Tag: leak
-
KillSec Ransomware is Attacking Healthcare Institutions in Brazil
KillSec Ransomware claimed responsibility for a cyberattack on MedicSolution, a software solutions provider for the healthcare industry in Brazil. The KillSec Ransomware group has threatened to leak sensitive data unless negotiations are initiated promptly. According to threat intelligence reporting by Resecurity, the root cause of the incident data exfiltration from insecure AWS S3 bucket. […]…
-
Massive Leak Shows How a Chinese Company Is Exporting the Great Firewall to the World
Geedge Networks, a company with ties to the founder of China’s mass censorship infrastructure, is selling its censorship and surveillance systems to at least four other countries in Asia and Africa. First seen on wired.com Jump to article: www.wired.com/story/geedge-networks-mass-censorship-leak/
-
Pakistan Launches Probe After Massive SIM Data Leak Hits Millions
The Pakistani government has launched an urgent investigation following reports of a massive data leak involving SIM holders’ personal information, including that of Interior Minister Mohsin Naqvi. The leaked SIM data, reportedly being sold openly online, has sparked national concern over digital security and privacy. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/pakistan-probes-sim-data/
-
Max severity Argo CD API flaw leaks repository credentials
An Argo CD vulnerability allows API tokens with even low project-level get permissions to access API endpoints and retrieve all repository credentials associated with the project. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/max-severity-argo-cd-api-flaw-leaks-repository-credentials/
-
Scattered Lapsus$ Hunters Demand Google Fire Security Experts or Face Data Leak
Scattered Lapsus$ Hunters threaten Google, demanding that two security experts, Austin Larsen of Google’s Threat Intelligence Group and Charles Carmakal of Mandiant, be fired or they will leak alleged stolen Google data. First seen on hackread.com Jump to article: hackread.com/scattered-lapsus-hunters-google-fire-experts-data-leak/
-
Ensuring Compliance and feeling reassured in the Cloud
How Can Non-Human Identities (NHIs) Enhance Cloud Security? Is your organization leveraging the power of Non-Human Identities (NHIs) and Secrets Security Management to fortify cloud security? If not, you could be leaving yourself vulnerable to potential cyber threats. The management of NHIs and secrets can significantly reduce the risk of security breaches and data leaks,……
-
Dutch Lab Cancer Screening Hack Balloons to 941,000 Victims
Ransomware Gang Nova Poised to Leak Patient Data, Lab Stays Mum on Negotiations. With ransomware gang Nova threatening to leak patient data on the darkweb, a Dutch laboratory that performs cervical cancer tests for a government screening program is mum about the ransom negotiations, but it says the cyberattack in July has affected 941,000 patients.…
-
Detecting Data Leaks Before Disaster
In January 2025, cybersecurity experts at Wiz Research found that Chinese AI specialist DeepSeek had suffered a data leak, putting more than 1 million sensitive log streams at risk. According to the Wiz Research team, they identified a publicly accessible ClickHouse database belonging to DeepSeek. This allowed “full control over database operations, including the ability…
-
Misconfigured Server Leaks 378GB of Navy Federal Credit Union Files
Cybersecurity researcher Jeremiah Fowler discovered an unsecured and misconfigured server exposing 378 GB of internal Navy Federal Credit… First seen on hackread.com Jump to article: hackread.com/misconfigured-server-navy-federal-credit-union-data-leak/
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
A CISO’s guide to monitoring the dark web
Tags: access, attack, authentication, breach, ciso, cloud, credentials, cyber, cybercrime, dark-web, data, data-breach, detection, extortion, guide, identity, incident response, intelligence, law, leak, marketplace, mfa, monitoring, okta, risk, saas, service, supply-chain, technology, threat, vpn, vulnerabilityIs your company data on the dark web? Here’s what to look for and what do if your data now lives on the dark web. Sıla Özeren / Picus Security If you’re looking for broader threats against your organization, pay close attention to what initial access brokers (IABs) are offering for sale on the dark…
-
Hackers Turn Personal: Scattered LapSus Hunters Demand Google Sack Employees
A hacker collective identifying itself as the Scattered LapSus Hunters has issued a direct threat to Google, demanding the termination of two of the company’s security employees. The group claims it will leak internal data unless Google complies. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/hacker-collective-threatens-google/
-
Hackers Turn Personal: Scattered LapSus Hunters Demand Google Sack Employees
A hacker collective identifying itself as the Scattered LapSus Hunters has issued a direct threat to Google, demanding the termination of two of the company’s security employees. The group claims it will leak internal data unless Google complies. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/hacker-collective-threatens-google/
-
JSON Config File Leaks Azure ActiveDirectory Credentials
In this type of misconfiguration, cyberattackers could use exposed secrets to authenticate directly via Microsoft’s OAuth 2.0 endpoints and infiltrate Azure cloud environments. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/public-file-leaks-azure-activedirectory-credentials
-
Azure AD Vulnerability Leaks Credentials, Lets Attackers Deploy Malicious Apps
Exposing an ASP.NET Core appsettings.json file containing Azure Active Directory (Azure AD) credentials poses acritical attack vector, effectively handing adversaries the keys to an organization’s cloud environment. During a recent cybersecurity assessment by Resecurity’s HUNTER Team, researchers discovered that a publicly accessible appsettings.json file had exposed the ClientId and ClientSecret of an Azure AD application,…
-
Agentic AI: A CISO’s security nightmare in the making?
