Tag: data-breach
-
Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks
Microsoft has warned that using pre-made templates, such as out-of-the-box Helm charts, during Kubernetes deployments could open the door to misconfigurations and leak valuable data.”While these ‘plug-and-play’ options greatly simplify the setup process, they often prioritize ease of use over security,” Michael Katchinskiy and Yossi Weizman from the Microsoft Defender for Cloud Research team First…
-
Samsung Datenleck und Galaxy-Smartphones können Passwörter leaken
Ich fasse mal zwei Themen rund um Samsung und deren Smartphones zusammen. Es muss wohl ein größeres Datenleck bei Samsung durch einen Angriff bei einem Dienstleister gegeben haben, von dem deutsche Kunden betroffen sind. Und Samsung hat eingestanden, dass Galaxy … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/05/06/samsung-datenleck-und-galaxy-smartphones-koennen-passwoerter-leaken/
-
Signal App Used by Trump Associate Targeted in Security Breach
A major security scare has erupted in Washington after reports emerged that a Trump associate was using an unofficial version of the secure messaging platform Signal-an application that was subsequently targeted in a data breach, according to a Sunday report from tech outlet 404 Media. According to the Reuters report, the report centers on former…
-
Data breach hits online ticket resale platform
First seen on scworld.com Jump to article: www.scworld.com/brief/data-breach-hits-online-ticket-resale-platform
-
Kelly Benefits December data breach impacted over 400,000 individuals
Kelly Benefits has determined that the impact of the recently disclosed data breach is much bigger than initially believed. Benefits and payroll solutions firm Kelly & Associates Insurance Group, aka Kelly Benefits, announced that the impact of a recently disclosed data breach is much bigger than initially estimated. The U.S.-based company provides benefits, payroll, and…
-
California Man Will Plead Guilty to Last Year’s Disney Hack
A 25-year-old California man will plead guilty to hacking into a Disney’s personal computer and using stolen credentials to break into thousands of Disney Slack channels. Ryan Mitchell Kramer, who claimed to be a member of the Russian group NullBulge, then leaked the data when the victim didn’t respond to his emails. First seen on…
-
Apache Parquet Java Vulnerability CVE-2025-46762 Exposes Systems to Remote Code Execution Attacks
A vulnerability has been identified in Apache Parquet Java, which could leave systems exposed to remote code execution (RCE) attacks. Apache Parquet contributor Gang Wu discovered, this flaw, tracked as CVE-2025-46762, in the parquet-avro module and publicly disclosed it on May 2. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apache-parquet-java-flaw-cve-2025-46762/
-
Luna Moth Hackers Use Fake Helpdesk Domains to Target Victims
A recent investigation by cybersecurity firm EclecticIQ, in collaboration with threat hunters, has exposed a surge in malicious activity tied to the Luna Moth hacking group. The actors are now leveragingfake helpdesk-themed domainsto impersonate legitimate businesses and steal sensitive data. This campaign, first detected in March 2025, primarily targets law firms and corporate entities. How…
-
Banking Customer Data Exposed Following Ransomware Attack on Vendor
First seen on scworld.com Jump to article: www.scworld.com/native/banking-customer-data-exposed-following-ransomware-attack-on-vendor
-
Thousands of LabHost PhaaS domains exposed by FBI
Tags: data-breachFirst seen on scworld.com Jump to article: www.scworld.com/brief/thousands-of-labhost-phaas-domains-exposed-by-fbi
-
Dating app Raw exposed users’ location data and personal information
The app claims it uses end-to-end encryption, but spilled its users’ dating preferences and granular location data to the open web. First seen on techcrunch.com Jump to article: techcrunch.com/2025/05/02/dating-app-raw-exposed-users-location-data-personal-information/
-
Erkenntnisse aus dem Verizon Data Breach Investigation Report (DBIR) 2025
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/verizon-data-breach-investigation-report-2025-erkenntnisse
-
VerizonBreach-Investigation-Report Schwachstellen sind der häufigste Einstiegspunkt für Sicherheitsverletzungen
