DentaQuest data breach exposed info of 2.6 million accounts
…The security incident came to light last month, when the infamous extortion group ShinyHunters listed the company on its data leak site and claimed to have stolen more than 234 GB of…
Search
Spain arrests doxer leaking sensitive data of govt employees
…Arrest Doxing National Security Police Seizure Spain Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering open…
Suspicious Polyfill login prompts pop up on Toshiba, Muji websites
…Japanese media outlets reported that Zojirushi, FiNC Technologies, Ishiyaku Publishers, and online publishing brand Hobonichi were also impacted by the same issue. Security researcher Pasquale Pillitteri says that Samsung Smart TVs and…
Official CheckMarx Jenkins package compromised with infostealer
…Plugin Security Breach Supply Chain Supply Chain Attack Bill Toulas Bill Toulas is a tech writer and infosec news reporter with over a decade of experience working on various online publications, covering…
Path traversal flaw in AI dev platform Langflow exploited in attacks
…Although Tenable did not mention a fix in its advisory, Snyk Security reported on March 30, 2026, that the issue was fixed in the langflow-base package version 0.8.3, while…
Gogs patches critical zero-day enabling remote code execution
…Written in Go and designed as an alternative to GitHub Enterprise or GitLab, Gogs is often exposed online as a remote collaboration platform. Internet security watchdog Shadowserver currently tracks over 2,300…
CISA orders feds to patch max severity Joomla plugin flaw by Friday
…exposed online, whether exploitation can be automated for large-scale attacks, and whether it grants attackers partial or total control of the targeted system. Test every layer before attackers do Security teams…
VS Code zero-day lets hackers steal GitHub tokens in one click
…for any security bugs I found in VSCode." This follows another stream of zero-days in various Microsoft products disclosed by an anonymous security researcher using the 'Nightmare Eclipse' online handle who…
UK fines water supplier $1.3M for exposing data of 664k customers
…The ICO has found multiple security failures leading to this data exposure incident, including: Insufficient controls to prevent privilege escalation Monitoring covered only about 5% of the IT environment Use of obsolete…
Ransomware gang abuses Microsoft Teams relays to hide malicious traffic
…At this stage, the attacker strengthened their persistence, created rogue users, abused the LimitBlankPassword security policy in Windows for easy access, and modified firewall rules. Next, they used BYOVD techniques with multiple…