Tag: leak
-
Another Credential Leak, Another Dollar
A 149M-credential breach shows why encryption alone isn’t enough. Infostealer malware bypasses cloud security by stealing passwords at the endpoint”, where encryption offers no protection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/another-credential-leak-another-dollar/
-
Another Credential Leak, Another Dollar
A 149M-credential breach shows why encryption alone isn’t enough. Infostealer malware bypasses cloud security by stealing passwords at the endpoint”, where encryption offers no protection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/another-credential-leak-another-dollar/
-
Responding to Exposed Secrets An SRE’s Incident Response Playbook
Today, let’s take a closer look at incident response playbooks: how to build one, tailor it for secret leaks, take actions, and learn from incidents. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/responding-to-exposed-secrets-an-sres-incident-response-playbook/
-
Nike Investigates Alleged Data Breach Tied to World Leaks
Nike is investigating World Leaks’ claims of a data breach, underscoring growing risks from data-centric extortion attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/nike-investigates-alleged-data-breach-tied-to-world-leaks/
-
Nike investigates data breach after extortion gang leaks files
Nike is investigating what it described as a “potential cyber security incident” after the World Leaks ransomware gang leaked 1.4 TB of files allegedly stolen from the sportswear giant. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nike-investigates-data-breach-after-extortion-gang-leaks-files/
-
Nike probes potential cyber incident after hackers claim data leak
The company said in a brief statement that it takes consumer privacy and data security seriously and is “actively assessing the situation,” but offered few details about the scope of the alleged breach or whether customer information may have been exposed. First seen on therecord.media Jump to article: therecord.media/nike-probes-alleged-cyber-incident
-
Microsoft brings AI-powered investigations to security teams
Microsoft Purview Data Security Investigations is now available. The tool is part of Microsoft Purview and is intended for scenarios such as data breach and leak … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/27/microsoft-purview-data-security-investigations/
-
World Leaks Ransomware Group Claims 1.4TB Nike Data Breach
Nike is investigating after the World Leaks ransomware group posted a 1.4TB data dump First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/worldleaks-ransomware-14tb-nike/
-
Treasury Cuts Ties With Booz Allen Over IRS Data Leaks
Booz Allen Loses Treasury Work in Move Tied to Trump Waste Crackdown. The U.S. Department of Treasury said it canceled all active contracts with Booz Allen Hamilton, citing data protection failures in handling taxpayer information. Treasury cited a criminal case against Charles Littlejohn, a former employee who leaked the tax returns of President Donald Trump.…
-
Cloudflare misconfiguration behind recent BGP route leak
Tags: leakCloudflare has shared more details about a recent 25-minute Border Gateway Protocol (BGP) route leak affecting IPv6 traffic, which caused measurable congestion, packet loss, and approximately 12 Gbps of dropped traffic. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cloudflare-misconfiguration-behind-recent-bgp-route-leak/
-
Nike Data Breach Claims Surface as WorldLeaks Leaks 1.4TB of Files Online
As users continue to assess the Under Armour data breach, WorldLeaks, the rebranded version of the Hunters International… First seen on hackread.com Jump to article: hackread.com/nike-data-breach-worldleaks-leaks-files-online/
-
Can NHIs management fit within tight cybersecurity budgets?
Why Are Non-Human Identities Crucial in Cybersecurity? Have you ever considered how machine identities, or Non-Human Identities (NHIs), fit into your cybersecurity strategy? Where breaches and data leaks can have catastrophic consequences, ensuring that your digital is secure is more important than ever. Managing NHIs, which are essentially machine identities consisting of secrets such as……
-
NDSS 2025 Secure Data Analytics
Session 10A: Confidential Computing 2 Authors, Creators & Presenters: Byeongwook Kim (Seoul National University), Jaewon Hur (Seoul National University), Adil Ahmad (Arizona State University), Byoungyoung Lee (Seoul National University) PAPER Secure Data Analytics in Apache Spark with Fine-grained Policy Enforcement and Isolated Execution Cloud based Spark platform is a tempting approach for sharing data, as…
-
NDSS 2025 Secure Data Analytics
Session 10A: Confidential Computing 2 Authors, Creators & Presenters: Byeongwook Kim (Seoul National University), Jaewon Hur (Seoul National University), Adil Ahmad (Arizona State University), Byoungyoung Lee (Seoul National University) PAPER Secure Data Analytics in Apache Spark with Fine-grained Policy Enforcement and Isolated Execution Cloud based Spark platform is a tempting approach for sharing data, as…
-
NDSS 2025 Secure Data Analytics
Session 10A: Confidential Computing 2 Authors, Creators & Presenters: Byeongwook Kim (Seoul National University), Jaewon Hur (Seoul National University), Adil Ahmad (Arizona State University), Byoungyoung Lee (Seoul National University) PAPER Secure Data Analytics in Apache Spark with Fine-grained Policy Enforcement and Isolated Execution Cloud based Spark platform is a tempting approach for sharing data, as…
-
Data Leak Exposes 149M Logins, Including Gmail, Facebook
