Founder of One of World’s Largest Hacker Forums Resentenced to Three Years in Prison
From the U.S. Department of Justice, September 16, 2025: Fitzpatrick will be serving his prison sentence at FCI Danbury.
China slaps 1-hour deadline on reporting serious cyber incidents
The Register reports that coming soon, entities in China will have only one hour from discovery to report a serious cyber incident — or even only 30 minutes if it is very serious: From November 1, the Cyberspace Administration of China (CAC) will enforce its new National Cybersecurity Incident Reporting Management Measures, a sweeping set of […]
Gucci, Balenciaga, Brioni, and Alexander McQueen allegedly hit by Salesforce attacks
More high-end retailers have reportedly fallen prey to Salesforce attacks. As first reported by DataBreaches.net, Gucci customer data was stolen last year. The data included more than 43 million records with customers’ names, age range, month and date of birth, email addresses, mobile phone numbers, addresses, total sales prices, and some additional information. The records […]
HHS Releases Updated Security Risk Assessment Tool
From HHS OCR:
18 Popular Code Packages Hacked, Rigged to Steal Crypto
KrebsOnSecurity reports: At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in maintaining the projects was phished. The attack appears to have been quickly contained and was narrowly focused on stealing cryptocurrency. But experts warn […]
Texas sues PowerSchool For Data Breach That Compromised the Personal Information of Over 880,000 Texas School-Aged Children and Teachers
From Texas Attorney General Ken Paxton: Attorney General Ken Paxton filed suit against PowerSchool, a California-based provider of cloud-based services for K-12 schools, after an unprecedented data breach exposed the sensitive personal identifying information and protected health information of more than 880,000 Texas school-aged children and teachers. PowerSchool’s software collects, processes, and secures sensitive information […]
Hackers linked to M&S breach claim responsibility for Jaguar Land Rover cyber-attack
The Guardian reports: A group of English-speaking hackers linked to the Marks & Spencer cyber-attack has claimed responsibility for an attack on Jaguar Land Rover. A channel on the Telegram platform posted a screenshot of what appeared to be the carmaker’s internal IT systems, as well as a news article detailing the hack. The name of […]
Palo Alto Networks data breach exposes customer info, support cases
Bleeping Computer reports that Palo Alto Networks (PAN) has become another victim of the Salesloft Drift / Salesforce campaign: Palo Alto Networks suffered a data breach that exposed customer data and support cases after attackers abused compromised OAuth tokens from the Salesloft Drift breach to access its Salesforce instance. The company states that it was […]
Google issues warning for all Gmail users
Updated September 1, 2025: Google issued a warning to all Gmail users, but then responded to headlines suggesting that there was any urgent problem or major security concern. Read Geekspin’s coverage, below, and then Google’s statement from September 1. Cyber threat looms for Gmail users following Salesforce data breach Google has issued a stark warning […]
FBI cyber cop: Salt Typhoon pwned ‘nearly every American’
China’s Salt Typhoon cyberspies hoovered up information belonging to millions of people in the United States over the course of the years-long intrusion into telecommunications networks, according to what a top FBI cyber official told The Register: “There’s a good chance this espionage campaign has stolen information from nearly every American,” Michael Machtinger, deputy assistant […]