OpenAI announced on Friday that a vulnerability in the Redis open source library led to the unintended exposure of personal information and chat titles belonging to users of its ChatGPT service earlier in the week. This incident, first identified on March 20, 2023, permitted certain users to access snippets of…
A substantial dataset comprising over 183 million stolen usernames and passwords has been integrated into the online resource Have I Been Pwned (HIBP). Dubbed the “Synthient Stealer Log Threat Data,” this significant compilation is not merely a leak from a single entity; rather, it constitutes a vast array of information…
Greater Cincinnati Behavioral Health Services Settles Data Breach Lawsuit for $850,000 In a significant move following a data breach incident, Greater Cincinnati Behavioral Health Services (GCBHS) has agreed to pay $850,000 to settle litigation linked to the unauthorized exposure of sensitive patient information. This settlement underscores the ongoing challenges that…
On Monday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) included a recently patched critical vulnerability affecting Array Networks AG and vxAG secure access gateways in its Known Exploited Vulnerabilities (KEV) catalog. This addition follows credible reports indicating active exploitation of the flaw in real-world scenarios. The vulnerability, designated as…
Ukraine’s leading law enforcement and counterintelligence agency has revealed the identities of five individuals allegedly involved in a series of digital intrusions tied to a cyber-espionage group known as Gamaredon, with connections to Russia’s Federal Security Service (FSB). This disclosure highlights the agency’s ongoing efforts to combat cyber threats directed…
A sophisticated cyber operation, dubbed “PhantomCaptcha,” has targeted prominent humanitarian organizations and government entities engaged in war relief efforts in Ukraine, as detailed in recent research by SentinelLABS. The campaign has notably affected major organizations such as the International Red Cross, UNICEF, and the Norwegian Refugee Council, along with various…
In a significant development within the cybersecurity landscape, Conor Brian Fitzpatrick, a 20-year-old who operated the now-defunct BreachForums, has been formally charged with conspiracy to commit access device fraud in the United States. This notable case highlights the growing scrutiny on online platforms facilitating cybercrime. Fitzpatrick, known online as “pompompurin,”…
• October 23, 2025 As the landscape of digital transactions transitions from human-catalyzed interactions to autonomous decision-making aided by artificial intelligence, significant shifts in the payment lifecycle are essential. Companies must now focus on establishing frameworks for trust, intent, and identity in automated environments. In a recent discussion featuring industry…
A recent cyber threat known as GlassWorm has been detected, specifically targeting developers utilizing Visual Studio Code extensions via the OpenVSX marketplace. Koi Security unveiled this campaign, which leverages trusted extensions to automatically propagate across various development environments while employing stolen credentials to facilitate further infections. Distinct from typical malware…
