Skip to main content

Tag: data exposure

47 articles

Blurred computer screen in empty school hallway conveys concern and vulnerability.

Senators Probe Navigate360 Over Hacked Student Data

Senators Maggie Hassan and Jim Banks are demanding answers from Navigate360 after a cyberattack compromised its anonymous tip line, putting the sensitive data of students, staff, and schools at risk. The breach allegedly exposed 93 gigabytes of data, sparking concerns over the safety and security of those who rely on the company's services.

Analyst 207
Dimly lit server room with a laptop screen displaying sensitive API tokens and credentials.

Cross-App Permissions Expose Hidden Risks in AI-Driven SaaS Environments

Imagine a single security slip-up exposing 1.5 million API tokens and 35,000 email addresses, leaving AI agents and their users vulnerable to hijacking and misuse. The recent Moltbook breach reveals the hidden risks of cross-app permissions in AI-driven SaaS environments.

Analyst 207
Dark cityscape with cracked vault door and glowing network lines, people working on devices in background.

AI Agents Fuel Cybersecurity Breaches at Most Firms

As AI agents increasingly power business operations, they're also fueling cybersecurity breaches at most firms, leading to data exposure, operational disruption, and financial losses. The rapid rise of AI is sparking a pressing dilemma: how can organizations balance innovation with control?

Analyst 207
A cracked padlock on shattered glass with a laptop glow casting eerie light on a cloud-shaped object.

Vercel Breach Exposes Cloud App Security Risks

When a leading cloud app developer like Vercel reports a breach with scarce details, customers and security teams are left scrambling with uncomfortable uncertainty, wondering if their systems and data are at risk. The lack of transparency only tests trust and fuels concerns about cloud app security.

Analyst 207
Raccoon in actor disguise types on keyboard amidst scattered papers with passwords.

Raccoon Actor Targets Help Desks in Password Breach Spree

When help desks, meant to be a trusted source of support, become the easiest target for attackers, what can we do to protect ourselves? A recent surge in breaches, including a password breach spree by a Raccoon-linked actor, has left technologists, policymakers, and everyday users scrambling for answers.

Analyst 207
Shattered padlock and scattered papers near laptop glow, cityscape visible through cracked window, conveying vulnerability.

McGraw Hill Data Leak Exposes 13.5M Records After Salesforce Misconfiguration

McGraw Hill, a leading publisher of educational materials, recently suffered a significant data leak, exposing a staggering 13.5 million records due to a misconfigured Salesforce-hosted page. This alarming breach highlights the importance of robust data security measures, even for companies with a traditional focus like textbook publishing.

Analyst 207
Dark cityscape with giant cracked smartphone screen hovering above skyscrapers, reflecting eerie glow of computer screens.

Google API Flaw Exposes Android Apps to Gemini AI Vulnerabilities

A recently discovered flaw in Google's API keys is leaving millions of Android apps vulnerable to Gemini AI exploits, potentially exposing private files and racking up unexpected billing charges. This security gap allows mobile apps to quietly tap into the powerful AI, all without users noticing.

Analyst 207
LiteLLM Supply-Chain Compromise Exposes Mercor Data

LiteLLM Supply-Chain Compromise Exposes Mercor Data

A single faulty AI dependency can become a backdoor for attackers - as seen in the recent LiteLLM supply-chain compromise that exposed sensitive data, source code, and internal credentials at Mercor. This alarming incident highlights the risks of relying on third-party dependencies and the importance of securing your supply chain.

Analyst 207
Secrets Sprawl Hits Alarming 34% Annual Surge

Secrets Sprawl Hits Alarming 34% Annual Surge

The alarming truth is that secrets sprawl has surged 34% in the past year, with a staggering 29 million new hardcoded secrets uncovered in 2025 alone. This explosive growth poses a daunting challenge for CISOs and the cybersecurity community, raising critical questions about our ability to safeguard sensitive information.

Analyst 207
Critical Lloyds IT Glitch Exposes Alarming Data of 500K Customers

Critical Lloyds IT Glitch Exposes Alarming Data of 500K Customers

A recent IT glitch at Lloyds exposed the sensitive data of nearly 500,000 customers, highlighting the alarming vulnerabilities of our increasingly interconnected world. This shocking incident serves as a wake-up call, reminding us that even the most secure systems can be breached, and our personal data can be put at risk.

Analyst 207
CISA Must Fix Stunning Insider Threat Failures

CISA Must Fix Stunning Insider Threat Failures

CISA warned the nation about insider threats, yet a senior officials upload of sensitive documents to a public AI chatbot revealed startling insider threat failures within the agency. Fixing this will take more than patches — it demands tighter access controls, stronger governance, and real cultural change.

