JadePuffer: The First Complete LLM-Driven Ransomware Attack
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt other systems.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt other systems.
Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent
24 Billion Records Left Open Online: Passwords, Emails, and Everything Else Exposed database with 24 Billion records revealed stolen credentials from infostealers, Telegram channels, and breach collections, risking account takeovers. Cybernews researchers found an exposed Elasticsearch cluster on June 12th containing 24 billion records and more than 8.3 terabytes of data. They triple-checked the numbers. […]
Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the database. [...]
Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code execution, and data theft.
The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid. [...]
A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale
A former Coinbase customer service agent was arrested in India for helping hackers earlier this year steal sensitive customer information from a company database. [...]
The U.S. government has seized the 'web3adspanels.org' domain and the associated database used by cybercriminals to host bank login credentials stolen in account takeover attacks. [...]
Audio streaming platform SoundCloud has confirmed that outages and VPN connection issues over the past few days were caused by a security breach in which threat actors stole a database containing user information. [...]
Barts Health NHS Trust has announced that Clop ransomware actors have stolen files from a database by exploiting a vulnerability in its Oracle E-business Suite software. [...]
Health details, tax ID numbers, even images of checks were stolen, reportedly by the Interlock gang Ransomware scum breached kidney dialysis firm Davita's labs database in April and stole about 2.4 million people's personal and health-related information.…
An ongoing data extortion campaign targeting Salesforce customers may soon turn its attention to financial services and technology service providers, as ShinyHunters and Scattered Spider appear to be working hand in hand, new findings show
The Tea app data breach has grown into an even larger leak, with the stolen data now shared on hacking forums and a second database discovered that allegedly contains 1.1 million private messages exchanged between the app's members. [...]
Also, Swiss ransomware posture looks like its cheese, the CVE Program wants YOU, more sus checks and more Infosec In Brief A security researcher looking at samples of stalkerware discovered an SQL vulnerability that allowed him to steal a database of 62,000 user accounts. …
Incident responders suggested sweeping improvements following Active Directory database heist Exclusive Cybercriminals broke into systems belonging to the UK's NHS Professionals body in May 2024, stealing its Active Directory database, but the healthcare organization never publicly disclosed it, The Register can reveal.…
The Texas Department of Transportation (TxDOT) is warning that it suffered a data breach after a threat actor downloaded 300,000 crash records from its database. [...]
Exposes Details of Victims, 'Aggressive' Negotiations, Cryptocurrency AddressesOne year to the day after an international law enforcement operation unmasked and indicted the leader of the notorious LockBit ransomware group, a hacker has sent the group another love letter.
Some in the infosec world definitely want to see Big Red crucified CISA – the US government's Cybersecurity and Infrastructure Security Agency – has issued an alert for those who missed Oracle grudgingly admitting some customer data was stolen from the database giant's public cloud infrastructure.…
Victims' details at risk after criminals download 9,000 files from court database Australian police are currently investigating the theft of "sensitive" data from a New South Wales court system after they confirmed approximately 9,000 files were stolen.…