Tag: leak
-
NDSS 2025 Secure Data Analytics
Session 10A: Confidential Computing 2 Authors, Creators & Presenters: Byeongwook Kim (Seoul National University), Jaewon Hur (Seoul National University), Adil Ahmad (Arizona State University), Byoungyoung Lee (Seoul National University) PAPER Secure Data Analytics in Apache Spark with Fine-grained Policy Enforcement and Isolated Execution Cloud based Spark platform is a tempting approach for sharing data, as…
-
NDSS 2025 Secure Data Analytics
Session 10A: Confidential Computing 2 Authors, Creators & Presenters: Byeongwook Kim (Seoul National University), Jaewon Hur (Seoul National University), Adil Ahmad (Arizona State University), Byoungyoung Lee (Seoul National University) PAPER Secure Data Analytics in Apache Spark with Fine-grained Policy Enforcement and Isolated Execution Cloud based Spark platform is a tempting approach for sharing data, as…
-
Data Leak Exposes 149M Logins, Including Gmail, Facebook
A massive unsecured database exposed 149 million logins, raising concerns over infostealer malware and credential theft. The post Data Leak Exposes 149M Logins, Including Gmail, Facebook appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-149-million-passwords-exposed-infostealer-database/
-
Ransomware Hackers Leak Under Armour Customer Data
Russia-Linked Ransomware Group Dumps Customer Data After Failed Extortion Attempt. Under Armour may trade on the blood, sweat, respect slogan, but a Russia-linked ransomware group hasn’t been abiding, after they stole data pertaining to 72.7 million of the athleisure giant’s customers, then leaked it on darkweb sites after saying the retailer refused to pay a…
-
ShinyHunters claims Okta customer breaches, leaks data belonging to 3 orgs
‘A lot more’ victims to come, we’re told First seen on theregister.com Jump to article: www.theregister.com/2026/01/23/shinyhunters_claims_okta_customer_breaches/
-
ShinyHunters Leak Alleged Data of Millions From SoundCloud, Crunchbase and Betterment
ShinyHunters claim more data breaches and leaks are coming soon! First seen on hackread.com Jump to article: hackread.com/shinyhunters-leak-soundcloud-crunchbase-betterment-data/
-
When Data Leaks Don’t Look Like Breaches: The Instagram Exposure Explained
A recent disclosure revealed that data associated with more than 17.5 million Instagram accounts was exposed through a large-scale data leak, with records reportedly including user IDs, contact details, and account metadata, according to CyberPress. While no direct breach of Instagram’s core infrastructure has been publicly confirmed, the exposed dataset highlights a persistent challenge for…
-
Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs
Security vulnerabilities were uncovered in the popular open-source artificial intelligence (AI) framework Chainlit that could allow attackers to steal sensitive data, which may allow for lateral movement within a susceptible organization.Zafran Security said the high-severity flaws, collectively dubbed ChainLeak, could be abused to leak cloud environment API keys and steal sensitive files, or First seen…
-
Everest Ransomware Group Allegedly Claims Breach of McDonald’s India Systems
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive corporate and customer data. The threat actors posted breach details on their dark web leak site on January 20, 2026, threatening public release if McDonald’s fails to respond within their specified deadline. Scope of Alleged…
-
Everest Ransomware Group Allegedly Claims Breach of McDonald’s India Systems
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive corporate and customer data. The threat actors posted breach details on their dark web leak site on January 20, 2026, threatening public release if McDonald’s fails to respond within their specified deadline. Scope of Alleged…
-
Everest Ransomware Group Allegedly Claims Breach of McDonald’s India Systems
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive corporate and customer data. The threat actors posted breach details on their dark web leak site on January 20, 2026, threatening public release if McDonald’s fails to respond within their specified deadline. Scope of Alleged…
-
Gemini AI assistant tricked into leaking Google Calendar data
Using only natural language instructions, researchers were able to bypass Google Gemini’s defenses against malicious prompt injection and create misleading events to leak private Calendar data. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/gemini-ai-assistant-tricked-into-leaking-google-calendar-data/
-
Exploiting Google Gemini to Abuse Calendar Invites Illustrates AI Threats
Researchers with security firm Miggo used an indirect prompt injection technique to manipulate Google’s Gemini AI assistant to access and leak private data in Google Calendar events, highlighting the challenges AI presents that traditional security measures can’t address. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/exploiting-google-gemini-to-abuse-calendar-invites-illustrates-ai-threats/
-
Exploiting Google Gemini to Abuse Calendar Invites Illustrates AI Threats
Researchers with security firm Miggo used an indirect prompt injection technique to manipulate Google’s Gemini AI assistant to access and leak private data in Google Calendar events, highlighting the challenges AI presents that traditional security measures can’t address. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/exploiting-google-gemini-to-abuse-calendar-invites-illustrates-ai-threats/
-
Exploiting Google Gemini to Abuse Calendar Invites Illustrates AI Threats
Researchers with security firm Miggo used an indirect prompt injection technique to manipulate Google’s Gemini AI assistant to access and leak private data in Google Calendar events, highlighting the challenges AI presents that traditional security measures can’t address. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/exploiting-google-gemini-to-abuse-calendar-invites-illustrates-ai-threats/
