#data-breach

#data-breach

The settlement will provide $3.25 million US for Canada-based victims of the breach, which saw hackers gain access to customers' data including people in Canada in 2023.

In 2017, Rasnab gained access to the Amsterdam club's ticketing system, which was then operated in collaboration with Eventim. Through that system, he was able to view personal data of fans and employees, including data on club icon Sjaak Swart.

Based in Tehran, Emennet Pasargad is responsible for a variety of high-profile cyberattacks on Western organizations. Among these are attempted interference with US elections and attacks on the subscribers of French satirical magazine Charlie Hebdo, the Council stated.

A former DOGE software engineer told co-workers at their new job that he "possessed two tightly restricted databases of U.S. citizens' information" and was planning to use the information at his new company, according to the report, which added that the Social Security Administration's inspector general is investigating the whistleblower complaint.

According to BleepingComputer, a recent breach on LexisNexis gave hackers access to nearly 4 million database records, thousands of accounts, password hashes, and cloud records. The company admitted the hackers gained access by exploiting an unpatched React vulnerability in its systems.

The forum, known as LeakBase, had established itself as a central hub in the cybercrime ecosystem, specialising in the trade of leaked databases and so-called "stealer logs" - archives of stolen credentials harvested through infostealer malware. Accessible on the open web and operating in English, the platform combined elements of a forum and discussion board, enabling cybercriminals to buy, sell and exchange compromised data.

In the Oracle EBS hacking campaign, the Cl0p ransomware and extortion group exploited zero-day vulnerabilities to gain access to data stored by more than 100 organizations in the enterprise management software. Madison Square Garden (MSG), the world-famous arena located in New York City, was named by the hackers as a victim of the campaign in November 2025.

The main issue, Khan said, was that all apps that are vibe-coded on Lovable's platform are shipped with their backends powered by Supabase, which handles authentication, file storage, and real-time updates through a PostgreSQL database connection. However, when the developer - in this case AI - or the human project owner fails to explicitly implement crucial security features like Supabase's row-level security and role-based access, code will be generated that looks functional but in reality is flawed.