Tag: data
-
Fashion retailer Express left customers’ personal data and order details exposed to the internet
Retail giant Express was publicly spilling customer information to the open web. The bug is now fixed after TechCrunch alerted Express, but the company would not say if it plans to notify customers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/16/fashion-retailer-express-left-customers-personal-data-and-order-details-exposed-to-the-internet/
-
ShinyHunters Leak Rockstar Games Data, No Player Records Impacted
ShinyHunters hackers leak 7.54 GB of Rockstar Games data from Snowflake analytics systems, confirming no player records or personal information were exposed. First seen on hackread.com Jump to article: hackread.com/shinyhunters-leak-rockstar-games-data-player-records/
-
NTT Research Launches Scale Academy to Bring Lab Technology to Market
NTT Research launches Scale Academy to turn AI and security research into real products, debuting SaltGrain, a zero-trust data security platform. The post NTT Research Launches Scale Academy to Bring Lab Technology to Market appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-ntt-research-scale-academy/
-
prompted 2026 Glass-Box Security: Operationalizing Mechanistic Interpretability
Author, Creator & Presenter: Carl Hurd, Co-Founder & CTO, Starseer Our thanks to [un]prompted for publishing their Creators, Authors and Presenter’s outstanding [un]prompted 2026 AI Security Practitioner content on the Organizations’ YouTube Channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/unprompted-2026-glass-box-security-operationalizing-mechanistic-interpretability/
-
“I’m Just Scared”: Teen Hacker Jailed After Massive U.S. School Data Breach
Hacker Matthew Lane, now 20, played a central role in the PowerSchool data breach, one of the largest cyberattacks in U.S. education history. As he headed to federal prison in Connecticut, he admitted fear and regret, writing, “It’s extremely sad, and I’m just scared.” First seen on thecyberexpress.com Jump to article: thecyberexpress.com/hacker-matthew-lane-powerschool-data-breach/
-
ShinyHunters Leak Rockstar Games Data, No Player Records Impacted
ShinyHunters hackers leak 7.54 GB of Rockstar Games data from Snowflake analytics systems, confirming no player records or personal information were exposed. First seen on hackread.com Jump to article: hackread.com/shinyhunters-leak-rockstar-games-data-player-records/
-
Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft
Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, backdoors, and ad injection. The post Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-malicious-chrome-extensions-data-theft/
-
What Is AI Risk? A Clear Definition for 2026
What AI risk actually means, where it lives, and why most teams get it wrong. Data-backed insights from the 2026 SaaS + AI Security Report. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/what-is-ai-risk-a-clear-definition-for-2026/
-
“I’m Just Scared”: Teen Hacker Jailed After Massive U.S. School Data Breach
Hacker Matthew Lane, now 20, played a central role in the PowerSchool data breach, one of the largest cyberattacks in U.S. education history. As he headed to federal prison in Connecticut, he admitted fear and regret, writing, “It’s extremely sad, and I’m just scared.” First seen on thecyberexpress.com Jump to article: thecyberexpress.com/hacker-matthew-lane-powerschool-data-breach/
-
Cookeville Regional Medical Center hospital data breach impacts 337,917 people
A ransomware attack on Cookeville Regional Medical Center hospital (Tennessee) exposed data of 337,000 people after hackers stole 500GB of sensitive information from its systems. A ransomware attack on Cookeville Regional Medical Center (CRMC) in Tennessee led to a major data breach affecting about 337,000 people. The attack, carried out by the Rhysida group, involved…
-
What to do When Your AI Guardrails Fail
I want to talk about a bug. Not because the bug itself was exceptional, but because what it exposed should change how every organisation architects AI governance. For several weeks earlier this year, Microsoft 365 Copilot read and summarised confidential emails despite sensitivity labels and Data Loss Prevention policies being correctly configured to block that…
-
What Is AI Risk? A Clear Definition for 2026
What AI risk actually means, where it lives, and why most teams get it wrong. Data-backed insights from the 2026 SaaS + AI Security Report. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/what-is-ai-risk-a-clear-definition-for-2026/
-
“I’m Just Scared”: Teen Hacker Jailed After Massive U.S. School Data Breach
Hacker Matthew Lane, now 20, played a central role in the PowerSchool data breach, one of the largest cyberattacks in U.S. education history. As he headed to federal prison in Connecticut, he admitted fear and regret, writing, “It’s extremely sad, and I’m just scared.” First seen on thecyberexpress.com Jump to article: thecyberexpress.com/hacker-matthew-lane-powerschool-data-breach/
-
AI platform n8n abused for stealthy phishing and malware delivery
Attackers abuse AI automation platform n8n to run phishing campaigns, deliver malware, and evade security by using trusted infrastructure. Threat actors are exploiting the popular AI workflow automation platform n8n to launch advanced phishing campaigns, deliver malware, and collect device data through automated emails. By using trusted infrastructure, they can bypass traditional security controls and…
-
Data breach at edtech giant McGraw Hill affects 13.5 million accounts
The ShinyHunters extortion group has leaked data from 13.5 million McGraw Hill user accounts, stolen after breaching the company’s Salesforce environment earlier this month. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/data-breach-at-edtech-giant-mcgraw-hill-affects-135-million-accounts/
-
What Is AI Risk? A Clear Definition for 2026
What AI risk actually means, where it lives, and why most teams get it wrong. Data-backed insights from the 2026 SaaS + AI Security Report. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/what-is-ai-risk-a-clear-definition-for-2026/
-
Ransomware-Bedrohungen und KI-Transformation verschieben Fokus von Recovery hin zu Resilienz
