Data Privacy, Data Security, HIPAA/HITECH Mapping Platform Exposes Addresses and Medical Assistance Plans Marianne Kolbasuk McGee (HealthInfoSec) • January 9, 2026 The Illinois Department of Human Services has informed 700,000 individuals about a data breach caused by an “incorrect privacy setting” that potentially exposed their personal information online for several…
Data Breach at Texas Gas Station Operator Compromises Information of Over 377,000 Customers In a significant cybersecurity incident, a Texas gas station operator has revealed that a data breach has compromised the personal information of more than 377,000 customers. This breach raises serious concerns about data security practices within the…
You should reconsider your trust. Vulnerabilities could be lurking beneath the surface. The modular design of contemporary web applications contributes significantly to their efficiency. These applications can utilize a plethora of third-party components, JavaScript frameworks, and open-source tools to deliver diverse functionalities that enhance customer experience. However, this complex web…
In a recent cyber incident, Magecart, a notorious hacking collective, has targeted nearly 277 e-commerce websites, employing sophisticated supply-chain tactics to compromise their systems. Researchers from RiskIQ and Trend Micro have identified this particular effort as the work of “Magecart Group 12,” which specifically infiltrated third-party JavaScript libraries used by…
Recently, a significant data breach has come to light, affecting approximately 324,000 users whose payment information has been compromised due to vulnerabilities associated with the payment processor BlueSnap and its client, Regpack. Despite the scale of this incident, neither of the companies involved has publicly acknowledged any breach. BlueSnap functions…
Agentic AI, Artificial Intelligence & Machine Learning, Identity & Access Management $740M SGNL Acquisition Enhances Dynamic Identity Management for Human and AI Agents Michael Novinson (MichaelNovinson) • January 9, 2026 Daniel Bernard, Chief Business Officer, CrowdStrike (Image: CrowdStrike) CrowdStrike, a leading platform security company based in Austin, Texas, is set…
Artificial Intelligence & Machine Learning, Multi-factor & Risk-based Authentication, Next-Generation Technologies & Secure Development Additionally: Transforming AI Data into AI Defense, Autonomous Border Patrol Robots Anna Delaney (annamadeline) • January 9, 2026 Clockwise, from top left: Anna Delaney, Mathew Schwartz, Rashmi Ramesh, and Tony Morbin This week, the ISMG editorial…
A recent incident highlights a significant cybersecurity threat involving a counterfeit proof-of-concept (PoC) exploit for a newly identified vulnerability in WinRAR. This exploit was shared on GitHub with the malicious intent of infecting users who downloaded the code with Venom RAT malware. Researchers from Palo Alto Networks’ Unit 42, including…
Data Exposure at Oklahoma Department of Securities In a significant cybersecurity incident, a substantial dataset belonging to the Oklahoma Department of Securities (ODS) was left vulnerable on an unsecured storage server for a prolonged period, exposing approximately 3 terabytes of sensitive information. This breach, identified by Greg Pollock, a researcher…
