A Fake UK Visa Site
A third-party UK visa site exposed passports and selfies on a public AWS server. It’s not official GOV.UK and affected at least 100,000 documents. UK Visa Portal is not run by the British government. It’s a third-p
Every confirmed data breach we've indexed across 5492+ incidents from healthcare, finance, technology, government, retail, and education. Sourced from Verizon DBIR, public disclosure feeds, and major security news outlets. Updated automatically.
A third-party UK visa site exposed passports and selfies on a public AWS server. It’s not official GOV.UK and affected at least 100,000 documents. UK Visa Portal is not run by the British government. It’s a third-p
The security flaw allowed attackers to pull private container images, exposing source code, credentials, and infrastructure. The post Gitea Vulnerability Exposed 30,000 Deployments to Attacks appeared first on SecurityWe
269,299 records exposed — Email addresses, Names, Partial credit card data, Phone numbers and 2 more
19.6 Billion files are exposed in misconfigured cloud buckets, including 685K credential files and nearly 1M database dumps. There’s a comfortable myth most people carry around: that the data they hand to companies
Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-engineering bait, and enough exposed inf
Threat actors are continuing to exploit a critical, now-patched security flaw impacting FortiClient Endpoint Management Server (EMS) deployments to deliver a credential-stealing malware family dubbed EKZ Infostealer. "T
4,851,517 records exposed — Email addresses, Job titles, Names, Phone numbers and 1 more
Carnival disclosed a data breach affecting nearly 6 million people after hackers used social engineering to access employee accounts. Carnival Corporation is notifying nearly 6 million people after a data breach exposed
India’s cybersecurity agency, CERT-In, has urged organizations to patch, mitigate, or isolate known exploited vulnerabilities affecting internet-facing “crown jewel” systems within 12 hours where feasible, warning that A
Data breach leaves nearly 6 million Carnival customers navigating identity theft risks. The post Carnival Data Breach Exposed 6 Million People appeared first on SecurityWeek.
Taking down a sprawling malware operation once signaled progress in securing the open-source ecosystem. Now, it barely registers. The GlassWorm campaign disruption comes at a moment when attackers can quickly reconstitut
The company said the threat actor gained access to a limited portion of its IT environment last month after compromising an employee account. By the end of April, Carnival determined that the attacker had copied personal
Nx Console Embedded Malicious Code Vulnerability — Nx Console contains an embedded malicious code vulnerability that allowed a malicious version of Nx Console to be published. The compromised extension fetched an obfusca
TanStack Unspecified Vulnerability — TanStack contains an unspecified vulnerability that allowed malicious versions of the product to be published to the npm registry to publish credential-stealing malware under a truste
Daemon Tools Lite Embedded Malicious Code Vulnerability — Daemon Tools contains an unspecified vulnerability that has a high impact on confidentiality, integrity, and availability.
84,108 records exposed — Email addresses, Names, Partial credit card data, Phone numbers and 3 more
In a public advisory issued Tuesday the FBI said a hacking group has targeted law firms using social engineering schemes to gain remote access to corporate systems and exfiltrate data.
A purported leak exposing 5.8 million records of Uruguayan citizens is the latest incident where cybercriminals targeted government agencies to monetize citizen data.
All Major LLMs Exposed to Multi-Turn Manipulation, Warn Researchers
The FBI warned that the extortion gang Silent Ransom Group is targeting law firms and socially engineering its way into servers and databases.
The FBI warned on Tuesday that the Silent Ransom Group (SRG) extortion gang is now targeting U.S.-based law firms in in-person data theft attacks. [...]
The Oncology Institute disclosed a data breach tied to a third-party vendor, potentially exposing patient information after a 2025 cyberattack. The Oncology Institute has confirmed that patient information was impacted i
502,597 records exposed — Email addresses, Employers, Financial transactions, Job titles and 3 more
The ShinyHunters extortion gang stole the personal information of over 183,000 people after hacking the systems of convenience store chain giant 7-Eleven in April, according to data breach notification service Have I Bee