In December 2022, LastPass disclosed a significant data breach that permitted cybercriminals to access encrypted password vaults. This breach resulted from a coordinated second attack, leveraging vulnerabilities that emerged from an earlier incident. According to the company, a DevOps engineer’s personal computer was compromised through a keylogger, enabling unauthorized access…
Cybercrime, Fraud Management & Cybercrime, Identity & Access Management Malware Captures Billions of Credentials Mathew J. Schwartz (euroinfosec) • October 24, 2025 Image: Shutterstock Credential theft via infostealers has escalated to alarming levels, as cybercriminals continuously adapt to enhanced security measures. By infiltrating corporate systems with malware that captures session…
A recent listing on a dark web data leak site operated by the Everest ransomware group claims to have accessed 576,686 personal records associated with AT&T Careers, the recruitment platform of the telecommunications giant. This platform facilitates role applications, resume submissions, and career management for both applicants and employees. This…
Oracle has issued a warning regarding a critical security vulnerability in its Agile Product Lifecycle Management (PLM) Framework, which has been actively exploited in real-world scenarios. The flaw, designated as CVE-2024-21287, boasts a CVSS score of 7.5, indicating its severity and potential impact. This vulnerability is particularly concerning because it…
Recent research has unveiled details of what is being referred to as the largest botnet discovered in the past six years, known as “Pink.” This sophisticated malware has reportedly infected over 1.6 million devices, predominantly located in China. Its primary objectives include orchestrating Distributed Denial-of-Service (DDoS) attacks and injecting ads…
The Universe Browser has drawn attention with bold claims, positioning itself as the fastest web browser while promising enhanced privacy and safety for its users. However, a deeper examination raises significant concerns about its operations and potential risks to users. Recent research by Infoblox, a network security firm, has uncovered…
A significant security breach has compromised the password management platform LastPass, originating from a lapse in software maintenance by one of its engineers. This incident underscores the critical risks associated with neglecting timely software updates. In a disclosure made last week, LastPass provided insights into how attackers leveraged information obtained…
Data Breach Notification, Data Security, Healthcare Regulators Investigate Potential Delay in Notification of Breach Affecting 462,000 Insurance Members Marianne Kolbasuk McGee (HealthInfoSec) • October 23, 2025 Montana state officials are probing a data breach at Blue Cross Blue Shield of Montana linked to a vendor. (Image: BCBSMT) Montana state regulators…
Toys ‘R’ Us Canada Customer Information Leaked Online In a significant cybersecurity incident, customer information from Toys ‘R’ Us Canada has reportedly been exposed online. The breach raises critical concerns regarding the safety of sensitive consumer data in an era where digital transactions are commonplace. The leaked information, which may…
