#unencrypted-cloud-storage
#unencrypted-cloud-storage

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.

fromBoston.com

Signature Healthcare in Brockton hit by cybersecurity incident

Signature Healthcare is managing a cybersecurity incident, affecting some services while maintaining inpatient and emergency care.

Healthcare Executives Face a New Era of Personal Risk

Healthcare executives face heightened personal risks due to grievance-motivated cyber threats amid economic pressures and public accountability.

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

US Treasury secretary convened bank chiefs to address cybersecurity risks from Anthropic's AI model, Claude Mythos, which poses unprecedented threats.

Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users

A severe vulnerability in EngageLab's EngageSDK affects cryptocurrency wallet apps, risking exposure of sensitive user information.

Privacy technologies

fromYahoo Tech

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.

Cryptocurrency

fromnews.bitcoin.com

Treasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms

U.S. Treasury expands cybersecurity coordination with digital asset firms to enhance protections and integrate with traditional finance.

fromBoston.com

Signature Healthcare in Brockton hit by cybersecurity incident

Signature Healthcare is managing a cybersecurity incident, affecting some services while maintaining inpatient and emergency care.

Healthcare Executives Face a New Era of Personal Risk

Healthcare executives face heightened personal risks due to grievance-motivated cyber threats amid economic pressures and public accountability.

US summoned bank bosses to discuss cyber risks posed by Anthropic's latest AI model

US Treasury secretary convened bank chiefs to address cybersecurity risks from Anthropic's AI model, Claude Mythos, which poses unprecedented threats.

Microsoft Finds Vulnerability Exposing Millions of Android Crypto Wallet Users

A severe vulnerability in EngageLab's EngageSDK affects cryptocurrency wallet apps, risking exposure of sensitive user information.

Is your phone listening to you?

Phones are not listening to conversations; targeted ads are based on user behavior and interests.

US politics

2 hours ago

The Guardian view on AI politics: US datacentre protests are a warning to big tech | Editorial

Voters across the political spectrum are uniting against big tech's influence, particularly regarding AI datacentres and their environmental impact.

Data is a strategic asset and a strategic vulnerability

Data is a primary strategic asset in national security, transforming into both a powerful tool and a critical vulnerability.

fromEntrepreneur

Information security

How to Keep Your Company's Data Out of the Wrong Hands

fromNextgov.com

Data is a strategic asset and a strategic vulnerability

Data is a primary strategic asset in national security, transforming into both a powerful tool and a critical vulnerability.

fromEntrepreneur

Information security

How to Keep Your Company's Data Out of the Wrong Hands

more#data-security

#digital-sovereignty

fromComputerWeekly.com

Breaking the stranglehold: Responses to data sovereignty risk | Computer Weekly

UK and EU initiatives aim to enhance digital sovereignty and reduce reliance on US cloud providers.

DevOps

The digital sovereignty dilemma is a false choice - here's how enterprises can have both | Fortune

fromComputerWeekly.com

Breaking the stranglehold: Responses to data sovereignty risk | Computer Weekly

UK and EU initiatives aim to enhance digital sovereignty and reduce reliance on US cloud providers.

The digital sovereignty dilemma is a false choice - here's how enterprises can have both | Fortune

Organizations must ensure digital sovereignty by balancing local control with global technology access to remain resilient and competitive.

more#digital-sovereignty

AWS: Agents shouldn't be secret, so we built a registry

AWS Agent Registry enhances visibility and control over AI agents in corporate environments.

AWS put a file system on S3; I stress-tested it

AWS S3 Files allows mounting S3 buckets as NFS shares, providing solid conflict resolution and cost-effective storage options.

AWS: Agents shouldn't be secret, so we built a registry

AWS Agent Registry enhances visibility and control over AI agents in corporate environments.

AWS put a file system on S3; I stress-tested it

AWS S3 Files allows mounting S3 buckets as NFS shares, providing solid conflict resolution and cost-effective storage options.

US news

How AI is getting better at finding security holes

fromFast Company

Artificial intelligence

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Artificial intelligence

These niche AI startups are trying to protect the Pentagon's secrets | Fortune

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromThe Atlantic

Claude Mythos Is Everyone's Problem

Anthropic has developed a powerful AI tool, Claude Mythos Preview, capable of exploiting major cybersecurity vulnerabilities.

Anthropic says its latest AI model can expose weaknesses in software security

Claude Mythos exposes thousands of software vulnerabilities, prompting Anthropic to limit its release and collaborate with cybersecurity specialists.

fromwww.npr.org

US news

How AI is getting better at finding security holes

fromFast Company

Is Mythos a blessing or a curse for cybersecurity? It depends on whom you ask

Claude Mythos AI model may enhance cybersecurity defenses but also poses risks for hackers due to its ability to identify vulnerabilities and create exploits.