Analyst 207
CISA Adds Gladinet, CWP to KEV: Exclusive Critical Alert

CISA Adds Gladinet, CWP to KEV: Exclusive Critical Alert

CISA has quietly added Gladinet and Control Web Panel to its Known Exploited Vulnerabilities list after evidence of active attacks. These flaws — including CVE-2025-11371 (CVSS 7.5) — are no longer theoretical and should be prioritized for immediate patching and mitigation.

Analyst 207
Postcode Lottery Exclusive: Damaging Data Slip

Postcode Lottery Exclusive: Damaging Data Slip

People’s Postcode Lottery says a “technical error” briefly exposed some customer data and has since fixed the fault. But with no clear details on what leaked, how many were affected, or what protections are being offered, customers are understandably left wondering who will cover the fallout.

Analyst 207
EY Exposes 4TB SQL DB: Exclusive Critical Breach

EY Exposes 4TB SQL DB: Exclusive Critical Breach

When the vault is unlocked: a researcher reportedly found a 4TB SQL DB backup tied to EY sitting exposed on the open web, potentially leaking vast amounts of sensitive data. Its a blunt wake‑up call — backups must be encrypted, access‑restricted, and treated as compromised the moment theyre reachable.

Analyst 207
payment data breach: Stunning Alarming Risk Exposed

payment data breach: Stunning Alarming Risk Exposed

About 180,000 people had names and payment details left exposed — putting them at heightened risk of fraud and identity theft; here’s what to do now to protect yourself and why companies must tighten their defenses.

Analyst 207
PII and payment data: Stunning Risky Exposure Alert

PII and payment data: Stunning Risky Exposure Alert

About 180,000 records — including names and payment card data — were left exposed, turning everyday transactions into a potential headache for consumers and a regulatory and reputational crisis for businesses; monitor your accounts, enable alerts, and favor virtual or tokenized payment options while companies patch misconfigurations and tighten security.

Analyst 207
data security incident: Risky Prosper Breach—Stunning

data security incident: Risky Prosper Breach—Stunning

Prosper says it found no evidence of stolen funds, but a data exposure affecting roughly 17 million people still raises real risks of identity theft and phishing — here’s what to watch for and do next.

Analyst 207
data breach notices: Stunning Wave Risks 3.7M

data breach notices: Stunning Wave Risks 3.7M

About 3.7 million North Americans just received breach notices after incidents at Allianz Life, WestJet and a payroll software vendor — leaving many wondering what to do next and how to protect themselves. Read on for what happened, what to watch for, and simple steps you can take right now to guard your identity.

Analyst 207
cloud collaboration: Must-Have Best Practices to Avoid Risk

cloud collaboration: Must-Have Best Practices to Avoid Risk

Cloud collaboration makes teamwork effortless — and oversharing dangerously easy; learn practical, friendly best practices to keep files moving fast while cutting exposure, from short-lived links and MFA to data stewardship and automated audits.

Analyst 207
Salesloft breach: Exclusive Risky Lawsuit Fallout

Salesloft breach: Exclusive Risky Lawsuit Fallout

Salesforce now faces a wave of lawsuits after customer data stolen from Salesloft surfaced in identity‑theft schemes, sparking a heated debate over who’s liable when third‑party integrations expose sensitive information. The outcome could reshape how platforms, vendors, and customers share responsibility for security in a cloud‑first world.

Analyst 207
CRM platform Risky Breach: Stunning Contact Exposure

CRM platform Risky Breach: Stunning Contact Exposure

Workday says its core systems were untouched, but a third-party CRM was breached — exposing business contacts that could fuel phishing, BEC and credential-stuffing attacks. Treat contact data as compromised: tighten MFA, audit integrations, and warn teams to watch for targeted social engineering.

Analyst 207
Salt Typhoon breach: Stunning, Risky National Threat

Salt Typhoon breach: Stunning, Risky National Threat

The Salt Typhoon breach of the National Guard is a stark wake‑up call—sophisticated attackers exploited systemic weak spots to expose sensitive data and erode trust. Fixing it will take urgent, coordinated action: modernizing systems, tightening authentication, and improving detection and transparency.

Analyst 207
ICEBlock privacy vulnerabilities: Stunning Risky Flaws

ICEBlock privacy vulnerabilities: Stunning Risky Flaws

ICEBlock markets itself as a privacy-first way to report ICE activity, but experts warn that device metadata, location services, push notifications, and cloud backups can still expose users. Approach the app with caution—ask for clear transparency, independent audits, and minimal permissions before relying on it.

Analyst 207