Topic: data breaches
-
Take Back Control of Your Online Shopping Data
Online shopping involves extensive collection and sharing of personal data, often without full user awareness or consent, posing significant privacy risks. Data is frequently stored indefinitely and shared with third parties, increasing exposure to breaches, misuse, and targeted scams, as seen in...
Read More » -
149 Million Accounts Exposed in Major Data Breach
A massive, unprotected database containing 149 million usernames and passwords was discovered, exposing credentials for major email, social media, financial, and government websites. The database was actively updated and left completely open for a month before being secured, highlighting a slow a...
Read More » -
2025's Most Devastating Cyberattacks Exposed
The cyber threat landscape has shifted towards sophisticated supply chain attacks, where breaches of third-party vendors like Gainsight and Salesloft led to widespread data exposure at major corporations including Cloudflare, Verizon, and Cisco. The Clop ransomware group exploited a critical vuln...
Read More » -
SMBs Hike Prices After Cyberattacks: The "Cyber Tax"
A majority (81%) of American small businesses experienced a security breach last year, with 38% of those affected directly raising prices for customers, creating a hidden "cyber tax" that contributes to inflation. AI-powered attacks were a primary cause for 41% of breached businesses, enabling so...
Read More » -
Proton: 300 Million Records Breached This Year
A staggering 300 million individual records have been exposed in data breaches this year, according to the Data Breach Observatory, a collaboration between Proton and Constella Intelligence. Small and medium-sized businesses were the primary targets, with nearly half of all breaches affecting com...
Read More » -
Healthcare Breach Hits 600k, ShinyHunters Strike, DeepSeek Bias Exposed
Healthcare and luxury brands face significant cybersecurity threats, with major breaches at Goshen Medical Center and Kering-owned fashion labels exposing sensitive data of hundreds of thousands. Critical software vulnerabilities, such as Chaotic Deputy in Chaos-Mesh, and AI-generated code biases...
Read More » -
Chanel & Pandora Hacked in Ongoing Salesforce Cyberattack
Luxury brands Chanel and Pandora experienced data breaches via compromised Salesforce accounts, exposing customer information and highlighting third-party platform vulnerabilities. Stolen data (names, emails, addresses) can enable phishing and identity fraud, with experts warning about insufficie...
Read More » -
Infostealer Attacks Surge 800% - Protect Your Credentials Now
Identity-based attacks are surging, with 1.8 billion stolen credentials in early 2025, an 800% increase, highlighting the need for stronger defenses like multi-factor authentication (MFA). Over 20,000 new vulnerabilities were disclosed, with 12,200 not yet in the National Vulnerability Database (NV...
Read More » -
The Tea App Returns: Explore Our New Website
The Tea app, a controversial platform for women to anonymously review men, has relaunched with a new website after being removed from the Apple App Store due to major data breaches that exposed sensitive user information. In response to past security failures, the company has implemented enhanced...
Read More » -
Avast's Free AI Scam Protection Now Available Worldwide
Avast has globally launched its free AI scam protection tool, Scam Guardian, via its Free Antivirus platform to make advanced scam defense accessible to all, addressing the rise in AI-enhanced, personalized scams. The tool uses proprietary AI to analyze communication context and language, identif...
Read More » -
Apple Pulls Women's Dating Safety App from App Store
Apple removed the women's dating safety app Tea from its App Store for violating terms related to content moderation and user privacy, including the exposure of minors' personal information. Tea experienced multiple security breaches that exposed users' driver's licenses, selfies, and private mes...
Read More » -
Marketing's Next Crisis: The AI Oversight Gap
Marketing departments are rapidly adopting AI tools but face significant security risks due to inadequate governance, leading to potential data breaches and financial losses averaging millions of dollars. The use of unsanctioned "shadow AI" in marketing operations introduces vulnerabilities, comp...