These niche AI startups are trying to protect the Pentagon's secrets | Fortune

AI companies face challenges in balancing technology use with government secrecy, highlighted by Anthropic's conflict with the Pentagon.

Anthropic's Mythos is a wake up call, but experts say the era of AI-driven hacking is already here | Fortune

Anthropic's Mythos AI model is too dangerous to release widely due to its ability to exploit software vulnerabilities.

fromThe Atlantic

Claude Mythos Is Everyone's Problem

Anthropic has developed a powerful AI tool, Claude Mythos Preview, capable of exploiting major cybersecurity vulnerabilities.

Anthropic says its latest AI model can expose weaknesses in software security

Claude Mythos exposes thousands of software vulnerabilities, prompting Anthropic to limit its release and collaborate with cybersecurity specialists.

Appeals court removes limits on DOGE access to SSA data despite 'alarming' revelations

A federal appeals court reversed restrictions on the Department of Government Efficiency's access to sensitive Social Security Administration data.

Law

fromIndependent

Computer engineer claims he was penalised for flagging Israeli links of firm given 'bananas' server access at top Irish cybersecurity company

A cyber-security firm reprimanded an engineer for discriminatory comments regarding an Israeli company's access to its servers amid concerns about Palestinian genocide.

#data-breach

After data breach, $10B valued startup Mercor is having a month | TechCrunch

Mercor faces significant challenges after a data breach, with hackers claiming to have stolen 4TB of sensitive data.

Los Angeles

Massive Data Breach Exposes 337K LAPD-Linked Records

A massive data breach in Los Angeles exposed 7.7 terabytes of sensitive LAPD records through a third-party discovery system.

300,000 People Impacted by Eurail Data Breach

Eurail is notifying over 300,000 customers about a data breach that exposed personal information, including names and passport numbers.

Capita's pension portal exposes civil servants' private data

Capita limited online functionality of the Civil Service Pensions Scheme member portal after a data breach exposed personal information of public sector workers.

Los Angeles

LAPD Records Hacked and Exposed

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

After data breach, $10B valued startup Mercor is having a month | TechCrunch

Mercor faces significant challenges after a data breach, with hackers claiming to have stolen 4TB of sensitive data.

Los Angeles

Massive Data Breach Exposes 337K LAPD-Linked Records

A massive data breach in Los Angeles exposed 7.7 terabytes of sensitive LAPD records through a third-party discovery system.

300,000 People Impacted by Eurail Data Breach

Eurail is notifying over 300,000 customers about a data breach that exposed personal information, including names and passport numbers.

Capita's pension portal exposes civil servants' private data

Capita limited online functionality of the Civil Service Pensions Scheme member portal after a data breach exposed personal information of public sector workers.

Los Angeles

LAPD Records Hacked and Exposed

Hackers steal and leak sensitive LAPD police documents | TechCrunch

Cybercriminals leaked sensitive LAPD documents online, including personnel files and internal investigations, allegedly by the extortion gang World Leaks.

more#data-breach

#social-media

Social media marketing

fromHer Campus

They Knew, They Didn't Care, & We Are All Paying For It

Social media platforms like Instagram have been found liable for mental health damage to young users, with internal documents revealing harmful strategies targeting teens.

Digital life

fromwww.dw.com

5 hours ago

Does age verification for social media help protect kids?

Governments are implementing age limits on social media to protect minors, but experts question the effectiveness of such measures.

Social media marketing

fromHer Campus

Intellectual property law

They Knew, They Didn't Care, & We Are All Paying For It

Social media platforms like Instagram have been found liable for mental health damage to young users, with internal documents revealing harmful strategies targeting teens.

Digital life

fromwww.dw.com

5 hours ago

Does age verification for social media help protect kids?

Governments are implementing age limits on social media to protect minors, but experts question the effectiveness of such measures.

more#social-media

fromElectronic Frontier Foundation

Comparison Shopping Is Not a (Computer) Crime

AI tools can help consumers find better prices, but Amazon is attempting to block them using legal claims.

World news

Microsoft hints at bit bunkers for war zones

Microsoft is redesigning datacenters in conflict-prone regions due to Iranian attacks targeting Middle Eastern facilities linked to US military operations.

Business intelligence

fromComputerWeekly.com

Hyperscaler datacentres set to dominate by 2031 | Computer Weekly

Hyperscalers are projected to dominate global datacentre capacity, reaching 67% by 2031, driven by AI growth.

Privacy technologies

13 hours ago

Your photos will be deleted': Apple users warned over nasty' iCloud storage scam

Scam emails impersonating Apple threaten users about full iCloud storage to steal personal and bank details.

fromPrivacy International

The Hidden Security Risks of Shadow AI in Enterprises

Shadow AI poses significant risks by allowing unregulated use of AI tools that can expose sensitive data and weaken security controls.