Der aktuelle Verizon-Data-Breach-Investigation-Report, DBIR 2025, veröffentlicht am 2. Mai 2025 in München, liefert einen umfassenden Überblick über die sich wandelnde Bedrohungslandschaft in der Cybersicherheit. Der Bericht wurde durch die Expertise zahlreicher Partner insbesondere Qualys unterstützt, die entscheidend dazu beitrugen, kritische Muster und Schwachstellen aufzudecken und Unternehmen das nötige Wissen zur Abwehr aktueller und […] First…
-
Patients left in the dark months after cybercriminals leak testing lab data
It’s been almost a year since the Qilin cybercrime group breached sensitive data from U.K. pathology services company Synnovis, and its patient information page is still short on details about what was exposed and how many people were affected. First seen on therecord.media Jump to article: therecord.media/synnovis-health-data-breach-investigation-onging
-
People know password reuse is risky but keep doing it anyway
35% of Gen Z said they never or rarely update passwords after a data breach affecting one of their accounts, according to Bitwarden. Only 10% reported always updating … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/02/passwords-update-security-risks/
-
More than 100,000 impacted by December data breach at Ascension Health
Ascension Health revealed another security incident this week, warning more than 100,000 people in multiple states that their information was likely accessed by hackers late last year. First seen on therecord.media Jump to article: therecord.media/ascension-health-data-breach-impacts-over-100000
-
Breach Roundup: Surge in Edge Device Zero-Day Exploits
Also, Baltimore Public Schools Suffer Data Breach, Disney Menu Hacker Sentenced. This week, zero-day exploits surged, accused Nefilim hacker extradited, Baltimore schools breach, CISA lists Broadcom Brocade, Commvault flaws, a fake WooCommerce patch, Akira hit Hitachi Vantara, ex-Disney worker sentenced and a Darcula phishing kit upgrade. FBI published 42,000 phishing domains. First seen on govinfosecurity.com…
-
Ticket Resale Platform TicketToCash Left 200GB of User Data Exposed
A misconfigured, non-password-protected database belonging to TicketToCash exposed data from 520,000 customers, including PII and partial financial details…. First seen on hackread.com Jump to article: hackread.com/ticket-resale-platform-tickettocash-exposed-user-data/
-
Experts See Little Progress After Major Chinese Telecom Hack
Salt Typhoon Exposed Major Flaws in Telecom Networks. Few Changes Have Been Made. After China’s Salt Typhoon breach of U.S. telecom networks, federal experts told Congress on Wednesday the nation remains dangerously exposed to another attack – despite warnings, investigations and interagency coordination, all of which have yet to produce systemic cyber defense improvements. First…
-
Exposed Git configuration file scanning escalates
Tags: data-breachFirst seen on scworld.com Jump to article: www.scworld.com/brief/exposed-git-configuration-file-scanning-escalates
-
Oregon agency’s 1.3M files leaked by Rhysida ransomware gang
First seen on scworld.com Jump to article: www.scworld.com/brief/oregon-agencys-1-3m-files-leaked-by-rhysida-ransomware-gang
-
Ascension Data Breach: Patient Information ‘Likely Stolen’ After ‘Inadvertently’ Being Shared With Former Business Partner
Ascension, a Catholic health system that suffered one of the worst health care-related cyberattacks in history, said it discovered a separate breach late last year. First seen on crn.com Jump to article: www.crn.com/news/security/2025/ascension-data-breach-patient-information-likely-stolen-after-inadvertently-being-shared-with-former-business-partner
-
AirBorne flaws can lead to fully hijack Apple devices
Vulnerabilities in Apple’s AirPlay protocol and SDK exposed Apple and third-party devices to attacks, including remote code execution. Oligo Security found serious flaws, collectively tracked as AirBorne, in Apple’s AirPlay protocol and SDK, affecting Apple and third-party devices. Attackers can exploit the vulnerabilities to perform zero-/one-click RCE, bypass ACLs, read local files, steal data, and…
-
Over 400 servers found to be exposed to SAP NetWeaver bug
First seen on scworld.com Jump to article: www.scworld.com/news/over-400-servers-found-to-be-exposed-to-sap-netweaver-bug
-
Data breach disclosed by UrbanOne following Cactus ransomware claims
First seen on scworld.com Jump to article: www.scworld.com/brief/data-breach-disclosed-by-urbanone-following-cactus-ransomware-claims