security breach – Experimental News Clipping Site

Slashdot: Security Bug In India’s Income Tax Portal Exposed Taxpayers’ Sensitive Data

Oct 8, 2025

—

by

Source URL: https://it.slashdot.org/story/25/10/07/2136212/security-bug-in-indias-income-tax-portal-exposed-taxpayers-sensitive-data?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Security Bug In India’s Income Tax Portal Exposed Taxpayers’ Sensitive Data Feedly Summary: AI Summary and Description: Yes Summary: A significant security flaw in India’s income tax e-filing portal exposed sensitive personal and financial data for millions of taxpayers due to an Insecure Direct Object Reference (IDOR) vulnerability. This…

The Register: Police and military radio maker BK Technologies cops to cyber break-in

Oct 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/10/07/police_and_military_radio_maker_bk_admits_breach/ Source: The Register Title: Police and military radio maker BK Technologies cops to cyber break-in Feedly Summary: Florida comms outfit serving cops, firefighters, and the military says hackers pinched some employee data but insists its systems stayed online BK Technologies, the Florida-based maker of mission-critical radios for US police, fire, and defense…

The Register: Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried

Oct 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/10/06/microsoft_blames_medusa_ransomware_affiliates/ Source: The Register Title: Microsoft blames Medusa ransomware affiliates for GoAnywhere exploits while Fortra keeps head buried Feedly Summary: You can’t find anything bad if you don’t look, right? Medusa ransomware affiliates are among those exploiting a maximum-severity bug in Fortra’s GoAnywhere managed file transfer (MFT) product, according to Microsoft Threat Intelligence.……

The Register: Level-10 vuln lurking in Redis source code for 13 years could allow remote code execution

Oct 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/10/06/perfect_10_redis_rce_lurking/ Source: The Register Title: Level-10 vuln lurking in Redis source code for 13 years could allow remote code execution Feedly Summary: No evidence of exploitation … yet A 13-year-old critical flaw in Redis servers, rated a perfect 10 out of 10 in severity, can let an authenticated user trigger remote code execution.……

The Register: Cybercrims claim raid on 28,000 Red Hat repos, say they have sensitive customer files

Oct 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/10/02/cybercrims_claim_raid_on_28000/ Source: The Register Title: Cybercrims claim raid on 28,000 Red Hat repos, say they have sensitive customer files Feedly Summary: 570GB of data claimed to be stolen by the Crimson Collective A hacking crew claims to have broken into Red Hat’s private GitHub repositories, exfiltrating some 570GB of compressed data, including sensitive…

The Register: Salesforce facing multiple lawsuits after Salesloft breach

Sep 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/26/salesforce_class_actions/ Source: The Register Title: Salesforce facing multiple lawsuits after Salesloft breach Feedly Summary: CRM giant denies security shortcomings as claims allege stolen data used for ID theft Salesforce is facing a wave of lawsuits in the wake of a cyberattack that exposed customer data.… AI Summary and Description: Yes Summary: Salesforce is…

The Register: Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales

Sep 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/26/salesforce_agentforce_forceleak_attack/ Source: The Register Title: Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales Feedly Summary: More fun with AI agents and their security holes A now-fixed flaw in Salesforce’s Agentforce could have allowed external attackers to steal sensitive customer data via prompt injection, according to security researchers…

Slashdot: Neon Goes Dark After Exposing Users’ Phone Numbers, Call Recordings, Transcripts

Sep 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://yro.slashdot.org/story/25/09/25/221215/neon-goes-dark-after-exposing-users-phone-numbers-call-recordings-transcripts?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Neon Goes Dark After Exposing Users’ Phone Numbers, Call Recordings, Transcripts Feedly Summary: AI Summary and Description: Yes Summary: The emergence of the Neon app, which enabled users to monetize their phone call recordings while simultaneously offering data to AI companies, has raised significant security concerns following a critical…

The Register: Google warns China-linked spies lurking in ‘numerous’ enterprises since March

Sep 24, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/24/google_china_spy_report/ Source: The Register Title: Google warns China-linked spies lurking in ‘numerous’ enterprises since March Feedly Summary: Mandiant CTO anticipates ‘hearing about this campaign for the next one to two years’ Unknown intruders – likely China-linked spies – have broken into “numerous" enterprise networks since March and deployed backdoors, providing access for their…

The Register: EV charging biz zaps customers with data leak scare

Sep 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/23/dcs_data_breach/ Source: The Register Title: EV charging biz zaps customers with data leak scare Feedly Summary: Names, emails unplugged in DCS support snafu – but ‘billing is safe’ An electric vehicle charging point provider is telling users that their data may be compromised, following a recent security “incident" at a service provider.… AI…

Tag: security breach