Data Breach

Former Google Engineers Indicted for Transferring Trade Secrets to Iran

Two former engineers from Google and the husband of one of them have been indicted in the United States for allegedly stealing sensitive trade secrets from major technology firms and transferring the information to unauthorized destinations, including Iran. The defendants, Samaneh Ghandali, 41, her husband Mohammadjavad Khosravi, also known as Mohammad Khosravi, 40, and her sister Soroor […]

Former Google Engineers Indicted for Transferring Trade Secrets to Iran Read More »

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens

Cybersecurity researchers have identified a case in which an information-stealing malware successfully extracted sensitive configuration files linked to OpenClaw, the open-source AI agent platform previously known as Clawdbot and Moltbot. According to researchers at Hudson Rock, the incident represents a turning point in infostealer evolution. Instead of focusing solely on browser credentials, threat actors are now harvesting

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens Read More »

Malicious Chrome Extensions Exposed for Stealing Business Data, Emails, and Browsing History

Browser extensions are once again under scrutiny after multiple investigations revealed coordinated campaigns abusing Google Chrome add ons to steal business intelligence, authentication codes, emails, and browsing history. Security researchers have identified several malicious extensions impersonating productivity tools, AI assistants, and social media customization plugins. These threats specifically target platforms such as Meta Business Suite, Facebook Business Manager, Google Chrome,

Malicious Chrome Extensions Exposed for Stealing Business Data, Emails, and Browsing History Read More »

First Malicious Outlook Add-In Discovered Stealing Over 4,000 Microsoft Credentials

Cybersecurity researchers have uncovered what is believed to be the first malicious Microsoft Outlook add-in observed in active attacks. The discovery highlights a new evolution in supply chain threats targeting trusted software marketplaces. According to security firm Koi Security, an unidentified attacker hijacked a previously legitimate but abandoned Outlook add-in domain to host a fraudulent

First Malicious Outlook Add-In Discovered Stealing Over 4,000 Microsoft Credentials Read More »

Dutch Authorities Confirm Ivanti Zero Day Exploit Exposed Employee Contact Data

Dutch authorities have confirmed that recent cyber attacks exploiting zero-day vulnerabilities in Ivanti Endpoint Manager Mobile (EPMM) led to unauthorized access to employee contact information within government systems. The Dutch Data Protection Authority (AP) and the Council for the Judiciary (Rvdr) revealed that their environments were affected after attackers abused newly disclosed flaws in Ivanti

Dutch Authorities Confirm Ivanti Zero Day Exploit Exposed Employee Contact Data Read More »

Researchers Disclose Reprompt Attack Enabling One-Click Data Exfiltration From Microsoft Copilot

Cybersecurity researchers have uncovered a new attack technique named Reprompt that allows threat actors to silently extract sensitive information from AI chatbots such as Microsoft Copilot with just a single click. The attack operates without requiring plugins, user interaction, or visible prompts, creating a serious blind spot for enterprise security controls. According to Varonis security researcher Dolev

Researchers Disclose Reprompt Attack Enabling One-Click Data Exfiltration From Microsoft Copilot Read More »

Instagram Confirms No System Breach and Fixes External Party Password Reset Issue

Instagram has clarified that its internal systems were not compromised following reports of unexpected password reset emails sent to users. The company confirmed that the incident was caused by an external party abusing a now resolved issue, and emphasized that user accounts remain secure. Clarification Following Data Leak Reports The statement comes after widespread discussion

Instagram Confirms No System Breach and Fixes External Party Password Reset Issue Read More »

Data Breach at Texas Gas Station Operator Exposes Information of Over 377,000 Customers

A major cybersecurity incident has impacted Gulshan Management Services, Inc., a gas station operator headquartered in Sugar Land, Texas, resulting in the exposure of personal information belonging to more than 377,000 customers. The breach has raised serious concerns about the protection of customer data within retail and fuel service operations across multiple US states. Breach

Data Breach at Texas Gas Station Operator Exposes Information of Over 377,000 Customers Read More »

Instagram Data Leak Exposes Sensitive Information of 17.5M Accounts

A major data exposure incident has reportedly impacted around 17.5 million Instagram user accounts, with sensitive personal information now circulating on dark web marketplaces. The issue was highlighted earlier this week by cybersecurity firm Malwarebytes, triggering serious concerns about user privacy, account security, and the potential for large scale abuse. What Information Was Exposed According

Instagram Data Leak Exposes Sensitive Information of 17.5M Accounts Read More »

Trust Wallet Chrome Extension Breach Leads to 7 Million Dollar Crypto Loss via Malicious Code

Trust Wallet has issued an urgent advisory asking users to update its Google Chrome browser extension after confirming a security incident that resulted in cryptocurrency losses totaling approximately $7 million. The breach specifically affected Trust Wallet Chrome Extension version 2.68, while users who upgraded to version 2.69 are no longer at risk. According to the

Trust Wallet Chrome Extension Breach Leads to 7 Million Dollar Crypto Loss via Malicious Code Read More »