Healthcare technology company Xsolis, Inc. has disclosed a data breach affecting nearly 1.4 million individuals. Tennessee-based Xsolis provides utilization management and revenue cycle solutions for hospitals, health systems, and payers. The company published a data security notice in early June, revealing that unauthorized activity was detected on its systems on January 22. The intrusion resulted from a targeted phishing attack carried out two days earlier. READ MORE...
You can change a password and cancel a card. But replacing a passport or driver's license number every time someone leaves yours unsecured in a vendor database isn't so easy. More than three million Texans are facing that problem after a data breach involving a vendor used by the Texas Parks and Wildlife Department (TPWD) to process hunting and fishing licenses. In an announcement confirming the breach, TPWD says the hackers gained access through the third-party vendor's systems. READ MORE...
LastPass announced that hackers accessed customer data from its Salesforce environment after stealing the company's OAuth tokens in the Klue supply chain attack earlier this month. The password management platform says its products, services, and infrastructure were not affected by the incident and that customer vaults remained secure. The investigation into the incident did not reveal any evidence that the attacker accessed Gong-related data, which typically includes customer calls and emails. READ MORE...
The threat actors behind the global "FortiBleed" credential harvesting campaign engineered a sniffer tool to compromise hundreds of thousands of FortiGate routers and turn them into passive stealers in a wave of attacks that's now known to be much broader than initially thought. Researchers from SOCRadar have unpacked the attack chain behind the ongoing threat campaign, which they believe is targeting more than 430,000 FortiGate firewalls globally. READ MORE...
A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under certain conditions, and can also trigger a denial-of-service condition in applications like Kodi, Emby, Nextcloud, PhotoPrism, and OBS Studio. The vulnerability is tracked as CVE-2026-8461 and is a heap out-of-bounds write in the MagicYUV decoder. It received a high-severity score of 8.8 and can be leveraged via a malicious video file in AVI, MKV, or MOV format. READ MORE...
Researchers have found that the recently discovered AryStinger botnet has quietly hijacked thousands of end-of-life D-Link routers and some network-attached storage (NAS) devices, turning them into a distributed scanning and proxy network that attackers can use to hide their activity and launch attacks against other targets. Having your devices under control of a botnet is not just a problem for the people being targeted. It can also put your own privacy and security at risk. READ MORE...
An international law enforcement operation disrupted a key cog in the cybercrime ecosystem and put a spotlight on the risks to enterprises posed by traffic distribution systems (TDSs). In the latest installment of the ongoing Operation Endgame, authorities seized 106 servers and many domains tied to SocGholish, a notorious malware framework that has plagued the Internet for nearly a decade as an initial-access broker for ransomware and other threats. READ MORE...
Scam websites are circulating across the internet with a pitch aimed at millions of gamers: a way to play Grand Theft Auto VI before its release. The pages promise early access for a few hundred dollars in cryptocurrency, ask buyers to enter a payment code, and claim the game will then unlock. These offers deliver nothing. "Any site claiming to sell GTA 6 early access is not authorized by Rockstar Games and should be treated as fraudulent unless Rockstar announces it through official channels. READ MORE...
Researchers found an eight-year old high severity vulnerability affecting nearly all Samsung devices from the Galaxy S9 to S25 living within the KNOX kernel. The flaw (CVE-2026-20971, CVSS 7.8) could be exploited through the interaction between PROCA and FIVE. PROCA, the process authenticator, is a proprietary subsystem in the kernel of the Samsung devices designed to prevent unauthorized processes from executing. READ MORE...
A Reddit comment that takes only a few seconds to write can end up influencing the answers generated by AI research tools. A Cornell Tech study found that a short snippet of user-generated text, sometimes as little as 13 words, was enough to affect the output of deep-research agents, AI systems that search the web, gather information from multiple sources, and generate reports with citations. The risks of relying on community-generated content are already familiar to many internet users. READ MORE...