#vetting-documents

[ follow ]
#cybersecurity #data-breach #compliance #data-protection #privacy #ai #data-privacy #vulnerabilities #ai-security
#cybersecurity
fromTNW | Eu
1 day ago
Information security

European Commission breached after hackers poisoned open-source security tool Trivy

EU data protection
fromTechCrunch
2 days ago

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.
EU data protection
fromSecurityWeek
1 day ago

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Hackers stole over 300GB of data from the European Commission's AWS environment using a compromised API key from the Trivy supply chain attack.
Healthcare
fromSecurityWeek
6 days ago

Healthcare IT Platform CareCloud Probing Potential Data Breach

CareCloud experienced a cybersecurity incident that may have compromised patient information, but the impact is believed to be limited and manageable.
Information security
fromTNW | Eu
1 day ago

European Commission breached after hackers poisoned open-source security tool Trivy

A major data breach at the European Commission was caused by TeamPCP exploiting a supply chain attack on the Trivy security tool.
EU data protection
fromTechCrunch
2 days ago

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.
more#cybersecurity
US politics
fromArs Technica
16 hours ago

CBP facility codes sure seem to have leaked via online flashcards

Immigration offenses and internal systems of CBP are detailed in flashcards, highlighting procedures and responsibilities of agents.
#data-breach
Privacy professionals
fromSilicon Canals
2 days ago

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.
Healthcare
fromTechCrunch
5 days ago

Health data giant CareCloud says hackers accessed patients' medical records | TechCrunch

CareCloud experienced a data breach where hackers accessed patient electronic health records for over eight hours, but data exfiltration status remains unclear.
Privacy professionals
fromSilicon Canals
3 days ago

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.
EU data protection
fromTheregister
6 days ago

European Commission admits breach of public web systems

The European Commission confirmed a data breach affecting its public web infrastructure, with details on the extent and nature of the data taken remaining unclear.
Information security
fromTheregister
3 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
Privacy professionals
fromSilicon Canals
2 days ago

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.
Healthcare
fromTechCrunch
5 days ago

Health data giant CareCloud says hackers accessed patients' medical records | TechCrunch

CareCloud experienced a data breach where hackers accessed patient electronic health records for over eight hours, but data exfiltration status remains unclear.
Privacy professionals
fromSilicon Canals
3 days ago

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.
EU data protection
fromTheregister
6 days ago

European Commission admits breach of public web systems

The European Commission confirmed a data breach affecting its public web infrastructure, with details on the extent and nature of the data taken remaining unclear.
Information security
fromTheregister
3 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
more#data-breach
Privacy technologies
fromTNW | Insights
16 hours ago

LinkedIn secretly scans 6,000+ browser extensions and fingerprints your device

LinkedIn's hidden JavaScript routine collects extensive user data without disclosure, raising concerns about covert surveillance practices.
#delve
European startups
fromSilicon Canals
1 day ago

Compliance startup Delve removed from Y Combinator portfolio after anonymous whistleblower posts spark investor exodus - Silicon Canals

Delve has been removed from Y Combinator's portfolio due to serious allegations regarding its business practices and compliance misrepresentation.
fromTechCrunch
6 days ago
Venture

Delve whistleblower strikes again, with alleged receipts about 'fake compliance' | TechCrunch

European startups
fromSilicon Canals
1 day ago

Compliance startup Delve removed from Y Combinator portfolio after anonymous whistleblower posts spark investor exodus - Silicon Canals

Delve has been removed from Y Combinator's portfolio due to serious allegations regarding its business practices and compliance misrepresentation.
fromTechCrunch
6 days ago
Venture

Delve whistleblower strikes again, with alleged receipts about 'fake compliance' | TechCrunch

more#delve
Law
fromABA Journal
3 days ago

Sanctions ramping up in cases involving AI hallucinations

Monetary sanctions against attorneys for AI-generated hallucinations in case documents are increasing as courts take these issues more seriously.
Cryptocurrency
fromnews.bitcoin.com
1 day ago

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.
#ai-governance
fromComputerWeekly.com
4 days ago
EU data protection