US news

Dangerous data

US police misuse warrantless access to personal data, leading to wrongful arrests and life-altering consequences for innocent individuals.

Cryptocurrency

$3.6 Million Stolen in Bitcoin Depot Hack

Bitcoin Depot reported a theft of approximately $3.6 million in bitcoin due to a cyber intrusion into its IT systems.

Google adds E2E encryption to Gmail for iOS and Android enterprise users

End-to-end encryption for Gmail on Android and iOS is now available for enterprise users, enhancing privacy and security for email communication.

fromComputerworld

Privacy technologies

Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises

fromTNW | Apps

Gmail's end-to-end encryption comes to mobile, a year after its web launch

Google has introduced end-to-end encryption for Gmail on Android and iOS, enabling secure email communication for mobile users.

Google adds E2E encryption to Gmail for iOS and Android enterprise users

End-to-end encryption for Gmail on Android and iOS is now available for enterprise users, enhancing privacy and security for email communication.

fromComputerworld

Privacy technologies

Google adds end-to-end Gmail encryption to Android, iOS devices for enterprises

fromTNW | Apps

Gmail's end-to-end encryption comes to mobile, a year after its web launch

Google has introduced end-to-end encryption for Gmail on Android and iOS, enabling secure email communication for mobile users.

more#gmail

fromComputerworld

Questions raised about how LinkedIn uses the petabytes of data it collects

LinkedIn users should limit identifiable data exposure and treat the platform as potentially hostile until BrowserGate allegations are verified.

#meta

EU data protection

UK Meta employee reportedly downloaded 30,000 private photos from Facebook users

Meta employee in London accused of downloading 30,000 private Facebook images

A former Meta employee is under investigation for downloading 30,000 private Facebook images using a program to bypass security checks.

UK Meta employee reportedly downloaded 30,000 private photos from Facebook users

A former Meta employee is under investigation for illicitly downloading 30,000 private photos from Facebook using software to bypass security.

Meta employee in London accused of downloading 30,000 private Facebook images

A former Meta employee is under investigation for downloading 30,000 private Facebook images using a program to bypass security checks.

Google Rolls Out Cookie Theft Protections in Chrome

Google introduces Device Bound Session Credentials in Chrome to enhance security against session cookie theft.

from24/7 Wall St.

The Real Reason Cloudflare Is Down 11% Today Has Nothing to Do With Insider Selling

Insider selling at Cloudflare is routine and does not indicate trouble; the real concern is competition from Anthropic's new AI offerings.

fromInfoWorld

AWS turns its S3 storage service into a file system for AI agents

S3 Files simplifies access to Amazon S3, enhancing its role as a primary data layer for AI and modern applications.

11 hours ago

Adobe Patches Reader Zero-Day Exploited for Months

Adobe released emergency patches for a critical zero-day vulnerability in Acrobat and Reader that has been exploited for several months.

fromPopular Science

How to stop your smart TV from tracking you

Smart TVs are capable of tracking user data, including viewing habits and app usage, which can lead to personalized advertising and content recommendations. Users may prefer to limit this tracking to protect their privacy.

Privacy technologies

fromTechzine Global

AWS S3 buckets now support file systems

S3 Files is built on Amazon EFS and automatically translates file system operations into S3 requests, allowing applications to work with S3 data without code changes.

DevOps

Rockstar Games has confirmed it was hit by third-party data breach

ShinyHunters claims to have breached Rockstar Games' servers, demanding payment to prevent data leaks.

Privacy technologies

Google Rolls Out DBSC in Chrome 146 to Block Session Theft on Windows

Google's Device Bound Session Credentials enhance security for Chrome users by tying authentication sessions to specific devices, combating session theft.

New FBI Warning: Chinese Apps Could Expose User Data

FBI warns Americans about potential data risks from foreign apps, especially those developed in China.

Hungary officials used weak passwords exposed in breach dump

An investigation by Bellingcat has uncovered close to 800 Hungarian government email and password pairings circulating in breach dumps, cutting across nearly every major ministry, from defense and foreign affairs to finance.

Information security

fromTechzine Global

2 weeks ago

European Commission investigates data breach in Amazon cloud

A data breach involving Amazon's cloud infrastructure has resulted in the theft of over 350 GB of data, with threats to publish it online.

fromSilicon Canals

6 days ago

Drone strikes on Gulf data centers reveal a $5 trillion infrastructure vulnerability no one planned for - Silicon Canals

The attacks forced a reckoning with one of the most consequential design flaws in global digital infrastructure: the concentration of military and civilian data on the same physical servers, in facilities that could become military targets the moment a conflict begins.

