A significant security flaw in the Irish Health Service Executive's (HSE) COVID-19 vaccination portal, which exposed the vaccination records of approximately a million people, has been disclosed after a two-year delay. The vulnerability, discovered by security researcher Aaron Costello in December
Latest News
The US House of Representatives has passed a bill requiring TikTok's parent company, ByteDance, to divest the app's US assets. The House voted overwhelmingly (352-65) to pass the legislation, which gives ByteDance a six-month ultimatum to sell TikTok's US business or face a ban. The bill gained
Over 15,000 Roku accounts have been compromised, which has resulted in hackers gaining unauthorized access to sensitive information, including credit card details. The breach occurred between December 28, 2023, and February 21, 2024. Roku confirmed the breach, stating that the hackers employed a
Over 3,300 WordPress websites have been compromised through vulnerabilities in the Popup Builder plugin. Security researchers at Sucuri have identified the flaw, CVE-2023-6000, in versions 4.2.3 and older of the plugin. It has led to a surge in malicious activities across the internet. The
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained over 2.3 million documents belonging to Kids Empire, an US operator of recreational centers. The publicly exposed database contained 2,363,222 documents in .PDF
Fidelity Investments Life Insurance Company (FILI) has announced a significant data breach affecting approximately 28,000 customers, following a cyberattack on third-party service provider Infosys McCamish Systems (IMS). The breach, which occurred between October 29 and November 2, 2023, involved
PetSmart has recently informed its customers of a credential stuffing attack, prompting an immediate reset of passwords for affected accounts. The pet retail giant currently has over 60 million customers. The attack leveraged usernames and passwords exposed in prior breaches to gain unauthorized
UnitedHealth Group has reportedly paid a ransom of $22 million to the ALPHV/Blackcat ransomware gang to regain access to data and systems encrypted during a cyberattack on its subsidiary, Change Healthcare. The payment was disclosed through a post on a Russian cybercriminal forum by an affiliate of
American Express (Amex) has notified its customers of a data breach that affected a third-party merchant processor, leading to the exposure of sensitive credit card information. The breach was first reported on March 4, with American Express taking quick action to inform impacted cardholders and
The North Korean threat actor Lazarus Group exploited a previously unknown vulnerability in the Windows operating system to help perform cyberattacks. This exploit, discovered by researchers at cybersecurity firm Avast, allowed the hackers to gain kernel-level access. According to Bleeping