A federal jury on Wednesday awarded plaintiffs suing Google $425 million in damages, holding that by collecting the data of users who had switched off an app activity tracking feature the tech giant invaded the privacy of millions. A class of 98 million people had alleged that Google for eight years collected, saved and used…
When three prominent vendors, Palo Alto Networks, ZScaler, and Cloudflare, announced on Tuesday that they were hit by a cyber attack, it was a stark reminder that today’s interconnected enterprise environment means that one vendor’s security hole can hurt users globally. Palo Alto said, “this supply chain attack impacted hundreds of organizations, including Palo Alto Networks”…
A recent cybersecurity assessment by Resecurity’s HUNTER Team uncovered a high-severity leak when Azure Active Directory (Azure AD) application credentials—specifically the ClientId and ClientSecret—were exposed in a publicly accessible appsettings.json file. This critical misconfiguration effectively hands attackers the digital keys to the cloud environment, enabling unauthorized token requests against Microsoft’s OAuth 2.0 endpoints and giving adversaries a direct path…
Jaguar Land Rover says a cyber-attack has “severely disrupted” vehicle production as well as its retail operation. The firm, which is owned by India’s Tata Motors, says it took immediate action to lessen the effect of the hack and is working quickly to restart operations. There was no evidence any customer data had been stolen,…
In a sweeping effort conducted between June and August 2025, INTERPOL led Operation Serengeti 2.0 targeting cybercrime networks across Africa. Investigators from 18 African countries alongside the United Kingdom collaborated to combat ransomware, online scams, business email compromise (BEC), and other significant cyber threats noted in INTERPOL’s Africa Cyberthreat Assessment Report. The three-month investigation, launched…
Google warns its 1.8 billion Gmail users about a new cybersecurity threat called indirect prompt injections, where hackers hide malicious commands in emails. Google warns of wave of new threats This threat affects not just people but also businesses and governments, in a post Google explained the danger, “With the rapid adoption of generative AI,…
American contract research organization Inotiv disclosed Monday that it became aware of a cybersecurity incident affecting certain of its systems and data earlier this month. Its preliminary investigation determined that a threat actor gained unauthorized access to, and encrypted certain of, the company’s systems, while investigations into the incident are ongoing. “Upon identifying encrypted systems, the…
Tenable®, the exposure management company, announced a significant expansion of its market-leading Tenable One platform with the launch of Tenable AI Exposure, a comprehensive solution to see, manage and control the risks introduced by generative AI. Unveiled at Black Hat USA 2025, these new capabilities provide an end-to-end approach that moves beyond discovery to include…
The growing popularity and complexity of AI is being used to lure investors into scams. Look out for these red flags to help keep your money safe: Unregistered/Unlicensed Investment Platforms Claiming to Use AI Investors should remember that federal and state securities laws generally require securities firms, professionals, exchanges, and other investment platforms to be…
CISA warned on Wednesday that attackers are actively exploiting two security vulnerabilities in N‑able’s N-central remote monitoring and management (RMM) platform. N-central is commonly used by managed services providers (MSPs) and IT departments to monitor, manage, and maintain client networks and devices from a centralized web-based console. According to CISA, the two flaws can allow…
