Tag: leak
-
Datenleck-Websites: Das Druckmittel der Ransomware-Bande von heute
Wenn Unternehmensdaten auf einer Leak-Site offengelegt werden, kann dies langfristige Folgen haben First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/ransomware/datenleck-websites-das-druckmittel-der-ransomware-bande-von-heute/
-
ShinyHunters claims it drove off with 1.7M CarGurus records
Latest in a rash of grab-and-leak data incidents First seen on theregister.com Jump to article: www.theregister.com/2026/02/18/shinyhunters_cargurus_breach/
-
ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories
The cyber threat space doesn’t pause, and this week makes that clear. New risks, new tactics, and new security gaps are showing up across platforms, tools, and industries, often all at the same time.Some developments are headline-level. Others sit in the background but carry long-term impact. Together, they shape how defenders need to think about…
-
Figure Breach Enters New Phase After Data Leak Claims
The data breach disclosed by fintech lender Figure Technology Solutions is moving beyond a contained security incident, as reports that stolen customer information is circulating online coincide with early legal investigations. The developments mark the point where an internal breach begins to create broader consumer risk and potential liability. Latest Developments Data associated with the……
-
ShinyHunters allegedly drove off with 1.7M CarGurus records
Latest in a rash of grab-and-leak data incidents First seen on theregister.com Jump to article: www.theregister.com/2026/02/18/shinyhunters_cargurus_breach/
-
A new approach for GenAI risk protection
Solution 1: GenAI enterprise model: Implement enterprise licenses for approved GenAI solutions (such as ChatGPT Enterprise or Microsoft CoPilot 365, which is integrated into existing O365 tenants). Enterprise GenAI solutions typically include a robust set of built-in security tools that allow organizations to secure their data and implement DLP controls within the enterprise GenAI solution…
-
0APT Ransomware Group Claims 200 Victims, Fails to Provide Proof
A new ransomware-as-a-service (RaaS) outfit calling itself 0APT has quickly drawn attention for all the wrong reasons, after loudly claiming to have compromised around 200 victims while failing to provide any verifiable proof of compromise. Emerging on or around January 28, 2026, the group launched a dark web data leak site (DLS) and rapidly populated it with…
-
Man arrested for demanding reward after accidental police data leak
Dutch authorities arrested a 40-year-old man after he downloaded confidential documents that had been mistakenly shared by the police and refused to delete them unless he received “something in return.” First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/man-arrested-for-demanding-reward-after-accidental-police-data-leak/
-
Canada Goose ruffles feathers over 600K record dump, says leak is old news
Tags: leakFashion brand latest to succumb to ShinyHunters’ tricks First seen on theregister.com Jump to article: www.theregister.com/2026/02/16/canada_goose_shinyhunters/
-
ShinyHunters leaked 600K+ Canada Goose customer records, but the firm denies it was breached
ShinyHunters leaked 600,000+ Canada Goose customer records, though the company insists its systems were not breached. Data extortion group ShinyHunters has published over 600,000 Canada Goose customer records on its data leak site. Canada Goose is a Canadian luxury outerwear company best known for high”‘end, cold”‘weather jackets and parkas. Founded in 1957 and headquartered in…
-
Canada Goose investigating as hackers leak 600K customer records
ShinyHunters, a well-known data extortion group, claims to have stolen more than 600,000 Canada Goose customer records containing personal and payment-related data. Canada Goose told BleepingComputer the dataset appears to relate to past customer transactions and that it has not found evidence of a breach of its own systems. First seen on bleepingcomputer.com Jump to…
-
Canada Goose investigating as hackers leak 600K customer records
ShinyHunters, a well-known data extortion group, claims to have stolen more than 600,000 Canada Goose customer records containing personal and payment-related data. Canada Goose told BleepingComputer the dataset appears to relate to past customer transactions and that it has not found evidence of a breach of its own systems. First seen on bleepingcomputer.com Jump to…
-
Canada Goose investigating as hackers leak 600K customer records
ShinyHunters, a well-known data extortion group, claims to have stolen more than 600,000 Canada Goose customer records containing personal and payment-related data. Canada Goose told BleepingComputer the dataset appears to relate to past customer transactions and that it has not found evidence of a breach of its own systems. First seen on bleepingcomputer.com Jump to…
-
The Epstein Files Reveal Stunning Operational Security Fails
Plaintext Emails Trigger Police Probes Into Potential Leaks of State Secrets The volume of information contained in the Epstein Files, bizarre pictures they paint and our inability to know what they don’t document complicate attempts to understand what it all means. What is clear is the digital detritus that can be generated by just a…
-
Gartner® Names Tenable as the Current Company to Beat for AI-Powered Exposure Assessment in a 2025 Report
Tags: access, ai, api, attack, automation, business, cloud, container, cyber, cybersecurity, data, exploit, finance, flaw, gartner, governance, identity, intelligence, iot, leak, network, risk, service, technology, threat, tool, update, vulnerability“Tenable’s asset and attack surface coverage, its application of AI and its reputation for vulnerability assessment makes it the front-runner in AI-powered exposure assessment,” Gartner writes in “AI Vendor Race: Tenable Is the Company to Beat for AI-Powered Exposure Assessment.” Key Takeaways from Tenable: This is the latest among a recent string of recognitions Tenable…