Read More » -
Crypto at Risk: The Dangers of Outdated Encryption
The cryptocurrency industry faces critical security vulnerabilities, with no tested applications supporting post-quantum encryption and millions of user records already circulating on dark web markets, creating a "Harvest Now, Decrypt Later" risk. Despite overall concerns, exchanges like Coinbase...
Read More » -
Urgent: FortiWeb Flaw Exploited, Logitech Breach Exposed
A critical vulnerability in FortiWeb (CVE-2025-58034) is being actively exploited due to a stealth patch that left many administrators unaware of the necessary update. Logitech confirmed a data breach affecting limited employee and customer details, while a widespread Cloudflare outage disrupted ...
Read More » -
Secure Your Google Workspace: Protect Data, Not Just Access
Modern digital workplaces face security challenges from interconnected tools, where attackers exploit legitimate access tokens rather than breaching traditional perimeters. Recent incidents, like the Drift Email compromise, show that third-party integrations can bypass robust security frameworks,...
Read More » -
Unlock Better Security with a Password Audit
Regular password audits help organizations identify weak or exposed credentials and strengthen overall cybersecurity defenses by revealing vulnerabilities before they can be exploited. Weak password practices, such as widespread reuse and infrequent updates, contribute significantly to data breac...
Read More » -
61% of US Firms Hit by Insider Data Breaches
61% of US companies faced insider data breaches in the last two years, costing an average of $2.7 million per organization due to penalties and operational disruptions. Insider threats include both intentional malicious actions and unintentional mistakes, with file storage systems and web-based t...
Read More » -
SpyCloud Exposes Vendor Identity Risk with New Supply Chain Protection
SpyCloud's new platform addresses supply chain attacks by extending identity threat defense to third-party vendors, using actionable intelligence from the criminal underground to move beyond passive risk observation. The solution is critical as third-party involvement in data breaches has doubled...
Read More » -
US Cargo Firm Exposes Shipping Systems and Customer Data Online
Security experts warn that cyberattacks on logistics firms are enabling large-scale cargo theft, creating a dangerous alliance between hackers and organized crime that threatens global supply chains. A researcher discovered severe vulnerabilities in Bluspark Global's shipping software, including ...
Read More » -
Gartner's Dire Warning: Why It Says Block AI Browsers
Gartner advises businesses to immediately ban AI-powered browsers due to unresolved security vulnerabilities that prioritize convenience over robust enterprise safeguards. These autonomous browsers risk data breaches by potentially interacting with malicious sites or submitting sensitive informat...
Read More » -
Hacktivist DDoS Attacks Surge Against Government Sites
Hacktivist-driven DDoS attacks were the most frequent cybersecurity incidents in the public sector, accounting for 60% of cases, though they were not the most damaging. Data breaches and ransomware, often by cybercriminals and state actors, caused more severe impacts, targeting sensitive services...
Read More » -
Your Cybersecurity Mindset Is the Real Vulnerability
The primary cybersecurity vulnerability is not technical but organizational, stemming from collective mindset and culture rather than outdated systems or weak passwords. Building a true security culture requires integrating cybersecurity into daily workflows and decision-making, fostering shared ...
Read More » -
Cyber Security Month: Are You at Risk of a Cyber Crash?
This October's Cyber Security Awareness Month is a critical call to action for Australian businesses, emphasizing the urgent need to address digital vulnerabilities highlighted by recent data breaches and sophisticated phishing attacks. Organizations must modernize legacy technology and implement...
Read More » -
Insight to Acquire Cybersecurity Firm Sekuro
Insight Enterprises' Australian subsidiary is acquiring Sekuro to strengthen its cybersecurity offerings in the Asia Pacific region, addressing the increasing cyber threats faced by enterprises and governments. Sekuro provides comprehensive services including managed security, governance, and com...
Read More » -
Hackers Extort 39 Victims With New Data Leak Site
A new cybercriminal group, Scattered Lapsus$ Hunters, is extorting nearly 40 major corporations by threatening to leak stolen data from Salesforce databases obtained through social engineering. The stolen data includes personal and contact details, sensitive information like Social Security numbe...
