A significant security vulnerability in McDonald’s AI-driven hiring platform, McHire, has compromised the personal data of over 64 million job applicants. This incident, driven by an Insecure Direct Object Reference (IDOR) flaw and weak default credentials, has prompted swift corrective measures by Paradox.ai. The breach involved McHire, a recruitment solution…
Police Arrest Four in Connection with Major Cyberattacks Targeting UK Retailers In a significant development, four individuals have been apprehended as part of an ongoing police investigation into a series of cyberattacks that severely disrupted the operations of prominent British retailers, including Marks & Spencer, the Co-op, and Harrods. The…
Cybercrime, Fraud Management & Cybercrime, Geo Focus: The United Kingdom Arrests Made in Connection with April Ransomware Strikes Against M&S, Co-Op, and Harrods Mathew J. Schwartz (euroinfosec) • July 10, 2025 Image: Andy Sutherland/Shutterstock British authorities have apprehended four individuals linked to a series of high-profile cybersecurity incidents affecting top-tier…
Data Breach Exposes Over 5 Million Job Seekers’ Information via LiveCareer In a significant cybersecurity incident, the online job platform LiveCareer has inadvertently exposed the personal data of over 5 million job seekers. This breach represents a serious lapse in data security, with sensitive information accessible to unauthorized individuals. Affected…
Endpoint Security, Governance & Risk Management, Video Insights from Island CEO Mike Fey on SASE Drivers and Identity Features in Enterprise Browsers Michael Novinson (MichaelNovinson) • July 9, 2025 Mike Fey, co-founder and CEO, Island (Image: Island) As demand for browser-level security increases, Island is enhancing its enterprise browser with…
Black Yak and Korea TOPIK Penalized Due to Data Breach Incidents In a significant turn of events, Black Yak, a prominent outdoor apparel brand, along with Korea TOPIK, has been fined due to recent data breach incidents affecting their respective platforms. These breaches have raised alarms about the security measures…
Cybersecurity Concerns Rise with MellowTel’s Controversial Extension Recent findings have raised significant alarm regarding MellowTel, a tool that operates by opening unknown websites for users. This reliance on MellowTel necessitates a level of trust in the company’s ability to evaluate the security and reliability of these sites. However, the nature…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime Phishing Emails Used to Disguise Malware as Contract Files Prajeet Nair (@prajeetspeaks) • July 9, 2025 Kaspersky headquarters in Moscow, photo dated March 20, 2018. (Image: Tatiana Belova/Shutterstock) A recent report from a Russian cybersecurity firm has unveiled a sophisticated campaign targeting…
North American APT Exploits Exchange Zero-Day to Target China In a significant cybersecurity incident, a North American advanced persistent threat (APT) has leveraged an Exchange Server zero-day vulnerability to execute targeted attacks against entities in China. This development underscores the ongoing dynamics of cyber espionage and the critical importance of…
