French data protection authority, CNIL, has determined that Google Analytics breaches the European Union’s General Data Protection Regulation (GDPR). This ruling follows a similar finding in Austria just weeks prior. The CNIL’s investigation into the transatlantic transfer of Google Analytics data revealed that this practice lacks appropriate regulatory oversight, particularly…
Cyberwarfare / Nation-State Attacks, Endpoint Security, Fraud Management & Cybercrime Spyware Targets Samsung Galaxy Devices, Reports Unit 42 Greg Sirico • November 7, 2025 Samsung Galaxy models targeted by the malware include the Galaxy S23 Series, Galaxy S24 Series, Galaxy S22, Galaxy Z Flip4, and Galaxy Z Fold4, as depicted.…
Cybersecurity firm Tenable has unveiled significant vulnerabilities in OpenAI’s ChatGPT, uncovering seven distinct risks that could allow malicious actors to compromise user data, circumvent security measures, and embed persistent threats within the model’s architecture. The analysis, referred to as HackedGPT, highlighted that several of the vulnerabilities identified in ChatGPT-4 have…
On Wednesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a critical security vulnerability affecting Fortinet products to its Known Exploited Vulnerabilities (KEV) catalog. This action was taken in light of evidence indicating ongoing exploitation of this flaw. Identified as CVE-2024-23113, this vulnerability has a CVSS…
On Friday, the Korea Atomic Energy Research Institute (KAERI), a government-funded entity based in South Korea, reported a breach of its internal network. The infiltration is believed to have been executed by a threat actor linked to North Korea, with the actual breach occurring on May 14. The attackers exploited…
U.S. Congressional Budget Office Suffers Cybersecurity Breach Amid Ongoing Government Shutdown In an alarming turn of events during a prolonged government shutdown lasting over five weeks, the U.S. Congressional Budget Office (CBO) disclosed that it recently experienced a cybersecurity breach attributed to a suspected foreign actor. The CBO, which is…
Ubisoft Reports Cybersecurity Incident Affecting Game Services On Friday, the French video game giant Ubisoft acknowledged that it had fallen victim to a cybersecurity incident that led to temporary disruptions in its games, systems, and services. The Montreuil-based company swiftly initiated an internal investigation to assess the breach and has…
Data Privacy, Data Security, Healthcare Senate HELP Committee Chair Advocates for Data Protection in Wearable Tech and Health Applications Marianne Kolbasuk McGee (HealthInfoSec) • November 7, 2025 Sen. Bill Cassidy, R-La., a physician and chair of the Senate HELP Committee, is advocating for legislation aimed at aligning new consumer health…
Shamis & Gentile P.A., a leading class action law firm focused on data breach litigation, has initiated an investigation into a significant data breach at Central Jersey Medical Center (CJMC). Individuals affected by this breach may find that their sensitive personal information has been compromised, potentially making them eligible for…
