When the spyer becomes the spyee? TechBuzz reports: A hacktivist just turned the tables on half a million people who paid to spy on others. More than 536,000 payment records from customers of phone surveillance apps like uMobix, Xnspy, and Geofinder hit the open web this week, exposing email addresses and partial card numbers of […]
It’s not just those with millions of dollars in cryptocurrency who are at risk of violent kidnappings these days. Bloomberg News recently reported on a terrifying case: The pecking at the sliding glass door awoke Julia Goodwin shortly before midnight. She and her husband, Glenn, retirees in their 60s, first thought the noise might be […]
Fox News reports: Hackers have exposed personal and contact information tied to SoundCloud accounts, with data breach notification service Have I Been Pwned reporting impacts to approximately 29.8 million users. The breach hit one of the world’s largest audio platforms and left many users locked out with error messages before the company confirmed the incident. SoundCloud […]
Down, down, down go Conduent’s stock prices. Breaches by third-party vendors or business associates account for the majority of patient records breached in incidents. The 2025 Breach Barometer report, which includes more than HIPAA-covered entities, found that 77% of breached patient records resulted from business associate breaches. Some business associate breaches affect millions of patients […]
Fox News reports: President Donald Trump has filed a $10 billion lawsuit against the IRS, accusing the agency of unlawfully leaking his confidential tax returns in a politically motivated violation of federal privacy laws. A spokesman for Trump’s legal team told Fox News “a rogue, politically motivated” IRS employee disclosed private and confidential tax information involving Trump, his family […]
WebProNews reports: An AI toy called Grok exposed 50,000 conversation logs between children and the device to anyone with a Gmail account due to a cloud storage misconfiguration, raising serious questions about data security, regulatory compliance, and the protection of children’s privacy in AI-enabled products. … According to Wired, the breach originated from a fundamental misconfiguration […]
The Record reports: Websites for the RAMP cybercrime forum, a notorious Russian marketplace widely used by ransomware groups and initial access brokers, have been replaced with a splash page declaring they have been seized by the FBI. Domain name server (DNS) records reportedly initially showed RAMP’s clearnet site redirecting to an FBI domain regularly used […]
SuspectFile reports that two well-known ransomware gangs independently attacked and encrypted files from Resource Corporation of America (RCA), a revenue cycle management business associate headquartered in Texas. What happened next is not totally clear because neither the Qilin gang nor the victim provided any details, but SuspectFile reports that the Medusa gang provided some information […]
BleepingComputer reports: The ShinyHunters extortion gang claims it is behind a wave of ongoing voice phishing attacks targeting single sign-on (SSO) accounts at Okta, Microsoft, and Google, enabling threat actors to breach corporate SaaS platforms and steal company data for extortion. In these attacks, threat actors impersonate IT support and call employees, tricking them into […]
SLSH Malicious “Supergroup” Targeting 100+ Organizations via Live Phishing Panels
Silent Push reports: A massive identity-theft campaign is currently active, targeting Okta Single Sign-On (SSO) and other SSO platform accounts across 100+ high-value enterprises. Silent Push has identified a surge in infrastructure deployment that mirrors the TTPs (Tactics, Techniques, and Procedures) of SLSH—a predatory alliance between Scattered Spider, LAPSUS$, and ShinyHunters. This isn’t a standard automated spray-and-pray attack; it is a […]