LATEST POST
18 Popular Code Packages Hacked, Rigged to Steal Crypto
KrebsOnSecurity reports: At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have been quickly contained and was narrowly focused on stealing cryptocurrency. But experts warn […]
Burger King hacked, systems described as ‘solid as a paper Whopper wrapper in the rain’; Tim Hortons and Popeyes hacked too
What happens when you don’t acknowledge ethical hackers? Sometimes nothing, but sometimes you get a lot of negative coverage. Tom’s Hardware reports: Ethical hackers BobDaHacker and BobTheShoplifter have detailed their claim that they uncovered “catastrophic” vulnerabilities in multiple platforms hosted by Restaurant Brands International (RBI). While RBI may not be a very familiar name, this […]
Texas sues PowerSchool For Data Breach That Compromised the Personal Information of Over 880,000 Texas School-Aged Children and Teachers
From Texas Attorney General Ken Paxton: Attorney General Ken Paxton filed suit against PowerSchool, a California-based provider of cloud-based services for K-12 schools, after an unprecedented data breach exposed the sensitive personal identifying information and protected health information of more than 880,000 Texas school-aged children and teachers. PowerSchool’s software collects, processes, and secures sensitive information […]
Cloudflare Confirms Data Breach – Customer Data Exposed via Salesforce Attack
GBHackers reports: Cloudflare has disclosed a significant data breach affecting customer information following a sophisticated supply chain attack targeting its Salesforce integration with Salesloft Drift. The incident, which occurred between August 12-17, 2025, resulted in the exposure of customer support case data and potentially sensitive credentials shared through support channels. The cybersecurity company became aware […]
Dutch Lab Cancer Screening Hack Balloons to 941,000 Victims
BankInfoSecurity reports: With ransomware gang Nova threatening to leak patient data on the darkweb, a Dutch laboratory that performs cervical cancer tests for a government screening program is mum about the ransom negotiations, but it says the cyberattack in July has affected 941,000 patients – nearly double the initial estimate of 485,000 people. Bevolkingsonderzoek Nederland, […]
District of Arizona Clarifies Causes of Action Available for Breach of Health Data
Healthcare providers wrestling with the legal fallout of cyber-attacks just received a fresh reminder from the District of Arizona: traditional tort and contract theories remain difficult to sustain after a breach, but consumer-fraud statutes can keep a case alive. In Johnson v. Yuma Regional Medical Center, fourteen patients sued the hospital after a ransomware incident exposed […]
Hackers linked to M&S breach claim responsibility for Jaguar Land Rover cyber-attack
The Guardian reports: A group of English-speaking hackers linked to the Marks & Spencer cyber-attack has claimed responsibility for an attack on Jaguar Land Rover. A channel on the Telegram platform posted a screenshot of what appeared to be the carmaker’s internal IT systems, as well as a news article detailing the hack. The name of […]
More Personal Injury Lawyers Are Chasing Data-Breach Settlements
“U.S. lawyers filed 1,488 class-action lawsuits related to data breaches in 2024, up from 1,320 in 2023 and just 604 in 2022.” The Wall Street Journal reports: A growing number of personal injury lawyers are adding data-breach lawsuits to caseloads, alongside traffic accidents, medical malpractice and dog bites. The upswing is being fueled by a […]