, control, crowdstrike, cybersecurity, data, data-breach, endpoint, exploit, finance, firewall, framework, healthcare, infrastructure, insurance, Internet, network, resilience, risk, service, supply-chain, technology, tool, update, vulnerability, windows, zero-dayThe normal choices are the dangerous ones: Consider the stack a typical large enterprise was running in 2024: One vendor for ERP and supply chain, another for perimeter enforcement, another for networking and another for endpoint protection. Standard choices, responsibly made. Within a twelve-month window, each of those categories experienced significant disruptions, from zero-day exploits…
-
Weak at the seams
Tags: advisory, ai, attack, automation, business, cloud, compliance, control, crowdstrike, cybersecurity, data, data-breach, endpoint, exploit, finance, firewall, framework, healthcare, infrastructure, insurance, Internet, network, resilience, risk, service, supply-chain, technology, tool, update, vulnerability, windows, zero-dayThe normal choices are the dangerous ones: Consider the stack a typical large enterprise was running in 2024: One vendor for ERP and supply chain, another for perimeter enforcement, another for networking and another for endpoint protection. Standard choices, responsibly made. Within a twelve-month window, each of those categories experienced significant disruptions, from zero-day exploits…
-
Internet-Exposed ICS Devices Raise Alarm for Critical Sectors
Exposed ICS devices and insecure protocols like Modbus increase risks to critical infrastructure, enabling disruption, data access, and potential sabotage. Malware targeting industrial control systems (ICS) poses a serious risk to critical infrastructure, with threats like Stuxnet, Industroyer, Triton, Havex, and BlackEnergy already demonstrating the ability to disrupt operations, cause outages, and even inflict physical…
-
Capita’s troubled Civil Service Pension Scheme hit by data breach
A data breach affecting 138 members of the Civil Service Pension Scheme piles pressure on the service’s administrator, Capita, amid ongoing issues. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366641501/Capitas-troubled-Civil-Service-Pension-Scheme-hit-by-data-breach
-
BlueHammer: Windows zero-day exploit leaked
A buggy but functional proof-of-concept (PoC) exploit for an unpatched Windows local privilege escalation vulnerability dubbed BlueHammer has been published on GitHub by … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/08/bluehammer-windows-zero-day-exploit-leaked/
-
Hackhire group caught targeting Android devices and iCloud backups
Security researchers exposed a spying campaign by a hack-for-hire group that used Android spyware and phishing to steal iCloud credentials and hack victims’ devices. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/08/hack-for-hire-group-caught-targeting-android-devices-and-icloud-backups/
-
Passport numbers for more than 300,000 leaked during December Eurail data breach
In February, a hacker claimed the attack and said they stole 1.3 TB of data that included source code, database backups and Zendesk support tickets. First seen on therecord.media Jump to article: therecord.media/eurail-reports-data-breach-impacting-over-300000
-
Iranian Threat Actors Disrupt US Critical Infrastructure Via Exposed PLCs
Attackers compromised Internet-facing OT devices and caused file and display manipulation, operational disruption, and financial losses across sectors. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/iranian-threat-actors-us-critical-infrastructure-exposed-plcs
-
The Day the Security Music Died
A new AI model may have just exposed a hard truth the security industry has quietly known for years: the vulnerabilities were always there. What changed is that AI can now find them. And if the news coming out of Anthropic this week is even half right, April 7, 2026 may be the day we..…
-
AI Security Risks: How Enterprises Manage LLM, Shadow AI and Agentic Threats FireTail Blog
Tags: access, ai, api, attack, breach, business, ciso, cloud, compliance, conference, control, cybersecurity, data, data-breach, detection, email, endpoint, exploit, finance, framework, gartner, GDPR, governance, guide, infrastructure, injection, LLM, malicious, microsoft, monitoring, network, nvidia, office, regulation, risk, saas, software, threat, tool, training, vulnerabilityApr 08, 2026 – – Quick Facts: Enterprise AI Security Most enterprises are running AI at scale before their security teams have visibility into it. Shadow AI (unsanctioned AI tools spreading department by department) is now the most common entry point for data leakage. Agentic AI introduces a new category of risk: autonomous systems that…