Security
Showing 12 of 110 articles · Page 1 of 10
Dashlane Breach: Hackers Steal Encrypted Password Vaults
Dashlane confirms a security breach where hackers stole several encrypted user vaults via a 2FA brute-force attack. Learn how to protect your data.
iFood Confirms Data Breach Impacting 1.2 Million Users
iFood confirms a data breach affecting 1.2 million users, involving names and CPF numbers. Investigation into IDOR vulnerability claims is ongoing.
Critical Meta Chatbot Flaw Allowed Mass Instagram Account Takeovers
A critical flaw in Meta's support chatbot allowed hackers to hijack Instagram accounts by spoofing locations and tricking the AI into changing account emails.
Google Chrome Debuts Device Bound Protection to Stop Cookie Hijacking
Google Chrome's new Device Bound Session Credentials link login cookies to your PC hardware, preventing hackers from hijacking accounts with stolen data.
Programming Blunder Exposes Spyware Attack Targeting Claude AI Users
A malicious npm package targeting Claude AI users was exposed after the hacker accidentally leaked their own GitHub token in the source code.
US Troops Targeted via Digital Ad Tracking Data
U.S. soldiers are facing missile and drone threats as adtech companies sell location data captured from personal mobile devices in war zones.
FROST Attack: How Websites Spy on Your SSD Activity via Browser Tabs
Discover how the FROST attack uses SSD activity and JavaScript to spy on your open tabs and apps without your consent.
Carnival Cruise Data Breach Exposes Information of 6 Million Customers
Carnival Cruise confirms a data breach affecting 6 million customers after a social engineering attack. ShinyHunters claims to have stolen terabytes of data.
New Security Risk: Attackers Poison SKILL.md Files for Prompt Injection
Security researchers reveal how simple modifications to SKILL.md files can lead to prompt injection and help attackers bypass AI detection mechanisms.
Google API Keys Remain Active After Deletion
Security research reveals Google API keys remain functional for up to 16 minutes after deletion, requiring a 30-minute safety window for security teams.
Missing Documents Lead to Release of R$800 Million Hackers in Spain
Brazilian hackers who stole R$800 million were released in Spain after Brazil missed an extradition deadline. Learn more about the procedural error.
Microsoft Accused of Intentional Backdoor in BitLocker Encryption
Researcher Nightmare-Eclipse claims Microsoft added a backdoor to BitLocker (CVE-2026-45585) affecting Windows 11 and Windows Server 2022/2025.