Lawrence Abrams reports: An extortion group calling itself the Crimson Collective claims to have stolen nearly 570GB of compressed data across 28,000 internal development respositories, with the company confirming it was a breach of one of its GitLab instances. This data allegedly includes approximately 800 Customer Engagement Reports (CERs), which can contain sensitive information about a…
Category: Hack
Company that sells software for monitoring sex offenders, terrorists, and hackers was hacked (1)
Mikael Thalen reports: A company that sells spyware that monitors individuals on parole and probation had its data leaked to a cybercrime forum this week. The leak, according to an analysis by Straight Arrow News, exposed highly sensitive information regarding employees of the corrections system and those under court-ordered supervision. The affected company, RemoteCOM, describes itself…
London nurseries hit by hackers, data on 8,000 children stolen
James Pearson reports: Cybercriminals have stolen data on over 8,000 children attending nurseries in London operated by childcare provider Kido International, the hackers said on their dark web portal. The gang, which calls itself Radiant, evidenced its claim by publishing the names, photos, home addresses, and family contact information of 10 children it said attended…
Salesforce AI Hack Enabled CRM Data Theft
Eduard Kovacs reports: Prompt injection and an expired domain could have been used to target Salesforce’s Agentforce platform for data theft. The attack method, dubbed ForcedLeak, was discovered by researchers at Noma Security, a company that recently raised $100 million for its AI agent security platform. Salesforce Agentforce enables businesses to build and deploy autonomous AI agents…
Data Leak? Crypto.com Fires Back At ‘Unfounded’ Allegations
Christian Encila reports: According to Bloomberg and several other news outlets, Crypto.com has pushed back against a report that a 2023 breach exposed user details and was kept from authorities. The story centers on a hacking group known as Scattered Spider and a young suspect who, according to reports, used phishing and social engineering to access an employee account….
When “Goodbye” isn’t the end: Scattered LAPSUS$ Hunters hack on
“Goodbye isn’t the end. It’s the beginning of what happens next.” — Joshua Shaw Reading the news, I see some headlines suggesting that “Scattered LAPSUS$ Hunters” lied in their “Goodbye” message. One headline read, “Security Industry Skeptical of Scattered Spider-ShinyHunters Retirement Claims.” Another read, “Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims,” and…