DevOps

fromInfoWorld

2 weeks ago

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

fromSilicon Canals

1 week ago

A money-transfer app stored customer passports on an unencrypted, publicly accessible server for nearly five years - Silicon Canals

Fintech companies face regulatory pressure to collect identity documents but lack enforceable obligations to protect them, leading to data breaches.

Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A critical flaw in the EngageLab SDK allowed malicious apps to exploit trusted permissions, affecting over 50 million Android users.

Two different attackers poisoned popular open source tools

Two major supply chain attacks in March compromised open source tools, stealing data from numerous organizations.

fromTNW | Offers

10 Best SOC 2 Compliance Software for 2026

SOC 2 compliance software automates security controls, streamlining the audit process and ensuring readiness in weeks instead of months.

from24/7 Wall St.

The "SaaS-Pocalypse" Continues: Cloudflare, ServiceNow, CrowdStrike Under Fire as Anthropic Rewrites the Rules

The release of Anthropic's AI security product has significantly impacted investor confidence in enterprise software companies, leading to sharp stock declines.

fromElectronic Frontier Foundation

Yikes, Encryption's Y2K Moment is Coming Years Early

Google has moved its quantum preparedness deadline for cryptography to 2029 due to advancements in technology.

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets

A security vulnerability in EngageLab SDK could have exposed millions of cryptocurrency wallet users to unauthorized data access.

MITRE Releases Fight Fraud Framework

"These incidents involve the intentional use of deceptive or illegal practices to fraudulently obtain money, assets, or information from individuals or institutions, and include actions carried out over cyber channels."

Information security

Hackers Exploit Adobe PDF Flaw for Months to Steal Data, No Fix Yet

Attackers exploit a zero-day vulnerability in Adobe Acrobat Reader to steal data and potentially take over systems using malicious PDF files.

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Google API keys in Android apps can be exploited to access Gemini AI endpoints, risking personal data exposure.

Data Leakage Vulnerability Patched in OpenSSL

Seven vulnerabilities in OpenSSL have been patched, including a moderate severity flaw that can lead to sensitive data leakage.

New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy

Chaos malware targets misconfigured cloud deployments, expanding its reach beyond routers and edge devices.

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.

fromSilicon Canals

When militaries share data centers with banks: how Gulf strikes exposed a structural flaw in global cloud infrastructure - Silicon Canals

When civilian banks, logistics platforms, and payment processors share physical data center infrastructure with military AI systems, those facilities become legitimate military targets under international humanitarian law - and the civilian services housed inside lose their legal protection.

Information security

[Webinar] How to Close Identity Gaps in 2026 Before AI Exploits Enterprise Risk

Identity programs are maturing, yet the risk from disconnected applications and AI agents is increasing for enterprises.

1 week ago

World Cloud Security Day: Breaking Down the State of the Cloud Cybersecurity and Physical Security

"World Cloud Security Day is a useful reminder to recognize how much cloud risk now comes down to everyday access decisions and overlooked misconfigurations," says James Maude, Field CTO at BeyondTrust.

Information security

6 days ago

Meta Pauses Work With Mercor After LiteLLM-Linked Data Breach - TechRepublic

Meta has paused work with Mercor due to a security breach linked to the LiteLLM supply chain attack.

1 week ago

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

3 weeks ago

Shadow AI Risk: How SaaS Apps Are Quietly Enabling Massive Breaches

All analyzed companies operate AI-enabled SaaS environments, with organizations averaging 140 such applications, creating cascading breach risks across interconnected systems.

Hundreds of Salesforce Customers Allegedly Targeted in New Data Theft Campaign

ShinyHunters targets Salesforce instances through social engineering and misconfiguration exploitation, not platform vulnerabilities, prompting Salesforce warnings about overly permissive guest user settings.

fromZDNET

Cybercriminals are using AI to attack the cloud faster - and third-party software is the weak link

AI accelerates vulnerability exploitation from weeks to days, forcing organizations to adopt AI-powered automated defenses against cloud attacks targeting weak third-party software.

fromBusiness Matters

7 Data Privacy Risks Leaders Miss in 2026

Organizations overlook seven critical privacy risks in 2026 that bypass security awareness, including public WiFi interception, malicious browser extensions, shadow AI tools, unencrypted messaging, credential reuse, unmanaged personal devices, and data retention gaps.

AI framework flaws put enterprise clouds at risk of takeover

Two Chainlit vulnerabilities enable arbitrary file reads and SSRF attacks, risking exposure of environment variables, credentials, and potential cloud takeover if not patched.

Study Uncovers 25 Password Recovery Attacks in Major Cloud Password Managers

Several major cloud-based password managers are vulnerable to multiple password recovery attacks enabling integrity breaches or full organizational vault compromise.