A significant data breach has impacted TransUnion, one of the largest credit reporting agencies in the United States, compromising the personal information of over 4.4 million individuals.

A recent cyberattack on the U.S. federal court filing system, PACER, has been attributed to Russian government hackers. The breach has compromised sealed legal records and potentially exposed the identities of confidential informants.

A security researcher uncovered critical vulnerabilities in a major carmaker’s dealership web portal that allowed unauthorized creation of a national admin account. This access enabled full control over customer and vehicle data.

A new large-scale SMS phishing operation, dubbed Magic Mouse, has emerged following the takedown of the earlier scam campaign known as Magic Cat. Magic Mouse is now responsible for the theft of approximately 650,000 credit cards per month.

TeaOnHer, a male-oriented app mimicking the viral Tea app, has exposed sensitive user data including government-issued IDs and selfies. The app suffers from multiple security flaws that put its 53,000 users at risk.

U.S. insurance giant Allianz Life has confirmed a significant data breach that compromised the personal information of the majority of its 1.4 million customers, financial professionals, and select employees.

A significant data exposure incident has been identified involving the cybercrime forum Leak Zone, which inadvertently leaked the IP addresses and login timestamps of its users due to a misconfigured Elasticsearch database.

Researchers at Enea said that they have observed an unnamed surveillance vendor exploiting the new bypass attack as far back as late 2024 to obtain the locations of people’s phones without their knowledge.

Researchers discovered a surveillance vendor exploiting a new SS7 attack to covertly track individuals' phone locations. The attack bypasses telecom security measures to access cell tower data, enabling geolocation without user consent.

UK retail giant Co-op has confirmed a significant data breach that compromised the personal information of all 6.5 million of its customers. The breach is attributed to the cybercriminal group Scattered Spider.