Tag: leak

Meta fixes Instagram password reset flaw, denies data breach

Jan 12, 2026 9:02 PM

Tags: breach, data, data-breach, email, flaw, leak, password, vulnerability

Meta fixed an Instagram password reset flaw that let third parties send reset emails, while denying a data breach despite leak claims. Meta confirmed fixing an Instagram password reset vulnerability that allowed third parties to trigger reset emails, while denying any breach despite claims of leaked user data. >>We fixed an issue that let an…
Instagram Confirms Password-Reset Spam Flood, Denies Breach

Jan 12, 2026 7:02 PM

Tags: breach, data-breach, email, leak, malicious, password, spam, threat

Security Experts See Coincidental Timing After Leak of Scraped Instagram User Data. Instagram said a massive wave of password reset emails sent to its users traced to malicious abuse of a legitimate feature, but didn’t result from any breach of its systems. Separately, security experts said a threat actor leaked 6.2 million users’ email addresses,…
Two Separate Campaigns Target Exposed LLM Services

Jan 12, 2026 6:02 PM

Tags: ai, attack, data-breach, endpoint, leak, LLM, service

A total of 91,403 sessions targeted public LLM endpoints to find leaks in organizations’ use of AI and map an expanding attack surface. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/separate-campaigns-target-exposed-llm-services
Prevent cloud data leaks with Microsoft 365 access reviews

Jan 12, 2026 5:02 PM

Tags: access, cloud, data, leak, microsoft

Microsoft 365 has made file sharing effortless, but that convenience often leaves organizations with little visibility into who can access sensitive data. Tenfold explains how access reviews for shared cloud content can help organizations regain visibility, reduce unnecessary permissions, and prevent data leaks in Microsoft 365. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/prevent-cloud-data-leaks-with-microsoft-365-access-reviews/
How to stop insider-driven data loss in browser sessions

Jan 12, 2026 12:02 PM

Tags: control, data, leak

Midmarket teams turn to secure browsers capable of providing deep visibility and enforcing granular user controls during user browsing sessions, the goal being to prevent intentional or unintentional leaks without adding friction to the user experience. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/spons/how-to-stop-insider-driven-data-loss-in-browser-sessions/808445/
BreachForums Database Leak Turns the Tables on Threat Actors

Jan 12, 2026 11:01 AM

Tags: data-breach, hacking, leak, threat

A database featuring 300,000+ users of notorious hacking forum BreachForums has been leaked online First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/breachforums-database-leak/
CISOs’ top 10 cybersecurity priorities for 2026

Jan 12, 2026 9:01 AM

Tags: access, ai, attack, authentication, business, ciso, cloud, compliance, control, corporate, cyber, cyberattack, cybersecurity, data, deep-fake, defense, gartner, google, hacker, identity, intelligence, international, leak, monitoring, network, office, passkey, resilience, risk, risk-management, service, software, strategy, supply-chain, technology, threat, tool, training, unauthorized, zero-trust

Prepping for AI-enabled attacks: Although conventional tasks dominate the CISO priorities in the Foundry survey, interviews and other research show that AI-related issues are also high on the CISO priority list.For example, 53% of security leaders ranked AI-enabled cyber threats as a top-three organizational risk in a global survey conducted by Boston Consulting Group. BCG…
CISOs’ top 10 cybersecurity priorities for 2026

Jan 12, 2026 9:01 AM

Tags: access, ai, attack, authentication, business, ciso, cloud, compliance, control, corporate, cyber, cyberattack, cybersecurity, data, deep-fake, defense, gartner, google, hacker, identity, intelligence, international, leak, monitoring, network, office, passkey, resilience, risk, risk-management, service, software, strategy, supply-chain, technology, threat, tool, training, unauthorized, zero-trust

Prepping for AI-enabled attacks: Although conventional tasks dominate the CISO priorities in the Foundry survey, interviews and other research show that AI-related issues are also high on the CISO priority list.For example, 53% of security leaders ranked AI-enabled cyber threats as a top-three organizational risk in a global survey conducted by Boston Consulting Group. BCG…
Critical InputPlumber Flaw Enables UI Input Injection and DenialService

Jan 12, 2026 8:01 AM

Tags: cve, cyber, flaw, injection, leak, linux, service, vulnerability

Security researchers have discovered critical vulnerabilities in InputPlumber, a Linux input device utility used in SteamOS, that could allow attackers to inject keystrokes, leak sensitive information, and cause denial-of-service conditions. The flaws, tracked as CVE-2025-66005 and CVE-2025-14338, affect InputPlumber versions before v0.69.0 and stem from inadequate D-Bus authorization checks. CVE ID Description Affected Versions Impact…
Instagram’s “17 Million User Data Leak” Was Just Scraped Records from 2022

Jan 12, 2026 12:02 AM

Tags: breach, data, data-breach, leak

Instagram’s 17 million user data leak wasn’t a new breach – Hackread.com’s in-depth analysis shows it was scraped in 2022, leaked in 2023, and falsely repackaged in 2026. First seen on hackread.com Jump to article: hackread.com/instagram-user-data-leak-scraped-records-2022/
Instagram denies breach amid claims of 17 million account data leak

