Google confirmed that one of its cloud-stored Salesforce databases was breached, exposing its customer data. Google attributed the breach to a hacking group, ShinyHunters, known for breaking into Salesforce databases.
Cisco disclosed a data breach including customer names, organization names, addresses, email addresses, and phone numbers of Cisco.com users.
Security researchers say they have evidence that ransomware gangs are hacking into large companies that rely on fully-patched SonicWall firewalls. The researchers say it's likely the flaw is a "zero-day" bug currently unknown to SonicWall.
The discoveries by an AI-based bug hunter are significant, as it shows these tools are starting to get real results, even if they still need a human.
North Korean IT workers are increasingly using generative AI to draft resumes and "deepfake" their appearances to make money for North Korea's sanctioned nuclear weapons program.
The internet-connected sex toy maker said it fixed the vulnerabilities that exposed users' private email addresses and accounts to takeovers, but said it was also planning to take legal action following the disclosure.
German authorities said they have seized the servers used by the long-running ransomware gang, BlackSuit, which is blamed for cyberattacks across Europe and the U.S., including the City of Dallas.
The U.S. insurance giant tells state regulators that Social Security numbers were among the personal information stolen in its mid-July cyberattack.
Gov. Tim Walz activated the state military's cyber forces to help ensure public services continue to run as the city of Saint Paul battles an ongoing cyberattack.
Google said it has "never built a backdoor" for its services, but refused to rule out that it had received a secret U.K. surveillance order demanding access to encrypted data.
The telecom giant, one of the largest in the world with customers in Europe and Africa, said customers are experiencing ongoing disruption to its services due to an unspecified hack.
A security researcher went public after the sex toy maker asked for more than a year to fix the vulnerabilities, which leak users' private email addresses and allow for accounts to be hijacked.
The top cybersecurity official in New York told TechCrunch in an interview that Trump's budget cuts are going to put the government at risk from cyberattacks, and will put more pressure on states to secure themselves.
Russian prosecutor said it opened a criminal investigation into the cyberattack targeting Aeroflot, the largest airline in Russia.
Exclusive: Allianz Life said the "majority" of its customers and employees had data stolen in the July cyberattack. The company said it has notified the FBI.
Google has suspended the Firebase account of Catwatchful following a TechCrunch investigation. The spyware operation was caught using Google's own servers to host and run its surveillance app, which was stealthily monitoring thousands of people's phones.
Exclusive: The popular "leaking and cracking" forum left one of its databases exposed to the internet without a password, exposing the IP addresses of its users logging in.
"We're getting a lot of stuff that looks like gold, but it's actually just crap,â said the founder of one security testing firm. AI-generated security vulnerability reports are already having an effect on bug hunting, for better and worse.
One of the hacked organizations reportedly includes the U.S. agency responsible for maintaining the country's stockpile of nuclear weapons. China-backed hackers have been observed carrying out the hacks targeting SharePoint servers.
Researchers say Apple sent out threat notifications to several Iranians in recent months, saying their iPhones had been hacked. Iran is likely behind the attacks.
Experts applauded the proposed change, which would require ransomware victims to notify authorities when paying a hacker's ransom, arguing that this information can help catch cybercriminals and stop their activities.
The tech giants have evidence that Chinese hackers are exploiting the new bug, but warned "multiple actors" are also hacking into affected SharePoint systems.
The spyware maker was banned from the surveillance industry in 2021, but was caught flouting the ban less than a year later. Now the founder wants the ban lifted altogether.
Thousands of SharePoint servers could be vulnerable to hackers, according to cybersecurity firms.
Security researchers say Microsoft customers should take immediate action to defend against the ongoing cyberattacks, and must assume they have already been compromised.
These are our favorite cybersecurity books, both by fiction authors, as well as journalists and researchers.Â
AI tools are increasingly asking for gross levels of access to your personal data under the guise of needing it to work.
The new SS7 bypass-attack tricks phone operators into disclosing a cell subscriber's location, in some cases down to a few hundred meters.
The bug in the modified messaging app can expose users' âplaintext usernames, passwords, and other sensitive data,â per GreyNoise.
Chainalysis said crypto thefts during the first half of 2025 were at record levels, thanks in large part to a single breach at a major crypto exchange.
The U.S. cybersecurity agency gave federal agencies just one day to patch a security bug in Citrix Netscaler, which can be exploited to break into corporate and government networks.
Security researchers found two flaws in an AI-powered chatbot used by McDonaldâs to interact with job applicants.
The U.K. National Crime Agency said the suspects are in custody in relation to the hacks targeting Marks & Spencer, Harrods, and the Co-op.
These carrier security settings can prevent your phone number from being hijacked or stolen.
Accused hacker and Chinese national Xu Zewei was arrested in Italy at the request of U.S. prosecutors.
The retail giant's chair confirmed the breach was caused by ransomware.
Ingram Micro is one of the largest distributors of tech and cloud products.
The spyware operation's exposed customer email addresses and passwords were shared with data breach notification service Have I Been Pwned.
Using stalkerware is creepy, unethical, potentially illegal, and puts your data and that of your loved ones in danger.
Qantas, the largest airline in Australia, confirmed the theft of 6 million customers' personal information.
US prosecutors indicated a total of 13 people involved in the fraudulent scheme to steal and launder money for North Koreaâs nuclear weapons program.
The watchdog revealed the 2018 incident as part of an audit of the FBI"s counter-surveillance efforts.
The fresh wave of attacks targeting airlines comes soon after the hackers hit the U.K. retail sector and the insurance industry.
Kai West was arrested in France, along with four other hackers, all suspected of being part of the well-known hacking forum, BreachForums.
DHS said low-level cyberattacks targeting U.S. networks are "likely" in the wake of military conflict between the US and Israel, and Iran.
Salt Typhoon previously hacked phone and telco giants across the United States.
The U.S. insurance giant provides supplemental insurance to around 50 million customers.
The government cited the recent hacks on Bank Sepah and cryptocurrency exchange Nobite as reasons to shut down internet access to virtually all Iranians.
It's the latest cyberattack on Iran claimed by a pro-Israeli hacking group since the latest flare up in tensions between the two countries.
The apparent cyberattack comes as Israel and Iran engage in a days-long escalating military conflict.
Whole Foods and other grocery stores reported shortages following the cyberattack
The personal data includes customer names, phone numbers, and car registration numbers.
23andMe holds millions of customers' genetic information. Here's what you can do to protect your data.