Der neue ‘Veeam Data Trust and Resilience Report” von Veeam Software stellt fest, dass 90 Prozent der Sicherheitsverantwortlichen davon überzeugt sind, Daten schnell wiederherstellen zu können. Allerdings schaffen es letztlich nur 28 Prozent, die Daten nach einem Ransomware-Angriff auch tatsächlich vollständig wiederherzustellen. Veeam hat den ‘Data Trust and Resilience Report 2026″ veröffentlicht, der eine wachsende…
-
From clinics to government: UAC-0247 expands cyber campaign across Ukraine
CERT-UA reports UAC-0247 targeting Ukrainian clinics and government bodies with malware stealing data from Chromium browsers and WhatsApp. CERT-UA has revealed a cyber campaign by the threat actor UAC-0247 targeting Ukrainian government entities and municipal healthcare facilities, including clinics and emergency hospitals. The operation between March and April 2026, used malware designed to steal sensitive…
-
New AgingFly malware used in attacks on Ukraine govt, hospitals
A new malware family named ‘AgingFly’ has been identified in attacks against local governments and hospitals that steal authentication data from Chromium-based browsers and WhatsApp messenger. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-agingfly-malware-used-in-attacks-on-ukraine-govt-hospitals/
-
Beating the Mythos clock: Using Tenable Hexa AI custom agents for automated patching
Tags: ai, business, cvss, cyberattack, data, exploit, LLM, mitigation, network, remote-code-execution, risk, strategy, supply-chain, threat, tool, update, vulnerability, vulnerability-managementSee how Tenable Hexa AI custom agents empower you to counter machine-speed threats by automating vulnerability remediation. Learn how the Model Context Protocol (MCP) automates execution of risk-driven patching workflows, shifting your strategy from reactive tracking to continuous exposure management. Key takeaways Even in previews, powerful AI models like Claude Mythos show us how quickly…
-
Textbook titan McGraw Hill on ransomware crew’s reading list after 13.5M records exposed
Publisher claims misconfigured Salesforce-hosted page leaked data First seen on theregister.com Jump to article: www.theregister.com/2026/04/16/mcgraw_hill_salesforce/
-
Breach Roundup: Mr. Raccoon Wants Your Password
Tags: breach, china, data, data-breach, flaw, fortinet, healthcare, leak, password, phishing, ransomware, scamAlso, Eurail Breach, ChipSoft Hospital Disruptions, W3LL Phishing Takedown. This week, a Raccoon-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda scams, major data leaks hit healthcare and China, ransomware and phishing ops surged, and multiple breaches impacted firms and hospitals. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-mr-raccoon-wants-your-password-a-31450
-
UAC-0247 Hits Hospitals, Governments With Browser and WhatsApp Data Theft
A surge of targeted cyberattacks was detected against local governments and municipal healthcare institutions particularly clinical and ambulance hospitals. The campaign has been attributed to threat cluster UAC-0247, known for advanced data theft, persistence, and lateral movement methods. The attack chain begins with well-crafted phishing emails that appear to discuss humanitarian aid proposals. These emails typically…
-
Microsoft’s Windows Recall still allows silent data extraction
Exploitation risk: The barrier to weaponizing this technique is lower than Microsoft’s security messaging would suggest, Hagenah said.”They only need code running in the user’s context and a way to reuse the authorized Recall session,” he said. “That is a much lower bar than many people would assume from Microsoft’s security messaging.”While Recall’s limitation to…
-
Automotive data biz Autovista blames ransomware for service disruption
Some customer orgs tell staff to block inbound email from the provider First seen on theregister.com Jump to article: www.theregister.com/2026/04/15/automotive_data_biz_autovista_ransomware/
-
OpenAI Courts Banks in Trusted Access for Cyber Partner Push
Bank of America, Citi and Goldman Anchor Partner Cohort for OpenAI’s GPT-5.4-Cyber. OpenAI’s Trusted Access for Cyber program prioritizes financial institutions to drive adoption of GPT-5.4-Cyber in regulated environments, highlighting a split with Anthropic’s developer-centric, tech-heavy partnerships and raising questions about partnership value and data-sharing models. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/openai-courts-banks-in-trusted-access-for-cyber-partner-push-a-31447
-
What makes Agentic AI a smart choice for data security?
How Can Non-Human Identities Revolutionize Cloud Security? Can the effective management of Non-Human Identities (NHIs) transform cloud security? When organizations increasingly pivot towards cloud infrastructures, safeguarding digital environments has become a pivotal concern across industries. With data breaches making headlines globally, it is imperative for businesses to adopt comprehensive cybersecurity strategies that shield every corner……
-
Claude Mythos: Prepare for your board’s cybersecurity questions about the latest AI model from Anthropic
Tags: ai, api, application-security, attack, authentication, automation, best-practice, business, ceo, cisa, cloud, compliance, container, control, cve, cvss, cyber, cybersecurity, data, data-breach, endpoint, exploit, fedramp, finance, flaw, framework, governance, group, HIPAA, identity, injection, insurance, kev, law, linkedin, linux, LLM, macOS, network, PCI, risk, service, soc, software, strategy, technology, threat, update, vulnerability, vulnerability-management, windows, zero-day, zero-trustWith the Federal Reserve Chairman meeting with bank CEOs to discuss the security implications of Claude Mythos, you can bet that your board of directors will ask you about the impact of the AI model on your cybersecurity strategy. Here’s how to prepare. Key takeaways Anthropic announced Claude Mythos Preview, its most powerful general-purpose frontier…
-
Why Data Protection Vendor Commvault Is Eyeing Going Private
Tags: dataSlumping Stock and Slower Growth Than Rival Rubrik Pave Way for Take-Private Deal Reuters reported that Commvault is working with Goldman Sachs to explore a sale after receiving takeover interest from both private equity firms and strategic buyers. Thoma Bravo is among the buyers that have expressed interest in Commvault, sources told Reuters. First seen…