Read More » -
PQC Adoption, Android Spyware, and FEMA Data Breach: Key Updates
Microsoft has enhanced its security products with AI-ready Sentinel and Security Copilot, enabling automated threat response and easier deployment through the Microsoft Security Store. Insider threats and data breaches were highlighted, including a bribery attempt on a BBC journalist and breaches...
Read More » -
Small Business Cyber Insurance Demand Jumps 50%
Small business cyber insurance adoption surged 50% in one year and 85% over three years, reflecting a major shift in risk management strategies. The increase is driven by growing awareness of cyberattacks' devastating financial impacts, including operational costs, legal fees, and reputational da...
Read More » -
1 in 5 Teens Have Dated AI or Know Someone Who Has
One in five high school students reports having or knowing someone with a romantic relationship with AI, and 42% have used AI for companionship, indicating a shift in youth-tech interactions. Schools with extensive AI integration face increased risks, including data breaches, deepfakes used for h...
Read More » -
Google Exposes Internal Security Threats
The profile of cybercriminals is shifting from state-sponsored actors to individuals, including teenagers in Western nations, who pose a growing internal threat. Groups like Scattered Spider, composed of minors from allied countries, engage in diverse criminal activities from sextortion to ransom...
Read More » -
Salesloft & Drift Breach Results, Malicious GitHub Installers Exposed
Major platforms like Salesloft and Drift were breached via unauthorized GitHub access, emphasizing the need for strong access controls and monitoring. A malvertising campaign in the EU is distributing fake GitHub Desktop installers to deliver malware, urging IT professionals to verify software so...
Read More » -
Relyance AI Data Defense Engineer: Securing AI-Driven Data
Relyance AI's Data Defense Engineer provides continuous, AI-driven monitoring and protection of data pathways, autonomously enforcing security policies without human intervention. The platform offers real-time visibility into data flows and allows security teams to query data movements in plain E...
Read More » -
NVIDIA Triton Server Exposes Critical Security Vulnerabilities
Security researchers discovered high-risk vulnerabilities in NVIDIA's Triton Inference Server, allowing attackers to remotely take control of systems without authentication. The flaws (CVE-2025-23319, CVE-2025-23320, CVE-2025-23334) could lead to model theft, data breaches, response manipulation,...
Read More » -
Fighting Next-Gen Financial Fraud: Key Strategies
Synthetic identity scams cost U.S. banks $6 billion annually, with criminals using data breaches and AI-powered tools to create and exploit fake identities. AI accelerates fraud by enabling large-scale scams, such as advance-fee schemes, where criminals target victims more efficiently and at mini...
Read More » -
Data Hoarding Risks: Financial & Security Dangers Exposed
Businesses face significant financial and security risks from data hoarding, as cybercriminals exploit vulnerabilities created by retaining unnecessary data. Nearly half of enterprises store unneeded data, leading to breaches and leaks, with 86% of organizations experiencing breaches in the past ...
Read More » -
Living in a World of Constant Threat Assessment
Insurance companies are adopting persistent threat evaluation, AI automation, and rigorous third-party risk management to enhance cybersecurity readiness and defend against sophisticated attacks. Daily threat assessments prioritize trustworthy intelligence, operational impact, and multi-source ve...
Read More » -
The Critical Role of Password Security in Cybersecurity
Password security remains critical despite advanced threats, with stolen credentials involved in nearly half of all breaches, highlighting the need for robust management strategies. Weaknesses stem from hybrid IT environments, forgotten legacy accounts, and predictable user behaviors like simple ...
Read More » -
FortiSIEM PoC Released, Rakuten Viber CISO on Messaging Risks
A critical FortiSIEM vulnerability (CVE-2025-64155) now has a public exploit, heightening the urgency for immediate patching, while other vendors like Cisco also addressed actively exploited flaws. Security teams are exploring unconventional intelligence sources, such as torrent metadata, and fac...
