GitHub confirmed that 3,800 internal repositories were compromised through a poisoned VS Code extension. The attackers are attempting to sell the code, highlighting critical vulnerabilities in developer toolchains and potential regulatory liabilities for the platform.
Kenji··2 min read
NYC Health + Hospitals has confirmed a massive data breach compromising the sensitive medical and biometric data of at least 1.8 million patients. The institution now faces significant regulatory scrutiny and potential class-action litigation.
Kenji··2 min read
NYC Health + Hospitals has confirmed a data breach affecting 1.8 million patients, with medical and biometric data, including fingerprints, stolen. The incident poses significant legal and regulatory risks.
Jessy··2 min read
Foxconn's ransomware attack underscores the vulnerability of global supply chains, while the spread of the 'Shai-Hulud' worm and debates over ransom payments reveal the mounting complexity of enterprise cybersecurity.
Jason··2 min read
Canvas LMS has suffered a major data breach claimed by the hacking group ShinyHunters, resulting in platform outages and exposing sensitive student data like email addresses and messaging logs.
Jason··2 min read
Surveillance vendors are exploiting cellular signaling protocols (SS7/Diameter) to track phone locations globally. Combined with the UK Biobank data leakage report, these incidents underscore systemic vulnerabilities in data security, demanding stricter global infrastructure oversight.
Jessy··2 min read
Vercel has confirmed a security breach involving the theft of employee data, potentially triggering GDPR/CCPA obligations and prompting security audits for platform users.
Jason··2 min read
Rockstar Games confirmed a data breach originating from its third-party analytics provider, Anodot. The hacking group ShinyHunters claimed responsibility, but Rockstar stated operations remain unaffected, emphasizing the need for robust supply chain security.
Jason··2 min read
Rockstar Games confirmed a data compromise via a third-party cloud provider, though the company claims the incident will have no operational impact despite ransom demands from the hacker group ShinyHunters.
Jason··2 min read
Government systems are facing a fundamental cybersecurity crisis, as evidenced by recent breaches in Syria exposing serious administrative negligence. Experts call for the adoption of the OCSF security framework and stricter personnel training to comply with FISMA standards and protect national infrastructure.
Jessy··2 min read
Meta has suspended its partnership with data vendor Mercor following a security breach that potentially exposed sensitive AI training data.
Jason··2 min read
The European Commission has confirmed a cyberattack involving unauthorized access to its cloud storage systems, prompting a major response and highlighting vulnerabilities in governmental infrastructure.
Kenji··2 min read
The U.S. Department of Justice confirmed that the personal Gmail account of FBI Director Kash Patel was breached by an Iran-linked hacking group, Handala, in retaliation for public comments.
Kenji··2 min read
A foreign hacker has breached an FBI server containing sensitive investigation files related to Jeffrey Epstein, including witness depositions and private logs. The hacker reportedly did not initially know the target was a federal agency. The breach raises significant legal questions under the Privacy Act of 1974 and could potentially derail ongoing judicial proceedings. As the FBI works to contain the damage, the incident is triggering calls for emergency congressional hearings on national security data protection.
Kenji··2 min read
Hackers jailbroke Anthropic's Claude to execute a month-long attack on Mexican government agencies, stealing 150GB of data (including 195 million taxpayer records). The breach sparks debates over AI developer liability and national security vulnerabilities.
Jessy··5 min read