3.5 Million Affected by University of Phoenix Data Breach
University of Phoenix data breach The University of Phoenix has admitted that millions of individuals are affected by a data breach stemming from a recent attack on the company's Oracle E-Business Suite (EBS) instance. The Oracle EBS campaign, claimed by the Cl0p ransomware group but believed to have been carried out by a cluster of the FIN11 threat group, targeted more than 100 organizations, including major companies and universities. READ MORE...
Nissan Confirms Impact From Red Hat Data Breach
Japanese car maker Nissan has disclosed the impact of a data breach involving a GitLab instance used by the Red Hat Consulting team. The incident leading to the Nissan data breach occurred in late September and involved unauthorized access to a GitLab instance containing example code snippets, internal communications, and project specifications. A hacking group named Crimson Collective attempted to extort Red Hat, claiming the theft of 570 Gb of data from 28,000 private repositories. READ MORE...
Baker University says 2024 data breach impacts 53,000 people
Baker University has disclosed a data breach after attackers gained access to its network one year ago and stole the personal, health, and financial information of over 53,000 individuals. Founded in 1858, Baker University is a private university in Baldwin City, Kansas, with nearly 2,000 enrolled students (1,457 undergraduates) and over 300 employees. The school detected suspicious activity on its network after a December 2024 outage. READ MORE...
Poisoned WhatsApp API package steals messages and accounts
A malicious npm package with more than 56,000 downloads masquerades as a working WhatsApp Web API library, and then it steals messages, harvests credentials and contacts, and hijacks users' WhatsApp accounts. According to Koi Security, the lotusbail npm package has been available for download for six months, and it's especially dangerous because the code works. "This one actually functions as a WhatsApp API," Koi Security researcher Tuval Admoni said in a Sunday blog. READ MORE...
Malicious extensions in Chrome Web store steal user credentials
Two Chrome extensions in the Web Store named 'Phantom Shuttle' are posing as plugins for a proxy service to hijack user traffic and steal sensitive data. Both extensions are still present in Chrome's official marketplace at the time of writing and have been active since at least 2017, according to a report from researchers at the Socket supply-chain security platform. Phantom Shuttle's target audience is users in China, including foreign trade workers. READ MORE...
CISA warns of continued threat activity linked to Brickstorm malware
The Cybersecurity and Infrastructure Security Agency released new analysis of threat activity linked to Brickstorm malware, which has been used by a China-nexus threat group in a months-long campaign against multiple U.S. organizations. CISA's analysis included indicators of compromise and detection signatures for newly obtained Brickstorm samples, some of them based on the Rust programming language. READ MORE...
How to determine if agentic AI browsers are safe enough for your enterprise
Agentic AI browsers like OpenAI's Atlas have debuted to major fanfare, and the enthusiasm is warranted. These tools automate web browsing to close the gap between what you want to accomplish and getting it done. Rather than manually opening multiple tabs, you can simply tell the browser what you need. Ask it to file a competitor brief, filling out a form, or schedule a meeting, and it will handle the task while you watch. READ MORE...
Threat Actors Exploit Zero-Day in WatchGuard Firebox Devices
A zero-day vulnerability in WatchGuard Firebox firewalls is under active exploitation, marking the latest attacks against edge devices this month. WatchGuard disclosed the vulnerability, tracked as CVE-2025-14733, on Thursday, and the Cybersecurity and Infrastructure Security Agency (CISA) added it to its Known Exploited Vulnerabilities (KEV) catalog the following day. CVE-2025-14733 is a critical out-of-bounds write vulnerability in WatchGuard's Fireware OS. READ MORE...
- ...in 1929, jazz trumpeter and singer Chet Baker is born in Yale, OK.
- ...in 1947, the electrical transistor, which revolutionized the electronics field and paved the way for smaller and cheaper technology, is first demonstrated at Bell Labs.
- ...in 1964, Pearl Jam lead singer and songwriter Eddie Vedder is born in Evanston, IL.
- ...in 1984, Burt Rutan's experimental Voyager aircraft becomes the first to fly non-stop around the world without refueling.