Read More » -
New npm Worm Threatens Software Supply Chain
A sophisticated worm called Shai-Hulud is actively stealing developer credentials and spreading across hundreds of npm packages, impacting millions of users and threatening the global software supply chain. The worm has evolved into a "Second Coming" version, now targeting high-profile projects a...
Read More » -
Why Attackers Are Phishing on LinkedIn
Phishing attacks have expanded beyond email, with 34% now occurring on platforms like LinkedIn, targeting executives in finance and tech sectors, but are severely underreported due to reliance on email-focused security metrics. LinkedIn phishing evades conventional defenses by bypassing email sec...
Read More » -
Zero Trust: Slash Cyber Risk and Insurance Claims
Businesses in Australia and Oceania are facing a sharp rise in sophisticated cyberattacks, and adopting a Zero Trust security architecture can significantly reduce both the frequency and financial impact of these incidents. Research shows that implementing Zero Trust could have prevented up to 42...
Read More » -
Netgear's New Enterprise Security for Small Businesses
Netgear has launched the Exium platform, an all-in-one SASE and hybrid firewall solution specifically designed for small and medium enterprises to address their critical cybersecurity needs. The platform integrates advanced features like AI-driven zero-trust network access, secure web gateway, SD...
Read More » -
CISOs Bet on Metadata as Key to 2026 Cyber Defense
Metadata is becoming central to cybersecurity defense strategies for 2026, with 86% of CISOs emphasizing its importance alongside packet-level data for enhancing security posture. AI is viewed as both a transformative technology and a challenge, accelerating digital transformation while increasin...
Read More » -
Google's Dark Web Report Feature Discontinued in February
Google will retire its dark web monitoring tool in February 2026, citing user feedback that the alerts lacked actionable next steps for addressing data exposures. The tool, which scanned for personal information in data breaches, is being replaced by integrated security features like Security Che...
Read More » -
Google AI Security Expert's Forbidden Chatbot Secrets
Treat interactions with public AI chatbots as public communications, never sharing sensitive personal or financial information, as this data can be used for model training or exposed in a breach. Use enterprise-grade AI solutions for work-related tasks, as they are designed not to train on user d...
Read More » -
How Supply Chain Sprawl Is Reshaping Security
Businesses face significant cybersecurity risks due to supply chain sprawl, with vendor-related threats being a primary concern, especially for large enterprises and sensitive sectors. A lack of visibility into vendor security practices and outdated risk assessments leave organizations vulnerable...
Read More » -
Compliance Isn't Enough: Rethinking Password Security
Compliance frameworks provide a necessary cybersecurity baseline but are insufficient for true security, as they are reactive and create a false sense of safety against evolving threats. A compliance-only approach overlooks unique organizational risks and fosters a checkbox mentality, leaving sys...
Read More » -
Employees Are Outsmarting Company Security Controls
Rapid adoption of AI, SaaS, and personal devices is reshaping work, but traditional security measures like SSO and IAM are failing to keep pace, creating an "access-trust gap." Widespread AI usage sees 73% of employees using AI tools, yet over a third ignore guidelines, and 27% use unauthorized A...
Read More » -
Secure AI Operations with Akeyless AI Agent Identity
Businesses face urgent security challenges from autonomous AI agents, with Akeyless launching a comprehensive AI Agent Identity Security solution to address vulnerabilities from AI-driven identities. AI agents possess inherent design flaws, such as maintaining awareness of their credentials, whic...
Read More » -
US Data at Risk as Key Cyber Law Expires
The Cybersecurity Information Sharing Act (CISA 2015) has expired, removing legal immunity for companies that share cyber threat intelligence and exposing them to lawsuits. Experts warn the lapse undermines national security by discouraging threat data sharing, increasing risks like software supp...
Read More » -
UK Renews Push for Apple to Unlock Encrypted iCloud Data
The UK government is pressuring Apple to create access to encrypted iCloud data for British users, despite previous claims that such efforts had stopped. Apple has removed its Advanced Data Protection feature from the UK market and reaffirmed its commitment to not building backdoors into its serv...
Read More »