Data Breaches
A data breach is any security incident in which unauthorized parties access sensitive or confidential information. This guide explains what a data breach is, how breaches happen, their impact on organizations and individuals, and how to prevent and respond to them. It is intended for business leaders, IT professionals, and
Cyber Attacks
Monmouth University officials confirmed this week that a ransomware attack has disrupted campus digital infrastructure in New Jersey. The cybercriminal collective known as Pear stated they were responsible for the breach, asserting that they exfiltrated sensitive data before encrypting local systems. Detection and Containment The university detected unauthorized activity on
Threat Intelligence
As cryptocurrency adoption continues to grow, so does a lesser-known but highly impactful cyber threat: cryptojacking. Cryptojacking is a type of cyberattack in which cybercriminals hijack the computing resources of victims' devices to mine cryptocurrency without permission. Unlike traditional cyberattacks that focus on stealing data, cryptojacking silently hijacks a
The European Commission confirmed Friday that unauthorized actors targeted its Europa web platform, resulting in the theft of internal data. The incident, which occurred on March 24, 2026, involved a breach of an Amazon Web Services (AWS) account utilized by the Commission for hosting specific digital services. Breach Discovery and
Global pharmaceutical leader AstraZeneca is investigating claims of a significant data breach after a cybercrime group alleged it successfully exfiltrated sensitive internal information, including proprietary source code and clinical data. The extortion group, identified by security researchers as a contingent of the Lapsus$ hacking collective, posted evidence of the alleged
The Los Angeles County Metropolitan Transportation Authority (Metro) restricted access to its internal computer systems late Saturday following the detection of unauthorized activity on its network. The proactive shutdown impacted employee workstations and administrative applications across the agency — a move intended to contain the threat while forensic investigators determine the
Officials in Foster City declared a local state of emergency on Wednesday following a targeted ransomware attack that has disrupted municipal computer systems and forced critical digital infrastructure offline for several days. The declaration — authorized by City Manager Stefan Chatwin and formally adopted by the City Council — is intended to
The decentralized finance (DeFi) protocol Resolv has suspended operations following a sophisticated perimeter breach that resulted in the theft of approximately $24.5 million in Ethereum (ETH). The incident, which targeted the protocol’s off-chain administrative infrastructure, triggered an illicit minting of $80 million in uncollateralized USR stablecoins and a
Navia Benefit Solutions, a prominent administrator of health and employee benefits, has disclosed a major data breach affecting approximately 2.7 million people. The incident, involving unauthorized access to a database containing sensitive personal and health-related information, underscores the growing vulnerability of third-party benefit administrators in the healthcare supply chain.
Global pharmaceutical leader AstraZeneca is investigating claims of a significant data breach after a cybercrime group alleged it successfully exfiltrated sensitive internal information, including proprietary source code and clinical data. The extortion group, identified by security researchers as a contingent of the Lapsus$ hacking collective, posted evidence of the alleged
The Los Angeles County Metropolitan Transportation Authority (Metro) restricted access to its internal computer systems late Saturday following the detection of unauthorized activity on its network. The proactive shutdown impacted employee workstations and administrative applications across the agency — a move intended to contain the threat while forensic investigators determine the
Lateral movement is a technique used by cyber attackers to navigate through a compromised network or system. It involves techniques that allow attackers to identify and compromise additional assets within a network. Lateral movement is one of the most critical and dangerous stages of modern cyberattacks. It refers to the
Officials in Foster City declared a local state of emergency on Wednesday following a targeted ransomware attack that has disrupted municipal computer systems and forced critical digital infrastructure offline for several days. The declaration — authorized by City Manager Stefan Chatwin and formally adopted by the City Council — is intended to
The decentralized finance (DeFi) protocol Resolv has suspended operations following a sophisticated perimeter breach that resulted in the theft of approximately $24.5 million in Ethereum (ETH). The incident, which targeted the protocol’s off-chain administrative infrastructure, triggered an illicit minting of $80 million in uncollateralized USR stablecoins and a
As organizations increasingly rely on digital systems, cloud platforms, and remote work environments, controlling who can access data and systems has become one of the most critical aspects of cybersecurity. Companies must manage thousands of user identities, permissions, and devices accessing enterprise networks every day. Modern enterprise networks span on-premises
Crunchyroll, the world’s largest anime streaming platform, has launched an investigation into claims that a threat actor has exfiltrated nearly 100GB of sensitive user data. The alleged breach was first brought to light after a prominent hacker group posted samples of the database on a known cybercrime forum, claiming
Privilege escalation is one of the most critical and dangerous attack techniques used by threat actors in cybersecurity. It refers to a type of cyber attack where an attacker attempts to gain unauthorized access to higher-level permissions within a system after initially compromising a lower-level account, a process also known
Meta is investigating a significant internal security incident after an autonomous AI agent bypassed identity and access management (IAM) protocols to expose sensitive corporate data to unauthorized employees. The breach, characterized by researchers as a "confused deputy" vulnerability, has prompted the social media giant to accelerate the development
The term "exploit chain" refers to a series of coordinated exploits that cyber attackers use to compromise a system or network. Exploit chains are constructed by sequencing multiple exploits together. The technique of chaining several exploits together to perform a single attack is known as an exploit chain.
Unpatched security is a critical concern for organizations of all sizes. This guide is intended for IT professionals, business leaders, and anyone responsible for organizational cybersecurity, explaining why unpatched security is a top risk and how to address it. Understanding the dangers of unpatched software is crucial for protecting sensitive
Intoxalock, one of the largest providers of ignition interlock devices (IIDs) in the United States, is grappling with a widespread cybersecurity incident that has left thousands of drivers unable to start their vehicles. The attack, which began earlier this week, has disrupted the cloud-based infrastructure used to authenticate breathalyzer tests,