Businesses concerned about cybersecurity may already be familiar with Have I Been Pwned, a site dedicated to notifying users about data breaches. Recently, Proton, the company behind ProtonMail, launched its own data breach alert service named the Data Breach Observatory.…
Recent cybersecurity research has identified a significant campaign, known as EMERALDWHALE, which exploits exposed Git configurations to extract credentials, clone private repositories, and even obtain cloud service credentials embedded in source code. This operation has reportedly compromised over 10,000 private…
Microsoft has recently issued a warning regarding an actively exploited zero-day vulnerability affecting Internet Explorer. This flaw is being utilized to compromise Windows systems by means of malicious Microsoft Office documents. Identified as CVE-2021-40444 with a CVSS score of 8.8,…
Former Executive Pleads Guilty to Selling Trade Secrets to Russian Buyer In a significant case involving cybersecurity breaches, a former executive from a firm specializing in zero-day vulnerabilities and exploits was sentenced in federal court in Washington, DC, for trafficking…
Twilio Faces Another Security Incident with Customer Data Compromised This week, communication services provider Twilio reported a security breach that occurred on June 29, 2022, attributed to the same group responsible for a significant breach in August 2022. The company…
Data Security Second Round of Layoffs Since 2022 Follows $150 Million Email Security Acquisition Michael Novinson (MichaelNovinson) • October 29, 2025 Varonis has announced a reduction of its workforce by 5%, translating to approximately 120 employees, amid concerns over declining…
Data Breach Exposes Students of Iran’s MOIS Training Academy A significant data leak has recently surfaced, revealing sensitive information belonging to students enrolled in Iran’s Ministry of Intelligence and Security (MOIS) Training Academy. This incident highlights ongoing vulnerabilities in cybersecurity…
Google has reported the identification of a zero-day vulnerability within the SQLite open-source database engine, utilizing its large language model (LLM)-assisted framework known as Big Sleep (formerly Project Naptime). This discovery marks a significant milestone as the first real-world vulnerability…
A previously undocumented backdoor, identified as SideWalk, has recently been discovered targeting an unnamed computer retail company in the United States, linked to a persistent Chinese espionage campaign known as Grayfly. This finding raises significant concerns in the cybersecurity community…
Exploiting Vulnerabilities in NPM: A Surge in Credential-Theft Packages Cybercriminals have recently exploited a significant vulnerability in the NPM code repository, gaining access through more than 100 malicious packages designed to steal credentials since August. Notably, these attacks largely went…
