Betterment, a financial technology firm, recently disclosed a significant data breach affecting 1,435,174 individuals, a figure validated by the data breach monitoring service, Have I Been Pwned? The incident traces back to mid-January 2026 and was initiated through a sophisticated social engineering tactic targeting one of Betterment’s employees. This manipulation…
Critical Security Flaw Discovered in Cisco SPA112 Phone Adapters Cisco has issued a significant warning regarding a critical security vulnerability affecting the SPA112 2-Port Phone Adapters. This flaw, which allows a remote attacker to execute arbitrary code on compromised devices, poses a substantial risk to users worldwide. The vulnerability, designated…
Cybercriminal Sentenced for Developing Remote Access Trojan In a notable legal outcome, Taylor Huddleston, a 26-year-old resident of Hot Springs, Arkansas, has been sentenced to nearly three years in prison for his role in creating and distributing a remote access trojan (RAT), known as NanoCore. This sentencing marks a distinct…
Cybercriminals have recently exploited vulnerabilities in computer systems across the globe, utilizing malware to compromise Point-of-Sale (PoS) terminals through brute-force techniques. As reported by researchers from FireEye, attackers have successfully breached 60 PoS terminals by targeting inadequately secured connections to obtain remote administration credentials. This new campaign, identified as BrutPOS,…
Cybercrime, Fraud Management & Cybercrime, Healthcare Former Employee Accused of Theft of 1 Million Patient Records Marianne Kolbasuk McGee (HealthInfoSec) • February 5, 2026 A former employee of Nuance Communications is facing heightened federal charges for allegedly downloading and storing over one million patient records from Geisinger Health on a…
Cybersecurity specialists are urging Substack users to remain vigilant against potential phishing scams following a recent data breach on the platform. The blogging service has experienced a security incident that compromised user data. In a communication sent to users, Substack CEO Chris Best disclosed that the breach resulted in the…
WordPress users employing the Advanced Custom Fields (ACF) plugin are being strongly advised to update to version 6.1.6 due to the emergence of a critical security vulnerability. The flaw, identified as CVE-2023-30777, pertains to a type of reflected cross-site scripting (XSS), which can be exploited to inject harmful scripts into…
On February 28, 2018, GitHub’s widely used code hosting service experienced a monumental distributed denial-of-service (DDoS) attack, peaking at an unprecedented 1.35 terabits per second (Tbps). This incident marks a significant milestone in the realm of cybersecurity, illustrating both the evolving nature of attack methods and the vulnerabilities that persist…
Just three days before Substack informed its users of a security breach, an alternative narrative was making rounds within underground cybercrime forums. On February 2, 2026, a user on BreachForums, operating under the alias “w1kkid,” alleged that they had scraped Substack and gathered nearly 700,000 user records. This revelation was…