-
World Leaks Ransomware Group Adds Stealthy, Custom Malware ‘RustyRocket’ to Attacks
Accenture Cybersecurity warns over difficult to detect, “sophisticated toolset” being deployed as part of extortion campaigns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/world-leaks-ransomware-rustyrocket/
-
Adblock Filters Expose User Location Even With VPN Protection
A new fingerprinting technique called >>Adbleed<< reveals that VPN users aren't as anonymous as they think. While VPNs hide your IP address and encrypt traffic, they can't conceal which country-specific adblock filter lists are installed in your browser and that's enough to expose your location. How Adblockers Create a Privacy Leak Most adblockers like uBlock…
-
Devilish devs spawn 287 Chrome extensions to flog your browser history to data brokers
Add-ons with 37M installs leak visited URLs to 30+ recipients, researcher says First seen on theregister.com Jump to article: www.theregister.com/2026/02/11/security_researcher_287_chrome_extensions_data_leak/
-
A New Data Theft Gang for the Health Sector to Lose Sleep Over
Newcomer ‘Insomnia’ Appears to Favor US Healthcare-Related Entities. A new cybercriminal gang, Insomnia, appears to have its eyes wide open for potential healthcare-related targets. Since surfacing on the darkweb in recent weeks, the apparent data theft group has chalked up 18 alleged victims on its data leak site, with more than half having ties to…
-
Fake Out: 0APT Data-Leak Ransomware Group Branded a Scam
Bitcoin Joining Fee for Affiliates and No Proven Victims Cited by Researchers. Newcomer ransomware group 0APT is being branded a likely scam operation, not least after a list of over 200 supposed victims turned out to be bogus, if not entirely AI-generated – never mind a 1 bitcoin joining fee for would-be affiliates and outdated…
-
AI agents spill secrets just by previewing malicious links
Zero-click prompt injection can leak data when AI agents meet messaging apps, researchers warn First seen on theregister.com Jump to article: www.theregister.com/2026/02/10/ai_agents_messaging_apps_data_leak/
-
25 Million Users Affected as AI Chat Platform Leaks 300 Million Messages
>>Chat & Ask AI,<< a highly popular mobile application available on both Google Play and the Apple App Store, has suffered a significant data exposure. An independent security researcher discovered a vulnerability that left approximately 300 million private messages accessible to the public. This breach impacts more than 25 million users, raising serious concerns about…
-
Over 5 Million Misconfigured Git Web Servers Found Exposing Secrets Online
A massive widespread vulnerability in web server configurations has left millions of websites open to data theft and unauthorised takeover. A new 2026 study conducted by the Mysterium VPN research team reveals that nearly 5 million web servers worldwide are publicly exposing their .git repository metadata. The Scale of the Leak The research scanned the internet for…
-
Nearly 5 Million Web Servers Found Exposing Git Metadata Study Reveals Widespread Risk of Code and Credential Leaks
A study found nearly 5 million servers exposing Git metadata, with 250,000 leaking deployment credentials via .git/config files. A new 2026 study by the Mysterium VPN research team reveals that nearly 5 million public web servers are exposing Git repository metadata, with over 250,000 of them exposing .git/config files containing deployment credentials. Such misconfigurations […]…
-
DragonForce Ransomware Targets Critical Businesses to Exfiltrate Sensitive Data
DragonForce is a ransomware group that emerged in late 2023 and has grown into a serious threat to businesses by combining data theft with file encryption. The group uses dual extortion: it steals sensitive data, encrypts systems, and then threatens to publish the stolen information on dark web leak sites if victims do not pay.”‹…
-
Harvard, UPenn Data Leaked in ShinyHunters Shakedown
Leaked Financial and Admissions Data Includes Contact Details for ‘Top Donors’. Harvard University has been named as a victim and doxed by hack-and-leak group ShinyHunters, apparently as a result of the cybercrime group’s ongoing live phishing attacks that often attempt to trick IT help desks into giving attackers direct access to a victim’s network and…
-
Victims Are Rebuffing Ransomware Mass Data Theft Campaigns
Revenue From Supply-Chain Attacks by Clop Group Sharply Fell, Report Investigators. Once lucrative steal-and-leak campaigns pioneered by Russian ransomware group Clop look set to go the way of the dinosaurs. While an estimated 25% of victims paid a ransom in the inaugural campaign five years ago, the number of victims that paid fell to zero…
-
LookOut: Discovering RCE and Internal Access on Looker (Google Cloud On-Prem)
Tenable Research discovered two novel vulnerabilities in Google Looker that could allow an attacker to completely compromise a Looker instance. Google moved swiftly to patch these issues. Organizations running Looker on-prem should verify they have upgraded to the patched versions. Key takeaways Two novel vulnerabilities: Tenable Research discovered a remote code execution (RCE) chain via…
-
Big Breach or Smooth Sailing? Mexican Gov’t Faces Leak Allegations
A hacktivist group claims a 2.3-terabyte data breach exposes the information of 36 million Mexicans, but no sensitive accounts are at risk, says government. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/big-breach-or-nada-de-nada-mexican-govt-faces-leak-allegations