Data Breach

Vercel Discovers Additional Compromised Accounts in Breach Linked to Context.ai

Vercel has disclosed new findings in its ongoing investigation into a recent security incident, confirming that more customer accounts were affected than initially believed. Expanded Investigation Reveals More Impact The company reported that after broadening its analysis, including reviewing network activity and environment variable access logs, it discovered an additional group of accounts showing signs of […]

Vercel Discovers Additional Compromised Accounts in Breach Linked to Context.ai Read More »

Vertex AI Vulnerability Exposes Sensitive Google Cloud Data and Private Artifacts

A newly identified security weakness in Google Vertex AI has raised serious concerns about potential data exposure and cloud infrastructure compromise. Security researchers have revealed that artificial intelligence agents operating within the platform could be manipulated to access sensitive information without authorization. Misconfigured Permissions Create a Hidden Risk The issue stems from how permission controls are implemented

Vertex AI Vulnerability Exposes Sensitive Google Cloud Data and Private Artifacts Read More »

OpenAI Fixes ChatGPT Data Exfiltration Flaw and Codex Vulnerability Exposing GitHub Tokens

A critical security issue affecting AI systems has been resolved after researchers discovered vulnerabilities in ChatGPT and Codex that could have exposed sensitive user data and developer credentials. ChatGPT Flaw Enabled Covert Data Exfiltration Researchers from Check Point uncovered a previously unknown weakness in ChatGPT that allowed hidden data exfiltration without user awareness. The flaw made it possible for

OpenAI Fixes ChatGPT Data Exfiltration Flaw and Codex Vulnerability Exposing GitHub Tokens Read More »

Critical Flaws in LangChain and LangGraph Expose Files, Secrets, and Databases

Security researchers have uncovered serious vulnerabilities in widely used artificial intelligence frameworks, exposing enterprise systems to potential data breaches. The affected platforms, LangChain and LangGraph, are commonly used to build applications powered by large language models, making the impact both widespread and significant. Massive Adoption Increases Risk Exposure Both frameworks are deeply embedded in modern AI development environments.

Critical Flaws in LangChain and LangGraph Expose Files, Secrets, and Databases Read More »

Europol flow chat

FBI and Europol Shut Down LeakBase Forum Used for Trading Stolen Credentials

International law enforcement agencies have successfully dismantled LeakBase, a notorious online marketplace widely used by cybercriminals to trade stolen credentials and hacking resources. The coordinated crackdown was led by the Federal Bureau of Investigation and Europol as part of a multinational cybercrime investigation. Authorities confirmed that the website leakbase[.]la has been seized. Visitors attempting to access the platform now encounter an official

FBI and Europol Shut Down LeakBase Forum Used for Trading Stolen Credentials Read More »

Thousands of Google Cloud API Keys Exposed After Gemini Access Enabled

A new security analysis has revealed that thousands of publicly exposed Google Cloud API keys could be misused to access sensitive Gemini AI endpoints once the Generative Language API is activated within a project. Researchers at Truffle Security identified nearly 3,000 Google API keys, recognizable by the prefix AIza, embedded in client side JavaScript code across websites.

Thousands of Google Cloud API Keys Exposed After Gemini Access Enabled Read More »

Malicious NuGet Packages Stole ASP.NET Data While npm Package Delivered Malware

Cybersecurity analysts have uncovered four harmful NuGet packages designed to infiltrate ASP.NET development environments and secretly extract sensitive application data. The campaign, identified by Socket, focused on compromising applications during development rather than directly attacking developers’ machines. The rogue packages were uploaded to the official NuGet repository between August 12 and 21, 2024, by a user

Malicious NuGet Packages Stole ASP.NET Data While npm Package Delivered Malware Read More »

PayPal Reveals Six Month Data Breach Exposing User Information

Digital payments giant PayPal has disclosed a data security incident that exposed sensitive customer information for nearly six months. The issue stemmed from a software error within its small business lending platform, raising renewed concerns about data governance, financial technology security, and regulatory compliance. Software Error Behind Prolonged Data Exposure According to PayPal, the incident

PayPal Reveals Six Month Data Breach Exposing User Information Read More »

Data Breach at French Bank Registry Affects 1.2 Million Accounts

France’s financial authorities have revealed a major cybersecurity breach affecting approximately 1.2 million bank account records. The incident targeted the country’s centralized bank account registry, raising serious concerns about data protection, identity theft, and financial fraud. Officials have launched a full investigation while strengthening national cybersecurity defenses. Unauthorized Access to National Bank Registry The French

Data Breach at French Bank Registry Affects 1.2 Million Accounts Read More »

Mississippi Medical Center Shuts Down All Clinics Following Ransomware Attack

A major healthcare provider in the United States has temporarily closed all its clinic locations following a disruptive cyberattack. The University of Mississippi Medical Center (UMMC) confirmed that a ransomware incident forced it to shut down multiple IT systems while emergency protocols were activated to maintain patient care. Authorities at the federal level are now

Mississippi Medical Center Shuts Down All Clinics Following Ransomware Attack Read More »