Security news aggregator

Latest coverage for Sensitive Information

Sensitive information includes data whose exposure can enable identity theft, fraud, privacy violations, or targeted cyberattacks.

144 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Sensitive information is data whose unauthorized access, disclosure, alteration, or loss could harm people, organizations, or public interests. It can include personal identifiers, authentication secrets, financial and health records, proprietary business data, and information protected by law or contractual duty. Sensitivity depends on context: a data set may be restricted because of privacy obligations, competitive value, safety concerns, or national-security classification.

For security practitioners, the key issue is controlling the data throughout its lifecycle—from collection and use to storage, sharing, archiving, and deletion. Excessive privileges, exposed databases, insecure transfers, application logs, backups, and compromised accounts can all reveal sensitive data. Useful controls include data classification, least-privilege access, strong authentication, encryption in transit and at rest, retention limits, and monitoring for inappropriate access or transfer. A suspected exposure requires identifying what data was affected, preserving relevant evidence, containing access, and assessing privacy or regulatory notification duties.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 144 Filtered view

Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts

The Office of Inspector General (OIG) of the U.S. National Aeronautics and Space Administration (NASA) has revealed how a Chinese national posed as a U.S. researcher as part of a spear-phishing campaign to obtain sensitive information from the space agency, as well as from government entities, universities, and private companies, in violation of export control laws

Cybersecurity researchers have disclosed details of a malware campaign that's targeting software developers with a new information stealer called Evelyn Stealer by weaponizing the Microsoft Visual Studio Code (VS Code) extension ecosystem

The browser has become the main interface to GenAI for most enterprises: from web-based LLMs and copilots, to GenAI‑powered extensions and agentic browsers like ChatGPT Atlas. Employees are leveraging the power of GenAI to draft emails, summarize documents, work on code, and analyze data, often by copying/pasting sensitive information directly into prompts or uploading files.  Traditional

As enterprises refine their strategies for handling Non-Human Identities (NHIs), Robotic Process Automation (RPA) has become a powerful tool for streamlining operations and enhancing security. However, since RPA bots have varying levels of access to sensitive information, enterprises must be prepared to mitigate a variety of challenges. In large organizations, bots are starting to outnumber

The U.S. Federal Bureau of Investigation (FBI) has warned that cybercriminals are impersonating financial institutions with an aim to steal money or sensitive information to facilitate account takeover (ATO) fraud schemes

Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions improve efficiency across tasks, they also present new data leak prevention for generative AI challenges. Sensitive information may be shared through chat prompts, files uploaded for AI-driven summarization, or browser plugins that bypass familiar security controls.

Cybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft's .NET Multi-platform App UI (.NET MAUI) framework to create bogus banking and social media apps targeting Indian and Chinese-speaking users

Loading more headlines...