-
Hackathon Projects Show AI Wellness Apps Can Leak Sensitive User Info
As emotional computing applications proliferate, the security threats they face require frameworks beyond traditional approaches. First seen on hackread.com Jump to article: hackread.com/hackathon-projects-ai-wellness-apps-data-leak/
-
StealC malware control panel flaw leaks details on active attacker
Researchers uncovered an XSS flaw in StealC malware’s control panel, exposing key details about a threat actor using the info stealer. StealC is an infostealer that has been active since at least 2023, sold as Malware-as-a-Service to steal cookies and passwords. In 2025, its operators released StealC v2, but the web panel quickly leaked and…
-
Unmasked by Leaks: The Hidden Backbone of a Ransomware Operation
The leaks tied to the BlackBasta ransomware group and Russian hosting company Media Land pulled back the curtain on something defenders rarely get to see: the internal machinery and people behind a major ransomware operation. In February 2025, an unknown individual using the handle ExploitWhispers appeared on Telegram and published a massive archive of BlackBasta’s internal chats…
-
Hacker pleads guilty to hacking Supreme Court, AmeriCorps, and VA Systems
An actor who goes online with the alias @ihackthegovernment posted stolen personal data from his victims, including the U.S. Supreme Court. Nicholas Moore, 24, from Tennessee, pleaded guilty to repeatedly hacking the U.S. Supreme Court’s electronic filing system. Court documents reveal he used his Instagram account to leak data from several of his victims. >>Nicholas…
-
New OpenAI leak hints at upcoming ChatGPT features
OpenAI is internally testing a new update for ChatGPT, at least on the web. It’ll begin rolling out in the coming weeks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/new-openai-leak-hints-at-upcoming-chatgpt-features/
-
2025 Threat Landscape in Review: Lessons for Businesses Moving Into 2026
Tags: access, ai, application-security, attack, authentication, awareness, backdoor, breach, business, captcha, cloud, compliance, container, control, credentials, credit-card, cybersecurity, data, data-breach, ddos, defense, encryption, exploit, finance, firewall, flaw, google, identity, infrastructure, intelligence, leak, malicious, mitigation, monitoring, network, pypi, risk, service, software, strategy, supply-chain, threat, tool, vulnerability, windows2025 Threat Landscape in Review: Lessons for Businesses Moving Into 2026 andrew.gertz@t“¦ Thu, 01/15/2026 – 16:48 Nadav Avital – Senior Director of Threat Research at Thales More About This Author > 2025 was a year that tested how businesses think about security. Some attacks happened in new, unexpected ways, while others employed old tricks, taken…
-
Fortinet fixed two critical flaws in FortiFone and FortiSIEM
Fortinet fixed six security flaws, including two critical bugs in FortiFone and FortiSIEM that attackers could exploit without authentication. Fortinet released patches for six vulnerabilities, including two critical flaws in FortiFone and FortiSIEM that could be exploited without authentication to leak configuration data or enable code execution. The first vulnerabilty, tracked as CVE-2025-64155 (CVSS score…
-
Leaked Data Exposes Thousands of Border Patrol, ICE Agents After Renee Good Shooting
A reported DHS leak exposed personal details of about 4,500 ICE and Border Patrol agents after a Minneapolis shooting, raising safety and ethics concerns. The post Leaked Data Exposes Thousands of Border Patrol, ICE Agents After Renee Good Shooting appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-leaked-data-exposes-thousands-border-patrol-ice-agents/
-
DragonForce Ransomware Breakdown and Decryptor for ESXi Windows
Security researchers have published an in”‘depth technical analysis of the DragonForce ransomware operation, along with details of working decryptors for both Windows and ESXi systems targeting specific victims. By the time its dedicated Data Leak Site (DLS) was identified later that month, 17 victim organizations had already been listed. DragonForce markets itself as a cartel…
-
Cybercrime und Desinformation – Fake-Leaks als Mittel der Cybererpressung
First seen on security-insider.de Jump to article: www.security-insider.de/fake-leaks-cybererpressung-ransomware-a-0117c0adbed3cf60df8fc018dee3f256/
-
Cybercrime und Desinformation – Fake-Leaks als Mittel der Cybererpressung
First seen on security-insider.de Jump to article: www.security-insider.de/fake-leaks-cybererpressung-ransomware-a-0117c0adbed3cf60df8fc018dee3f256/
-
Cybercrime und Desinformation – Fake-Leaks als Mittel der Cybererpressung
First seen on security-insider.de Jump to article: www.security-insider.de/fake-leaks-cybererpressung-ransomware-a-0117c0adbed3cf60df8fc018dee3f256/
-
Hacker Claims Full Breach of Russia’s Max Messenger, Threatens Public Leak
A hacker claims a full breach of Russia’s Max Messenger, threatening to leak user data and backend systems if demands are not met. First seen on hackread.com Jump to article: hackread.com/hacker-russia-max-messenger-breach-data-leak/
-
Fortinet fixed two critical flaws in FortiFone and FortiSIEM
Fortinet fixed six security flaws, including two critical bugs in FortiFone and FortiSIEM that attackers could exploit without authentication. Fortinet released patches for six vulnerabilities, including two critical flaws in FortiFone and FortiSIEM that could be exploited without authentication to leak configuration data or enable code execution. The first vulnerabilty, tracked as CVE-2025-64155 (CVSS score…