Instagram Data Leak Exposes Sensitive Information of Millions
An Instagram data leak affecting roughly 17.5 million accounts highlights how large-scale data aggregation and third-party exposure continue to threaten user privacy.
Tag: leak
Read More
MongoDB CVE-2025-14847 Affects Database Access Controls
A MongoDB vulnerability tracked as CVE-2025-14847 highlights how weaknesses in access control handling can expose database environments to unauthorized access and data compromise.
TeamViewer DEX Vulnerabilities Expose Enterprise Endpoint Risks
Multiple vulnerabilities in TeamViewer DEX expose risks in enterprise endpoint monitoring platforms, raising concerns about unauthorized access, telemetry abuse, and internal reconnaissance within corporate environments.
Trust Wallet Chrome Extension Hack Exposes Browser Wallet Risk
A security incident involving the Trust Wallet Chrome extension shows how attackers can abuse browser extension architecture to compromise cryptocurrency wallets and silently expose user funds.
Fake npm WhatsApp API Library Found Stealing Sensitive Data
A malicious npm package posing as a WhatsApp API library was found harvesting login tokens, messages, and contacts from developers, demonstrating a sophisticated supply chain attack that can persistently link attacker devices to compromised WhatsApp accounts.
UK issues major LastPass data breach fine following 2022 incident
UK regulators have fined LastPass for security failures linked to the 2022 breach that exposed vault metadata for 16 million users. The incident revealed significant operational gaps and raised industry-wide questions about password-management safety.
GlobalProtect Login Surge 2025: 2.3M VPN Attempts Exposed
Security teams should treat the recent spike in login traffic against GlobalProtect portals as a serious alarm. Between November 14 and 19, 2025, threat-intelligence sensors logged roughly 2.3 million sessions hitting the /global-protect/login.esp endpoint on PAN-OS and GlobalProtect gateways. That represents a nearly 40× increase in daily scan volume, hitting the highest level seen in…
Cl0p Attack Hits Barts Health: Full Invoice Database Leaked
Cl0p ransomware exploited a zero-day in Oracle E-Business Suite to steal years of invoice data from Barts Health NHS Trust. The leak exposed names, addresses, and payment info of patients, staff, and suppliers, now circulating on the dark web. Learn what was compromised, who’s at risk, and how to protect yourself.
Crisis24’s OnSolve CodeRED Exposes Data and Disrupts Alerts
A cyberattack on Crisis24’s OnSolve CodeRED platform disrupted emergency alerts for cities, counties, police and fire agencies across the U.S. The INC Ransom group claims responsibility, with stolen resident data, clear-text passwords and a rollback to older backups now forcing agencies to rebuild their notification capabilities and review credential hygiene.
Unauthorized Data Access in Salesforce Published Applications
Salesforce has flagged a significant incident where applications published by Gainsight enabled unauthorized access to customer data via OAuth tokens. This article breaks down what happened, why third-party integrations are the new attack surface, and how defenders can respond immediately.