A massive unsecured database exposed 149 million logins, raising concerns over infostealer malware and credential theft. The post Data Leak Exposes 149M Logins, Including Gmail, Facebook appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-149-million-passwords-exposed-infostealer-database/
-
Ransomware Hackers Leak Under Armour Customer Data
Russia-Linked Ransomware Group Dumps Customer Data After Failed Extortion Attempt. Under Armour may trade on the blood, sweat, respect slogan, but a Russia-linked ransomware group hasn’t been abiding, after they stole data pertaining to 72.7 million of the athleisure giant’s customers, then leaked it on darkweb sites after saying the retailer refused to pay a…
-
ShinyHunters claims Okta customer breaches, leaks data belonging to 3 orgs
‘A lot more’ victims to come, we’re told First seen on theregister.com Jump to article: www.theregister.com/2026/01/23/shinyhunters_claims_okta_customer_breaches/
-
ShinyHunters Leak Alleged Data of Millions From SoundCloud, Crunchbase and Betterment
ShinyHunters claim more data breaches and leaks are coming soon! First seen on hackread.com Jump to article: hackread.com/shinyhunters-leak-soundcloud-crunchbase-betterment-data/
-
When Data Leaks Don’t Look Like Breaches: The Instagram Exposure Explained
A recent disclosure revealed that data associated with more than 17.5 million Instagram accounts was exposed through a large-scale data leak, with records reportedly including user IDs, contact details, and account metadata, according to CyberPress. While no direct breach of Instagram’s core infrastructure has been publicly confirmed, the exposed dataset highlights a persistent challenge for…
-
Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs
Security vulnerabilities were uncovered in the popular open-source artificial intelligence (AI) framework Chainlit that could allow attackers to steal sensitive data, which may allow for lateral movement within a susceptible organization.Zafran Security said the high-severity flaws, collectively dubbed ChainLeak, could be abused to leak cloud environment API keys and steal sensitive files, or First seen…
-
Everest Ransomware Group Allegedly Claims Breach of McDonald’s India Systems
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive corporate and customer data. The threat actors posted breach details on their dark web leak site on January 20, 2026, threatening public release if McDonald’s fails to respond within their specified deadline. Scope of Alleged…
-
Everest Ransomware Group Allegedly Claims Breach of McDonald’s India Systems
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive corporate and customer data. The threat actors posted breach details on their dark web leak site on January 20, 2026, threatening public release if McDonald’s fails to respond within their specified deadline. Scope of Alleged…
-
Everest Ransomware Group Allegedly Claims Breach of McDonald’s India Systems
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive corporate and customer data. The threat actors posted breach details on their dark web leak site on January 20, 2026, threatening public release if McDonald’s fails to respond within their specified deadline. Scope of Alleged…
-
Gemini AI assistant tricked into leaking Google Calendar data
Using only natural language instructions, researchers were able to bypass Google Gemini’s defenses against malicious prompt injection and create misleading events to leak private Calendar data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/gemini-ai-assistant-tricked-into-leaking-google-calendar-data/
-
Exploiting Google Gemini to Abuse Calendar Invites Illustrates AI Threats
Researchers with security firm Miggo used an indirect prompt injection technique to manipulate Google’s Gemini AI assistant to access and leak private data in Google Calendar events, highlighting the challenges AI presents that traditional security measures can’t address. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/exploiting-google-gemini-to-abuse-calendar-invites-illustrates-ai-threats/
-
Exploiting Google Gemini to Abuse Calendar Invites Illustrates AI Threats
Researchers with security firm Miggo used an indirect prompt injection technique to manipulate Google’s Gemini AI assistant to access and leak private data in Google Calendar events, highlighting the challenges AI presents that traditional security measures can’t address. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/exploiting-google-gemini-to-abuse-calendar-invites-illustrates-ai-threats/
-
Exploiting Google Gemini to Abuse Calendar Invites Illustrates AI Threats
Researchers with security firm Miggo used an indirect prompt injection technique to manipulate Google’s Gemini AI assistant to access and leak private data in Google Calendar events, highlighting the challenges AI presents that traditional security measures can’t address. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/exploiting-google-gemini-to-abuse-calendar-invites-illustrates-ai-threats/
-
Hackathon Projects Show AI Wellness Apps Can Leak Sensitive User Info
As emotional computing applications proliferate, the security threats they face require frameworks beyond traditional approaches. First seen on hackread.com Jump to article: hackread.com/hackathon-projects-ai-wellness-apps-data-leak/
-
StealC malware control panel flaw leaks details on active attacker
Researchers uncovered an XSS flaw in StealC malware’s control panel, exposing key details about a threat actor using the info stealer. StealC is an infostealer that has been active since at least 2023, sold as Malware-as-a-Service to steal cookies and passwords. In 2025, its operators released StealC v2, but the web panel quickly leaked and…