Tag: security

South Korea’s largest retailer, Coupang, has suffered a data breach that exposed the personal information of 33.7 million customers. The firm has warned on its Korean-language site that the incident occurred on June 24, 2025, but it only discovered it and began the investigation on November 18, 2025. “On November 18, 2025, Coupang became aware of […]

Written by Erin Bortz, Manager of Global Sales and Corporate Recruiting at Huntress In the ever-evolving landscape of cyber threats, a new and insidious danger is emerging, shifting focus from external attacks to internal infiltration. Hackers are now impersonating seasoned cybersecurity and IT professionals to gain privileged access within organizations. These aren’t just phishing attempts; they […]

Asahi Group Holdings, Japan’s largest beer producer, has finished the investigation into the September cyberattack and found that the incident has impacted up to 1.9 million individuals. The type of data compromised in the attack includes full names, genders, physical addresses, phone numbers, and email addresses, and could be used in phishing attempts. The incident was first disclosed […]

After scanning all 5.6 million public repositories on GitLab Cloud, a security engineer discovered more than 17,000 exposed secrets across over 2,800 unique domains. Luke Marshall used the TruffleHog open-source tool to check the code in the repositories for sensitive credentials like API keys, passwords, and tokens. The researcher previously scanned Bitbucket, where he found 6,212 secrets spread over 2.6 million […]

The French Football Federation (FFF) disclosed a data breach on Friday after attackers used a compromised account to gain access to administrative management software used by football clubs. After detecting the unauthorized access, FFF’s security team disabled the compromised account and reset all user passwords across the system. However, before they were detected and evicted from […]

Unrestricted large language models (LLMs) like WormGPT 4 and KawaiiGPT are improving their capabilities to generate malicious code, delivering functional scripts for ransomware encryptors and lateral movement. Researchers at Palo Alto Networks Unit42 experimented with the two LLMs that are seeing increased adoption among cybercriminals through paid subscriptions or free local instances. The WormGPT model originally […]

GreyNoise Labs has launched a free tool called GreyNoise IP Check that lets users check if their IP address has been observed in malicious scanning operations, like botnet and residential proxy networks. The threat monitoring firm that tracks internet-wide activity via a global sensor network says this problem has grown significantly over the past year, with many […]

OpenAI is notifying some ChatGPT API customers that limited identifying information was exposed following a breach at its third-party analytics provider Mixpanel. Mixpanel offers event analytics that OpenAI uses to track user interactions on the frontend interface for the API product. According to the AI company, the cyber incident affected “limited analytics data related to […]

A new Mirai-based botnet malware named ‘ShadowV2’ has been observed targeting IoT devices from D-Link, TP-Link, and other vendors with exploits for known vulnerabilities. Fortinet’s FortiGuard Labs researchers spotted the activity during the major AWS outage in October. Although the two incidents are not connected, the botnet was active only for the duration of the […]