Jan 11, 2026 9:02 PM

Tags: breach, data, data-breach, email, leak, password, threat

Instagram says it fixed a bug that allowed threat actors to mass-request password reset emails, amid claims that data from more than 17 million Instagram accounts was scraped and leaked online. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/instagram-denies-breach-amid-claims-of-17-million-account-data-leak/
Massive Instagram Data Scare Ties 17.5M Accounts to Leak, But Meta Denies Breach

Jan 11, 2026 7:02 PM

Tags: breach, cybersecurity, data, data-breach, email, leak, network, password

A major cybersecurity scare has put Instagram, one of the world’s largest social networks, under intense scrutiny after millions of users globally reported unexpected password reset emails, fueling fears of a large-scale data breach. While evidence of leaked account data has surfaced, Instagram’s parent company Meta insists that its systems were not compromised and that……
Massive Instagram Data Breach Exposes Personal Details of 17.5 Million Users

Jan 10, 2026 7:02 PM

Tags: breach, cyber, cybersecurity, dark-web, data, data-breach, email, leak, phone

A staggering cybersecurity incident has come to light, with 17.5 million Instagram users’ personal information exposed in a data breach advertised on dark web marketplaces. Cybersecurity firm Malwarebytes first alerted the public via X (formerly Twitter), confirming the leak’s severity as stolen data, including usernames, emails, phone numbers, and partial locations, circulates for sale. Affected…
ZombieAgent ChatGPT attack shows persistent data leak risks of AI agents

Jan 10, 2026 1:01 AM

Tags: ai, attack, backdoor, chatgpt, cloud, data, email, injection, leak, LLM, malicious, microsoft, openai, risk, service, tool, vulnerability, worm

Worm-like propagation: The email attack even has worming capabilities, as the malicious prompts could instruct ChatGPT to scan the inbox, extract addresses from other email messages, exfiltrate those addresses to the attackers using the URL trick, and send similar poisoned messages to those addresses as well.If the victim is the employee of an organization that…
Hacker Behind Wired.com Leak Now Selling Full 40M CondÃ© Nast Records

Jan 9, 2026 5:01 PM

Tags: data, hacker, leak

A hacker claims to be selling nearly 40 million CondÃ© Nast user records after leaking Wired.com data, with multiple major brands allegedly affected. First seen on hackread.com Jump to article: hackread.com/wired-com-hacker-data-leak-conde-nast-records/
Cisco Snort 3 Vulnerability Leading to Sensitive Data Disclosure

Jan 8, 2026 7:02 PM

Tags: advisory, cisco, cve, cyber, data, defense, detection, firewall, leak, service, threat, vulnerability

Cisco has disclosed two critical vulnerabilities in the Snort 3 detection engine affecting multiple enterprise security products, including firewalls, threat defense systems, and edge platforms. The vulnerabilities, tracked as CVE-2026-20026 and CVE-2026-20027 under advisory cisco-sa-snort3-dcerpc-vulns-J9HNF4tH, could allow unauthenticated remote attackers to leak sensitive information or cause denial-of-service conditions by disrupting packet inspection capabilities. The vulnerabilities…
Cisco Snort 3 Security Flaws Threaten Network Inspection

Jan 8, 2026 5:05 PM

Tags: attack, cisco, flaw, leak, network

Cisco Snort 3 flaws allow unauthenticated attacks that disrupt inspection or leak sensitive data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/cisco-snort-3-security-flaws-threaten-network-inspection/
Cybersecurity at the edge: Securing rugged IoT in mission-critical environments

Jan 8, 2026 5:05 PM

Tags: 5G, access, attack, authentication, breach, business, cio, compliance, control, credentials, cyber, cybersecurity, data, data-breach, defense, detection, firmware, framework, gartner, Hardware, HIPAA, identity, infrastructure, iot, leak, least-privilege, mitigation, monitoring, network, nist, password, risk, strategy, supply-chain, technology, theft, threat, unauthorized, update, vpn, vulnerability, zero-trust

Defense: Compromised devices can leak mission-critical data or disrupt tactical communications.Utilities: Operational paralysis halts power distribution or water treatment, impacting millions.Public safety: Emergency response systems fail during crises, endangering lives.According to Gartner, in 2023, IoT-related incidents in critical infrastructure surged 400% over the previous three years and the average cost of an OT breach exceeded…
Cybersecurity at the edge: Securing rugged IoT in mission-critical environments

Jan 8, 2026 5:05 PM

Tags: 5G, access, attack, authentication, breach, business, cio, compliance, control, credentials, cyber, cybersecurity, data, data-breach, defense, detection, firmware, framework, gartner, Hardware, HIPAA, identity, infrastructure, iot, leak, least-privilege, mitigation, monitoring, network, nist, password, risk, strategy, supply-chain, technology, theft, threat, unauthorized, update, vpn, vulnerability, zero-trust

