data breach

Apple has initiated legal proceedings against YouTuber Jon Prosser and tech analyst Michael Ramacciotti, alleging unauthorized access and dissemination of confidential information regarding the upcoming iOS 26 operating system. The lawsuit, filed in the U.S. District Court for the Northern...

The United Kingdom’s arrest of four suspects linked to a wave of cyberattacks targeting major retail organizations marks a pivotal moment in the ongoing battle between law enforcement and cybercriminals. This high-profile case comes at a time when digital threats are becoming increasingly...

The widespread assumption that emails sent via Microsoft 365 and Google Workspace are always fully encrypted and secure is deeply flawed, and recent research paints a troubling picture of silent failures, unclear policies, and significant risk to sensitive data in trusted enterprise...

A critical vulnerability uncovered in Synology’s Active Backup for Microsoft 365 (ABM) has sparked concern throughout the global IT security community, shedding light on the intertwined risks associated with SaaS backup providers and cloud application supply chains. The flaw, now catalogued as...

Four days of total digital silence. That was the stark reality for the 20 million users of YES24, South Korea’s largest online bookstore, after a catastrophic ransomware attack forced the entire platform—website and app—offline. Orders for books, reservations for concerts, and access to digital...

In a recent and unprecedented cybersecurity event, researchers have uncovered a massive data breach exposing approximately 16 billion login credentials from major platforms, including Google, Facebook, and Telegram. This breach, identified by the Cybernews research team, is being hailed as one...

Major security events in enterprise software rarely unfold in isolation; instead, they are often woven into broader technological trends and industry shifts. Such is the case with the recent disclosure from Asana, the globally popular project management platform, admitting that a critical bug in...

Microsoft is currently under scrutiny following allegations that its GitHub platform may have been used to host code facilitating unauthorized data extraction from the National Labor Relations Board (NLRB). Representative Stephen Lynch has formally requested that Microsoft CEO Satya Nadella...

The latest cybersecurity disruption at WestJet Airlines highlights a rapidly escalating risk landscape for critical sectors—not only in Canada but across the globe. Early morning users on the company’s mobile app noticed unusual outages: login loops, booking glitches, and persistent error...

When Twitter confirmed that a hacker exploited a significant security vulnerability, it set off alarm bells not just within the company, but across the wider digital landscape. Such incidents underscore the growing concerns around data privacy, cybersecurity, and the responsibility that tech...

A critical zero-click vulnerability in Microsoft's Copilot AI assistant, identified as CVE-2025-32711 and dubbed "EchoLeak," has been discovered by researchers at Aim Security. This flaw allowed attackers to exfiltrate sensitive organizational data without any user interaction, posing a...

In early 2025, cybersecurity researchers uncovered a critical zero-click vulnerability in Microsoft 365 Copilot, an AI assistant integrated into applications like Word, Excel, Outlook, PowerPoint, and Teams. Dubbed "EchoLeak," this flaw allowed attackers to extract sensitive user data without...

A critical zero-click vulnerability in Microsoft's Copilot AI assistant, dubbed EchoLeak and tracked as CVE-2025-32711, was recently discovered by researchers at Aim Security. This flaw allowed attackers to exfiltrate sensitive organizational data without any user interaction, posing a...

In recent developments, a significant security vulnerability, dubbed "EchoLeak," was identified in Microsoft 365 Copilot, an AI-powered assistant integrated into Microsoft's suite of Office applications. This flaw, discovered by AI security startup Aim Security, exposed sensitive user data...

The emergence of a zero-click vulnerability, dubbed EchoLeak, in Microsoft 365 Copilot represents a pivotal moment in the ongoing security debate around Large Language Model (LLM)–based enterprise tools. Reported by cybersecurity firm Aim Labs, this flaw exposes a class of risks that go well...

In early 2025, cybersecurity researchers uncovered a critical vulnerability in Microsoft 365 Copilot, dubbed "EchoLeak," which allowed attackers to extract sensitive user data without any user interaction. This zero-click exploit highlighted the potential risks associated with deeply integrated...

In early 2025, cybersecurity researchers from Aim Labs uncovered a critical zero-click vulnerability in Microsoft Copilot, dubbed 'EchoLeak.' This flaw, identified as CVE-2025-32711, allowed attackers to extract sensitive data from users without any interaction, simply by sending a specially...

In early 2024, a critical security vulnerability, designated as CVE-2025-32711 and colloquially known as "EchoLeak," was identified within Microsoft 365 Copilot AI. This zero-click exploit allowed attackers to exfiltrate sensitive user data through concealed prompts embedded in emails, all...

In January 2025, security researchers at Aim Labs uncovered a critical zero-click vulnerability in Microsoft 365 Copilot AI, designated as CVE-2025-3271 and dubbed "EchoLeak." This flaw allowed attackers to exfiltrate sensitive user data without any interaction from the victim, marking a...

A recent massive data breach has exposed over 184 million user records, compromising sensitive information from major platforms such as Apple, Google, Meta, Microsoft, Instagram, and Snapchat. The breach includes emails, passwords, and authorization URLs, all stored in plain text, making them...