Data Privacy, Data Security, Fraud Management & Cybercrime Class Action Lawsuit Claims Web Trackers Misused Patient Data Marianne Kolbasuk McGee (HealthInfoSec) • December 2, 2025 Kaiser Permanente has agreed to pay up to $47.5 million to resolve class action litigation related to its website tracking activities. Kaiser Permanente has reached…
Apple Releases Critical Security Updates to Address Exploited Vulnerabilities Apple has issued new security updates aimed at mitigating significant flaws in its operating systems, including vulnerabilities that have reportedly been exploited in the wild. The updates come in response to the discovery of two critical memory corruption issues affecting the…
On Monday, Google revealed a sophisticated cyber campaign orchestrated by a North Korean state-sponsored group aimed at security researchers involved in vulnerability research and development. This latest information highlights the increasing threat posed by adversaries adept at manipulating credible sources in the cybersecurity community. The Threat Analysis Group (TAG) at…
In the evolving landscape of cybersecurity, identity management has become a crucial front line for defenders. According to Verizon’s 2025 report, a staggering 88% of web application attacks were initiated with compromised credentials. Over the past decade, data indicated that one-third of breaches involved such leaks, highlighting the increasing reliance…
A recently identified malware campaign, dubbed DarkGate, has raised alarms in the cybersecurity community. It exploits a now-patched security vulnerability in Microsoft Windows, known as CVE-2024-21412, which was used as a zero-day attack vector through fraudulent software installers. This incident was first observed in mid-January 2024, wherein attackers deceived users…
Creative Salim/Shutterstock Google’s suite of software has become integral to daily life, with Gmail at the forefront of this digital ecosystem. Originally launched as an April Fool’s Day prank, Gmail has evolved into one of the most widely used email services globally. Other platforms like Google Photos, Docs, Maps, YouTube,…
Gainsight is recognized as a provider of customer support platforms. Summary of Events Google has recently reported a significant supply chain breach that has compromised data stored by Salesforce across more than 200 businesses. The incident was initially revealed by Salesforce on Thursday, noting that “specific customers’ Salesforce data” was…
Endpoint Security, Hardware / Chip-level Security Experts Highlight Advantages of Bug Bounties and Researcher Engagement Mathew J. Schwartz (@euroinfosec) • November 21, 2025 Image: Shutterstock While hardware once stood as a cornerstone of trustworthy systems, ongoing concerns over compromised supply chains and security vulnerabilities have significantly diminished that trust. As…
EXCLUSIVE ShinyHunters has reportedly taken responsibility for a security breach at Gainsight, further compromising the data of numerous Salesforce customers. This breach expands the ongoing ramifications of earlier cyber incidents, particularly the Salesloft Drift hack from earlier this year, which ShinyHunters claims provided them with the initial access to Gainsight’s…