Tags: access, ai, antivirus, api, attack, automation, ciso, compliance, cybersecurity, data, defense, detection, email, endpoint, exploit, framework, governance, law, leak, malicious, malware, open-source, privacy, risk, service, strategy, supply-chain, tool, vulnerabilityFree agents: Autonomy breeds increased risks: Agentic AI introduces the ability to make independent decisions and act without human oversight. This capability presents its own cybersecurity risk by potentially leaving organizations vulnerable.”Agentic AI systems are goal-driven and capable of making decisions without direct human approval,” Joyce says. “When objectives are poorly scoped or ambiguous, agents…
-
Azure AD Client Secret Leak: The Keys to Cloud
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/azure-ad-client-secret-leak-the-keys-to-cloud
-
Azure AD Client Secret Leak: The Key to Everything
Tags: leakFirst seen on resecurity.com Jump to article: www.resecurity.com/blog/article/azure-ad-client-secret-leak-the-key-to-everything
-
Ensuring Safety with Comprehensive Secrets Sprawl Control
Why Control Over Secrets Sprawl is Key to Safe Cybersecurity Practices? Data breaches have become a significant concern. The necessity of safe cybersecurity practices, like managing Non-Human Identities (NHIs) and Secrets Sprawl, is indeed unquestionable. To reduce the likelihood of such breaches and data leaks, managing NHIs and Secrets Sprawl is crucial. But why is……
-
Ensuring Safety with Comprehensive Secrets Sprawl Control
Why Control Over Secrets Sprawl is Key to Safe Cybersecurity Practices? Data breaches have become a significant concern. The necessity of safe cybersecurity practices, like managing Non-Human Identities (NHIs) and Secrets Sprawl, is indeed unquestionable. To reduce the likelihood of such breaches and data leaks, managing NHIs and Secrets Sprawl is crucial. But why is……
-
BSidesSF 2025: Log In Through The Front Door: Automating Defense Against Credential Leaks
Creator, Author and Presenter: Barath Subramaniam Our deep appreciation to Security BSides – San Francisco and the Creators, Authors and Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon – certainly a venue like no other; and via the organization’s YouTube…
-
Dexter: Resurrection Finale Leaks Online in Russian Dub
Dexter: Resurrection finale leaks in Russian dub ahead of release. Episodes 9 and 10 surface online, echoing past… First seen on hackread.com Jump to article: hackread.com/dexter-resurrection-finale-leaks-online-in-russian-dub/
-
UK government dragged for incomplete security reforms after Afghan leak fallout
Senior officials summoned to science and tech committee to explain further First seen on theregister.com Jump to article: www.theregister.com/2025/08/29/uk_government_breach_review/
-
Can Your Security Stack See ChatGPT? Why Network Visibility Matters
Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions improve efficiency across tasks, they also present new data leak prevention for generative AI challenges. Sensitive information may be shared through chat prompts, files uploaded for AI-driven summarization, or browser plugins that bypass familiar security controls. First seen…
-
1,000+ Devs Lose Their Secrets to an AI-Powered Stealer
One of the most sophisticated supply chain attacks to date caused immense amounts of data to leak to the Web in a matter of hours. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/1000-devs-lose-secrets-ai-powered-stealer
-
The Nx >>s1ngularity<< Attack: Inside the Credential Leak
On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with credential-harvesting malware. Using GitGuardian’s monitoring data, we analyzed the exfiltrated credentials and reconstructed a fuller scope of exposure. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/the-nx-s1ngularity-attack-inside-the-credential-leak/
-
Underground Ransomware Gang Unleashes Innovative Tactics Targeting Global Organizations
The Underground ransomware gang has been coordinating recurring attacks on enterprises throughout the globe in a worrying increase in cyber risks. They have demonstrated sophisticated malware engineering that blends cutting-edge encryption techniques with focused penetration measures. First detected in July 2023, the group resurfaced in May 2024 with a revamped Dedicated Leak Site (DLS), where…
-
AI Security Map: Linking AI vulnerabilities to real-world impact
A single prompt injection in a customer-facing chatbot can leak sensitive data, damage trust, and draw regulatory scrutiny in hours. The technical breach is only the first … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/27/ai-security-map-linking-vulnerabilities-real-world-impact/
-
How NHIs Deliver Value in Data Security?
How Do Non-Human Identities Drive Data Security? Can you imagine overseeing an extensive network without knowing who or what is accessing and modifying your data? For companies, it’s a chilling thought. Data breaches and leaks are nightmares that any organization would want to avoid. And this is where the value of Non-Human Identities (NHIs) shines……