Google has confirmed that a recently disclosed data breach of one of its Salesforce CRM instances involved the information of potential Google Ads customers. "We're writing to let you know about an event that affected a limited set of data in one of Google's corporate Salesforce instances used to communicate with prospective Ads customers," reads a data breach notification shared with BleepingComputer. READ MORE...
A carmaker's online dealership portal has been found leaking the private information and vehicle data of its customers. This also meant that anyone with access could remotely break into a car. Researcher Eaton Zveare shared his discovery with TechCrunch. Although he said he has chosen not to disclose the vendor's name, he revealed that it is a well-known automaker with several popular sub-brands and more than 1,000 dealerships across the United States. READ MORE...
Connex Credit Union has informed authorities that a recent data breach impacts 172,000 individuals. Connex is one of the largest credit unions in Connecticut. The financial organization has more than 70,000 members and over $1 billion in assets. The Maine Attorney General's Office has received a copy of a notification letter that is being sent out by Connex to the 172,000 individuals whose data was included in files that may have been stolen recently by hackers from the company's systems. READ MORE...
On Saturday at DEF CON, security boffin Micah Lee explained just how he published data from TeleMessage, the supposedly secure messaging app used by White House officials, which in turn led to a massive database dump of their communications. As possibly the most secure end-to-end encrypted messaging app, Signal is used by everyone from security-conscious journalists to the former White House national security adviser Mike Waltz. READ MORE...
The U.S. Department of Justice charged four Ghanaian nationals for their roles in a massive fraud ring linked to the theft of over $100 million in romance scams and business email compromise attacks. The defendants were allegedly high-ranking members of a major international fraud ring based in Ghana that targeted companies and individuals across the United States between 2016 and May 2023. READ MORE...
For two years now, a Korean threat actor has been publishing malicious open source software (OSS) packages designed to steal credentials from spam marketers. Are you tired of shady, throwaway online accounts hocking cheap clickbait, artificial intelligence (AI) chum, republished copyrighted content, and outright scams, and aggressively boosting their low-grade drool by manipulating algorithms and purchasing fake engagement? Well, there's somebody here to help. READ MORE...
AI industry groups are urging an appeals court to block what they say is the largest copyright class action ever certified. They've warned that a single lawsuit raised by three authors over Anthropic's AI training now threatens to "financially ruin" the entire AI industry if up to 7 million claimants end up joining the litigation and forcing a settlement. Last week, Anthropic petitioned to appeal the class certification. READ MORE...
Researchers demonstrated that smart buses, the transportation vehicles that incorporate various systems to improve safety, efficiency, and passenger experience, can be remotely hacked. The findings were described on Friday at the DEF CON hacker convention by Chiao-Lin Yu of Trend Micro Taiwan and Kai-Ching Wang of CHT Security, a Taiwan-based MSSP. The researchers started digging into the cybersecurity of smart buses after noticing that free Wi-Fi was available for passengers. READ MORE...
ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components such as the Windows versions of its command line tools, UnRAR.dll, or the portable UnRAR source code, update right away to the latest release. According to ESET telemetry, malicious archives were used in spearphishing campaigns between July 18 to July 21, 2025, targeting companies in Europe and Canada. READ MORE...
James Lovell, a member of humanity's first trip to the moon and commander of NASA's ill-fated Apollo 13 mission, has died at the age of 97. Lovell's death on Thursday was announced by the space agency. "NASA sends its condolences to the family of Capt. Jim Lovell, whose life and work inspired millions of people across the decades," said acting NASA Administrator Sean Duffy in a statement on Friday. READ MORE...