Defense: Compromised devices can leak mission-critical data or disrupt tactical communications.Utilities: Operational paralysis halts power distribution or water treatment, impacting millions.Public safety: Emergency response systems fail during crises, endangering lives.According to Gartner, in 2023, IoT-related incidents in critical infrastructure surged 400% over the previous three years and the average cost of an OT breach exceeded…
ThreatsDay Bulletin: RustFS Flaw, Iranian Ops, WebUI RCE, Cloud Leaks, and 12 More Stories

Jan 8, 2026 3:01 PM

Tags: cloud, flaw, hacker, Internet, iran, leak, rce, remote-code-execution, risk, scam, tool

The internet never stays quiet. Every week, new hacks, scams, and security problems show up somewhere.This week’s stories show how fast attackers change their tricks, how small mistakes turn into big risks, and how the same old tools keep finding new ways to break in.Read on to catch up before the next wave hits. Honeypot…
Critical RCE flaw allows full takeover of n8n AI workflow platform

Jan 7, 2026 9:02 PM

Tags: ai, api, attack, authentication, cloud, credentials, data, email, exploit, flaw, leak, LLM, password, rce, remote-code-execution, threat, vulnerability

formWebhook function used by n8n Form nodes to receive data doesn’t validate whether the Content-Type field of the POST request submitted by the user is set to multipart/form-data.Imagine a very common use case in which n8n has been used to build a chat interface that allows users to upload files to the system, for example,…
Personal LLM Accounts Drive Shadow AI Data Leak Risks

Jan 7, 2026 3:01 PM

Tags: ai, data, governance, leak, LLM, risk

Lack of visibility and governance around employees using generative AI is resulting in rise in data security risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/personal-llm-accounts-drive-shadow/
Malicious Chrome Extension Leaks ChatGPT and DeepSeek Chats of 900,000 Users

Jan 7, 2026 9:52 AM

Tags: ai, browser, chatgpt, chrome, cyber, data, google, leak, malicious, tool

Over 900,000 Chrome users have been compromised by two malicious extensions that secretly exfiltrate ChatGPT and DeepSeek conversations to attacker-controlled servers. Security researchers discovered the extensions impersonating the legitimate AITOPIA AI sidebar tool, with one rogue extension even earning Google’s >>Featured
Flare Researchers Analyze SafePay Ransomware Leak Data

Jan 6, 2026 8:52 PM

Tags: data, group, leak, ransomware

Flare researchers analyzed SafePay leak data, showing how the group targets regulated SMBs to maximize pressure. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/flare-researchers-analyze-safepay-ransomware-leak-data/
Critical ‘MongoBleed’ Bug Under Attack, Patch Now

Jan 6, 2026 2:52 PM

Tags: attack, leak, password, update, vulnerability

A memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/mongobleed-bug-active-attack-patch
Critical ‘MongoBleed’ Bug Under Active Attack, Patch Now

Jan 5, 2026 11:52 PM

Tags: attack, leak, password, update, vulnerability

A memory leak security vulnerability allows unauthenticated attackers to extract passwords and tokens from MongoDB servers. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/mongobleed-bug-active-attack-patch
New Zealand Probes Ransomware Hack of Health Portal

Jan 5, 2026 8:52 PM

Tags: data, extortion, government, group, healthcare, leak, ransomware, service

More Than 100,000 Affected by Hack Detected on Dec. 30. The New Zealand government is probing a year-end ransomware hack of private healthcare service provider Manage My Health that impacted thousands of patients. Digital extortion group Kazu has claimed responsibility and threatened to leak the data on Jan. 15 unless it receives a $60,000 ransom.…
Handala Leak Shows Telegram Account Risk, Not iPhone Hacks

Jan 5, 2026 4:52 PM

Tags: data, iphone, leak, risk

The Handala incident shows how Telegram account takeovers can expose sensitive data without compromising entire devices. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/handala-leak-shows-telegram-account-risk-not-iphone-hacks/
Cybersecurity firm turns tables on threat actors with decoy data trap

Jan 5, 2026 1:52 PM

Tags: breach, cybersecurity, data, data-breach, group, leak, mitre, network, threat

Evidence of real breach remains thin: Despite Resecurity’s detailed account, the threat actors have not backed up their original claims with additional verifiable evidence. After posting the screenshots, no substantiated leaks of internal systems or actual client data have appeared. Independent analysis by various cybersecurity researchers supports Resecurity’s assertion that no production assets were compromised.On…
Cybersecurity firm turns tables on threat actors with decoy data trap

Jan 5, 2026 1:52 PM

Tags: breach, cybersecurity, data, data-breach, group, leak, mitre, network, threat

Evidence of real breach remains thin: Despite Resecurity’s detailed account, the threat actors have not backed up their original claims with additional verifiable evidence. After posting the screenshots, no substantiated leaks of internal systems or actual client data have appeared. Independent analysis by various cybersecurity researchers supports Resecurity’s assertion that no production assets were compromised.On…