Instagram Data Leak Exposes Sensitive Information of Millions
An Instagram data leak affecting roughly 17.5 million accounts highlights how large-scale data aggregation and third-party exposure continue to threaten user privacy.
Category: Data Breaches
Read More
MongoDB CVE-2025-14847 Affects Database Access Controls
A MongoDB vulnerability tracked as CVE-2025-14847 highlights how weaknesses in access control handling can expose database environments to unauthorized access and data compromise.
TeamViewer DEX Vulnerabilities Expose Enterprise Endpoint Risks
Multiple vulnerabilities in TeamViewer DEX expose risks in enterprise endpoint monitoring platforms, raising concerns about unauthorized access, telemetry abuse, and internal reconnaissance within corporate environments.
Trust Wallet Chrome Extension Hack Exposes Browser Wallet Risk
A security incident involving the Trust Wallet Chrome extension shows how attackers can abuse browser extension architecture to compromise cryptocurrency wallets and silently expose user funds.
Fake npm WhatsApp API Library Found Stealing Sensitive Data
A malicious npm package posing as a WhatsApp API library was found harvesting login tokens, messages, and contacts from developers, demonstrating a sophisticated supply chain attack that can persistently link attacker devices to compromised WhatsApp accounts.
700Credit Breach Highlights API Security Gaps in Dealer Systems
A breach at 700Credit exposed sensitive personal information of millions of vehicle dealership customers due to an API validation flaw. This analysis examines the incident details, response actions, and key cybersecurity lessons for enterprises.
UK issues major LastPass data breach fine following 2022 incident
UK regulators have fined LastPass for security failures linked to the 2022 breach that exposed vault metadata for 16 million users. The incident revealed significant operational gaps and raised industry-wide questions about password-management safety.
ClickFix AI Attack Uses Grok and ChatGPT to Deliver Malware
A new ClickFix-style attack abuses Grok and ChatGPT to deliver malware by convincing users to run malicious commands disguised as troubleshooting advice. This article explains how the attack works and how defenders can detect and prevent it.
GlobalProtect Login Surge 2025: 2.3M VPN Attempts Exposed
Security teams should treat the recent spike in login traffic against GlobalProtect portals as a serious alarm. Between November 14 and 19, 2025, threat-intelligence sensors logged roughly 2.3 million sessions hitting the /global-protect/login.esp endpoint on PAN-OS and GlobalProtect gateways. That represents a nearly 40× increase in daily scan volume, hitting the highest level seen in…
Cl0p Attack Hits Barts Health: Full Invoice Database Leaked
Cl0p ransomware exploited a zero-day in Oracle E-Business Suite to steal years of invoice data from Barts Health NHS Trust. The leak exposed names, addresses, and payment info of patients, staff, and suppliers, now circulating on the dark web. Learn what was compromised, who’s at risk, and how to protect yourself.