Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password protected database that contained more than 200,000 records, which included sensitive files containing PII of students and parents. The non-password protected cloud storage database contained a
In a concerning discovery, about 55% of all inputs to generative AI platforms contain sensitive and personally identifiable information (PII). This revelation was uncovered in a new report released by Menlo Security, which highlighted the rapid developments of both generative AI and the
A newly discovered critical vulnerability in Microsoft Outlook, CVE-2024-21413, poses a significant threat to users by enabling remote code execution (RCE) through emails with malicious links. This flaw, identified by Check Point researcher Haifei Li, allows threat actors to bypass built-in
In a significant breach of privacy, TheTruthSpy, a surveillance application, has been hacked, compromising the data of over 50,000 Android devices across the globe. This incident marks the fourth time the application has fallen victim to hackers due to the same unfixed security flaw. According
Over 33 million individuals in France — nearly half the country’s population — have had their personal data exposed. This breach targeted Viamedis and Almerys, two prominent service providers in the French healthcare and insurance sectors. The French data protection authority, the National
Google's Threat Analysis Group (TAG) has published a report on the widespread use of commercial spyware, commonly supplied by Europe-based startups for government surveillance campaigns. In one recent campaign, government-backed hackers used tools supplied by Variston, a Barcelona-based spyware
A new malware, named Ov3r_Stealer, is spreading through fake job advertisements on Facebook. Discovered by Trustwave SpiderLabs, the threat actors behind the malware target users by offering bogus management positions, leading them to download a weaponized PDF. Within the file, the user is directed
The Biden administration has introduced a new visa restriction policy aimed at curbing the misuse of commercial spyware. Secretary of State Antony Blinken emphasized the policy's broad target, stating it would affect those involved in the misuse of commercial spyware to target journalists,
Mastodon, an open source and decentralized social media platform, is currently in the midst of a security alert. Cybersecurity experts have disclosed a critical vulnerability, dubbed CVE-2024-23832, that leaves millions of accounts at risk of being hijacked by malicious actors. The flaw scored a
Johnson Controls International, a leading multinational conglomerate, has reported a staggering $27 million in expenses tied to the remediation of a ransomware attack that occurred in September 2023. The attack, which was first reported by BleepingComputer, was orchestrated by the Dark Angels