Topic: unauthorized access
-
Judge Halts Perplexity AI from Shopping on Amazon
A federal judge issued a preliminary injunction against AI company Perplexity, barring its automated agents from making unauthorized purchases on Amazon after finding compelling evidence of unauthorized account access. Amazon's lawsuit alleged Perplexity's AI, via its Comet browser, intruded on i...
Read More » -
Senate Probe Exposes DOGE Takeover: Armed Guards, Muscle Milk
A Senate investigation revealed that the Department of Government Efficiency (DOGE), established under Elon Musk, operated covertly within federal agencies with minimal oversight, raising concerns about a potential catastrophic data breach and unclear chains of command. DOGE systematically infilt...
Read More » -
DHS Data Hub Leaked Sensitive Intel to Thousands
A misconfigured DHS online platform exposed 439 classified intelligence products to thousands of unauthorized users, including government staff, contractors, and foreign nationals, over two months in early 2023. The leaked data included sensitive reports on cybersecurity threats, foreign hacking,...
Read More » -
SSA Whistleblower's Resignation Email Vanishes From Inboxes
An email from the Social Security Administration's chief data officer, Chuck Borges, detailing his forced resignation and whistleblower complaint over data mishandling, vanished from employee inboxes shortly after being sent. Borges alleged that the SSA improperly transferred sensitive personal d...
Read More » -
Flickr warns of data breach exposing user emails and names
A security flaw in an external email provider for a major photo-sharing platform potentially exposed user data like names, email addresses, and IP addresses, though financial data and passwords were not compromised. The company acted quickly to contain the breach, terminated access to the affecte...
Read More » -
Conduent Data Breach Exposes Data of 10.5 Million People
The cybersecurity breach at Conduent exposed personal data of over 10.5 million individuals, including sensitive information like Social Security numbers and medical records, with the SafePay ransomware gang claiming responsibility for the attack. Unauthorized access to Conduent's systems began i...
Read More » -
Infostealer Attacks Surge 800% - Protect Your Credentials Now
Identity-based attacks are surging, with 1.8 billion stolen credentials in early 2025, an 800% increase, highlighting the need for stronger defenses like multi-factor authentication (MFA). Over 20,000 new vulnerabilities were disclosed, with 12,200 not yet in the National Vulnerability Database (NV...
Read More » -
Cyber-Attacks Hit Three French Regional Healthcare Agencies
A coordinated cybersecurity breach compromised personal data of patients in multiple French regions, though medical records remained secure. Attackers used stolen credentials to impersonate healthcare professionals and access systems via regional e-health platforms. Authorities are taking action ...
Read More » -
Urgent: Unpatched ScreenConnect Servers Vulnerable to Attack
A critical vulnerability (CVE-2026-3564) in ScreenConnect allows attackers to hijack active sessions by exploiting weak cryptographic key handling in versions before 26.1. A successful attack could let unauthorized users remotely control the management instance, access employee computers, execute...
Read More » -
Starbucks Employee Data Breach Impacts Hundreds
A security breach at Starbucks compromised the personal data of several hundred employees by targeting the internal **Starbucks Partner Central** platform, which manages work schedules and payroll. The exposed data likely includes sensitive information like names and Social Security numbers, prom...
Read More » -
PayPal Data Breach Exposed User Info for 6 Months
A software flaw in PayPal's Working Capital loan platform exposed customer data, including Social Security numbers and addresses, for nearly six months due to a code change made in July 2025. PayPal fixed the flaw by December 13, 2025, is offering affected users two years of credit monitoring, an...
Read More » -
Senate Probe Finds DOGE Offices Barricaded, Windows Covered
A Senate investigation found that the Digital Office of Government Efficiency (DOGE) uploaded a live copy of the highly sensitive Social Security NUMIDENT database to an unmonitored cloud environment, bypassing oversight protocols. The data transfer was approved by SSA Chief Information Officers ...
Read More » -
The Rise of AI Auditors: Monitoring Model Behavior
AI auditors are emerging as a critical new profession to ensure AI systems operate safely, ethically, and within legal boundaries by monitoring for issues like bias and unpredictable outputs. Their multifaceted role involves comprehensive technical and behavioral oversight, including engineering ...
Read More » -
SMS Sign-In Links Put Millions at Risk
SMS-based authentication links are creating major security vulnerabilities, exposing users to fraud and identity theft across numerous online services due to easily guessable or enumerable tokens in the URLs. Attackers can exploit these weak tokens to access other users' accounts, view sensitive ...
Read More » -
Adidas Probes Data Breach Impacting 815,000 Customers
Adidas is investigating a potential data breach linked to a third-party service provider, though its own systems appear unaffected, highlighting cybersecurity risks in partner networks. A hacker group claims responsibility for stealing a dataset of 815,000 customer records, including sensitive pe...
Read More » -
Indian Bank Data Breach Exposes Thousands of Transfer Records
A significant data breach exposed 273,000 sensitive bank transfer documents from an unsecured Amazon S3 server, compromising account numbers, transaction details, and personal information linked to India's NACH payment system. The Indian fintech firm Nupay acknowledged responsibility for the leak...
Read More » -
How DOGE and 'Big Balls' Coristine Breached a Federal Payroll System
A startling breach of federal payroll systems unfolded earlier this year when two operatives linked to Elon Musk’s controversial Department of Government Efficiency (DOGE) gained sweeping access to sensitive government networks. Among them was Edward Coristine, a 19-year-old known online as "...
Read More » -
How Supply Chain Sprawl Is Reshaping Security
Businesses face significant cybersecurity risks due to supply chain sprawl, with vendor-related threats being a primary concern, especially for large enterprises and sensitive sectors. A lack of visibility into vendor security practices and outdated risk assessments leave organizations vulnerable...
Read More » -
TransUnion Data Breach Exposes 4.4 Million Customers' Personal Info
TransUnion experienced a data breach affecting 4.4 million customers, caused by unauthorized access to a third-party application used for consumer support. While the company claims no credit information was compromised, it has not provided evidence or clarified what personal data was exposed, rai...
Read More » -
Record Zero-Day Attacks Target Enterprise Software
The number of zero-day vulnerabilities exploited in attacks reached 90 in 2025, an all-time high for enterprise software and appliances. Enterprise technology became the primary target, with 48% of all zero-day exploits aimed at business software and appliances. Nearly half of these enterprise-ta...
Read More »