Thousands more Oregonians will soon receive data breach letters in the continued fallout from the TriZetto data breach, in which someone hacked the insurance verification provider and gained access to its healthcare provider customers across multiple US states. The breach occurred back in November 2024, with intruders snooping through protected health information and other sensitive personal information belonging to hundreds of thousands of patients and insurance policy holders. READ MORE...
The data breach notification service Have I Been Pwned says that a data breach at the U.S. food chain Panera Bread affected 5.1 million accounts, not 14 million customers as previously reported. Founded in 1987, the company operates nearly 2,300 bakery-cafes across 48 U.S. states and in Ontario, Canada, under the names Panera Bread or Saint Louis Bread Co. The ShinyHunters extortion gang claimed in late January that they had stolen information for over 14 million Panera Bread user accounts. READ MORE...
Suspected Chinese state-sponsored attackers hijacked the Notepad++ update mechanism by compromising the software project's shared hosting server and intercepting and redirecting update traffic destined for notepad-plus-plus.org, the software's maintainer Don Ho confirmed on Monday. In early December 2025, security researcher Kevin Beaumont said that he knew of three organizations that have had security incidents traced back to Notepad++ processes. READ MORE...
The GlassWorm malware has appeared on the Open VSX marketplace again, after a publisher's account was compromised in a supply chain attack, Socket reports. On January 30, a threat actor published malicious versions of four established VS Code extensions with over 22,000 combined downloads. The extensions contained code that would execute at runtime, evade systems with Russian locales, resolve command-and-control (C&C) data from Solana transaction memos, and run additional code. READ MORE...
"You're invited!" It sounds friendly, familiar and quite harmless. But in a scam we recently spotted, that simple phrase is being used to trick victims into installing a full remote access tool on their Windows computers-giving attackers complete control of the system. What appears to be a casual party or event invitation leads to the silent installation of ScreenConnect, a legitimate remote support tool quietly installed in the background and abused by attackers. READ MORE...
eScan antivirus users were infected with malware last week after hackers compromised an official update server, security researchers report. The eScan supply chain attack came to light on January 29, when cybersecurity firm Morphisec published a threat bulletin warning of rogue updates tampering with users' systems. "Malicious updates were distributed through eScan's legitimate update infrastructure, resulting in the deployment of multi-stage malware," Morphisec's bulletin reads. READ MORE...
Millions of devices used as proxies by cybercriminals, espionage groups and data thieves have been removed from circulation following Google's disruption of IPIDEA, a China-based residential proxy network. The reduction in available proxy devices came after Google's Threat Intelligence Group used legal action and intelligence sharing to target the company's domain infrastructure, Google said in a blog post Wednesday. READ MORE...
Earlier this month, Joseph Thacker's neighbor mentioned to him that she'd preordered a couple of stuffed dinosaur toys for her children. She'd chosen the toys, called Bondus, because they offered an AI chat feature that lets children talk to the toy like a kind of machine-learning-enabled imaginary friend. But she knew Thacker, a security researcher, had done work on AI risks for kids, and she was curious about his thoughts. READ MORE...
A threat actor is targeting exposed MongoDB instances in automated data extortion attacks demanding low ransoms from owners to restore the data. The attacker focuses on the low-hanging fruit, databases that are insecure due to misconfiguration that permits access without restriction. Around 1,400 exposed servers have been compromised, and the ransom note demanded a ransom of about $500 in Bitcoin. READ MORE...