data breach

A massive, unprotected trove of stolen credentials believed to contain roughly 149.4 million unique username–password pairs — including tens of millions tied to major email and social platforms — was discovered by security researcher Jeremiah Fowler and remained publicly accessible for weeks...

The short, brutal timeline of this case — two federal contractors sacked in a 4:50 p.m. HR call and one of them allegedly deleting scores of government databases within minutes — exposes a catalogue of basic security failures that should unsettle every IT team that handles sensitive data...

The single sentence that should make every IT manager sit up: a misconfigured marketing mail-log database tied to Netcore Cloud Pvt. Ltd. sat publicly accessible and entirely unencrypted, exposing roughly 40 billion records (about 13.4 TB) of message metadata, transactional notices, and other...

Microsoft’s cybersecurity posture is under renewed fire after U.S. Senator Ron Wyden urged the Federal Trade Commission to open a formal investigation into the company’s default security settings, arguing that Microsoft shipped “dangerous, insecure software” that materially enabled a 2024...

Last week’s headlines brought a stark reminder that identity is the new battlefield: a major US credit union disclosed a breach that exposed entire customer identity kits, researchers revealed Android malware weaponizing NFC to enable real-time payment fraud, UK regulators tightened the rules on...

A critical security vulnerability, identified as CVE-2025-53792, has been disclosed in the Azure Portal, Microsoft's web-based application for managing Azure services. This elevation of privilege vulnerability allows authenticated attackers to gain unauthorized administrative access, posing...

A new wave of highly sophisticated phishing scams has placed millions of Microsoft 365 users at increased risk, with recent campaigns focusing on colleges and universities such as Seton Hall. These scams exploit a deepening trust in digital communications and modern security tools, employing...

A new wave of cybersecurity incidents and industry responses has dominated headlines in recent days, reshaping the risk landscape for businesses and consumers alike. From the hijacking of AI-driven smart homes to hardware-level battles over national security and software supply chain attacks...

Threat actors have escalated their tactics by exploiting the Microsoft 365 Direct Send feature, fundamentally altering the landscape of email-based cyber attacks. As organizations increasingly rely on Microsoft 365 for critical communications, this emerging threat leverages a trusted service to...

A surge of cyber threats and security debates this week highlights both the escalating sophistication of digital attacks and the evolving strategies defenders employ to stay ahead. From researchers demonstrating how Google’s Gemini AI can be hijacked via innocent-looking calendar invites to...

The rapidly approaching end of support for Windows 10 is poised to be a watershed moment for healthcare organizations across the United States. In October 2025, Microsoft will officially cease delivering security updates, patches, and technical support for one of its most widely deployed...

In a recent revelation, security consultant Haakon Gulbrandsrud of Binary Security uncovered a significant vulnerability within Microsoft Azure's API Connections functionality. This flaw potentially allowed users with minimal privileges to access sensitive data across various Azure services...

In July 2025, Microsoft issued a critical alert regarding active cyberattacks targeting SharePoint servers used by businesses and government agencies for internal document sharing. These attacks exploit a previously unknown "zero-day" vulnerability, leaving tens of thousands of servers...

Windows 11 may offer a visually sleek interface and new productivity tools, but its default privacy posture leaves much to be desired for anyone concerned about the security of their personal information. As millions rush to upgrade before the obligatory Windows 10 support cut-off, a pressing...

In the early hours of an otherwise ordinary workweek, the headlines told a chilling story: KNP, a storied logistics company in the United Kingdom with 158 years of history, shuttered operations overnight due to a catastrophic ransomware attack. This collapse is more than a cautionary tale—it’s a...

The past week in cybersecurity delivered a barrage of incidents and regulatory developments, all underscoring the persistent fragility of digital infrastructure across industries and governments. Ransomware continues to grab headlines, as do high-profile data breaches affecting millions of...

In a week marked by both mounting threats and significant shifts in the cybersecurity landscape, some of the world’s most recognizable organizations and agencies faced unprecedented security challenges. From ransomware attacks and data breaches exposing millions of personal records to new...

A sweeping cyberattack exploiting a critical vulnerability in Microsoft’s SharePoint server software has rippled across the globe, compromising a broad array of government institutions and businesses in just a matter of days. Security officials and private researchers confirm that the breach’s...

Microsoft has recently issued an urgent alert regarding active cyberattacks targeting its on-premises SharePoint Server software. These attacks have exploited previously unknown vulnerabilities, compromising approximately 100 organizations worldwide, including government agencies and businesses...

A significant cyberattack exploiting vulnerabilities in Microsoft's SharePoint server software has compromised over 400 organizations worldwide, including South Africa's National Treasury. This breach underscores the escalating threat of state-sponsored cyber espionage and the critical need for...