Fraud Management & Cybercrime, Governance & Risk Management, Patch Management Highlights: npm Packages Breach, FBI Fraud Alert, CISO Dismissal at Campbell’s Pooja Tikekar (@PoojaTikekar) • November 27, 2025 Image Source: Shutterstock/ISMG ISMG compiles weekly cybersecurity incidents and breaches globally. This…
Data Breach at Mixpanel Exposes OpenAI User Information A recent data breach at Mixpanel Inc., a prominent data analytics provider, has resulted in the exposure of account information belonging to some users of OpenAI Group PBC. This incident was disclosed…
Cybersecurity Warning: Malicious Ads Target Chinese Users of Notepad++ and VNote Recent reports indicate a concerning trend wherein Chinese users searching for legitimate software such as Notepad++ and VNote are being targeted by malicious advertisements. These ads lead to fraudulent…
Recent cyber operations attributed to state-sponsored Iranian threat actors underline a sustained focus on collecting sensitive information on individuals that may jeopardize the stability of the Islamic Republic. The targets include dissidents, opposition forces, supporters of ISIS, and Kurdish natives,…
DoorDash Confirms Major Data Breach Affecting Nearly 5 Million Users DoorDash, the prominent food delivery service based in San Francisco, has reported a significant data breach that affects approximately 4.9 million users, including customers, delivery workers, and merchants. The breach,…
Blockchain & Cryptocurrency, Cybercrime, Cybercrime as-a-Service Public-Private Collaboration Essential for Ransomware Response, Asserts Anne Neuberger Akshaya Asokan (asokan_akshaya) • November 27, 2025 Anne Neuberger, former Deputy NSA for Cyber and Emerging Technologies, White House (Image: ISMG) At a recent event…
In a significant breach impacting user trust, OpenAI recently alerted its API platform users about a data exposure event linked to third-party analytics provider Mixpanel. On November 27, 2025, OpenAI disclosed that unauthorized access to Mixpanel’s systems on November 9…
In a significant development for WordPress users, a critical security vulnerability has been identified in miniOrange’s Malware Scanner and Web Application Firewall plugins, prompting an urgent recommendation for website owners to uninstall these tools. The detected flaw, designated as CVE-2024-2172,…
In a significant cybersecurity incident, hackers infiltrated the computer system of a water treatment facility in Florida, manipulating sodium hydroxide (NaOH) levels in the water supply. This breach, which starkly highlights vulnerabilities in critical infrastructure, occurred on February 5 and…
Cybersecurity firm Comodo is urging users of its ITarian Forum to change their passwords immediately following a significant data breach involving the exploitation of a vBulletin vulnerability. This incident has reportedly compromised the login credentials of nearly 245,000 registered users…