AI-driven identity must exist in a robust compliance framework | Computer Weekly

Governance must precede AI adoption to avoid compliance failures and ethical risks in identity verification systems.
fromComputerworld
1 week ago
Artificial intelligence

AI regulations are already out of date - IT leaders need to think ahead

Establishing a solid AI governance foundation now can ease future compliance with evolving AI regulations.
more#ai-governance
DevOps
fromMedium
2 days ago

AWS Security and Compliance Quiz (25 Questions) with Detailed Answers - Cloud Practitioner Guide

Understanding AWS security services is essential for modern applications running on AWS.
Marketing tech
fromExchangewire
2 days ago

The Stack: AI Surges while Social Platforms Face Scrutiny

AI is growing rapidly, streaming models are evolving, and regulatory pressures on platforms are increasing globally.
Python
fromThe Hacker News
3 days ago

The State of Trusted Open Source Report

AI is reshaping software development and security, influencing container image usage and vulnerability management.
#ai
Privacy technologies
fromComputerWeekly.com
3 days ago

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.
Law
fromAdExchanger
4 days ago

AI Is Moving Fast. The Law, Not So Much | AdExchanger

AI technology is advancing rapidly, outpacing legal frameworks and creating challenges in regulation and data management.
Artificial intelligence
fromSecurityWeek
6 days ago

Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control

AI assistance in policy as code can introduce serious flaws, leading to incorrect access permissions despite syntactically valid policies.
Venture
fromSecurityWeek
3 days ago

Variance Raises $21.5M for Compliance Investigation Platform Powered by AI Agents

Variance raised $21.5 million for an AI platform focused on compliance and risk investigations, enhancing fraud detection and management for financial institutions.
Privacy technologies
fromComputerWeekly.com
3 days ago

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.
Law
fromAdExchanger
4 days ago

AI Is Moving Fast. The Law, Not So Much | AdExchanger

AI technology is advancing rapidly, outpacing legal frameworks and creating challenges in regulation and data management.
Artificial intelligence
fromSecurityWeek
6 days ago

Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control

AI assistance in policy as code can introduce serious flaws, leading to incorrect access permissions despite syntactically valid policies.
more#ai
Digital life
fromBig Think
5 days ago

3 ways to prove you're human online

Generative AI is rapidly increasing information production, leading to a potential scarcity of human-generated content and a need for new human verification methods.
Remote teams
fromTheregister
6 days ago

Security contractor blew the whistle on shabby support crew

Brad, a security contractor, faced challenges with antivirus alerts while working in a labor hire company's office without proper IT support.
Privacy professionals
fromPCMAG
16 hours ago

Use Perplexity? Lawsuit Accuses It of Sharing Personal Data With Google and Meta Without Permission

Perplexity faces a lawsuit for allegedly sharing user data with Google and Meta without consent, violating privacy rights.
EU data protection
fromEngadget
1 day ago

Ireland is testing out a digital wallet that conducts age verification for social media users

Ireland is trialing a Government Digital Wallet to verify user age for social media access, aiming for user-friendly design before its 2026 EU deadline.
Information security
fromTNW | Insights
1 day ago

KeeperDB brings zero-trust database access to privileged access management

Database credentials are a major attack vector, and KeeperDB integrates access controls into its PAM platform to enhance security.
US politics
fromwww.npr.org
2 days ago

As DOJ prepares to share state voter data with DHS, a key privacy officer resigns

The DOJ is acquiring sensitive voter registration data, raising privacy concerns, as a key privacy officer resigns amid ongoing legal challenges.
#openclaw
DevOps
fromInfoWorld
2 days ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
2 days ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
DevOps
fromInfoWorld
2 days ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
2 days ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
more#openclaw
Law
fromwww.npr.org
2 days ago

Penalties stack up as AI spreads through the legal system

Lawyers face increasing sanctions for using AI-generated errors in legal briefs, with over 1,200 cases reported, including significant fines for fictitious citations.
Cryptocurrency
fromFortune
3 days ago

Prediction markets caught insider traders in real time. Congress wants to shut them down anyway | Fortune

Prediction markets expose insider trading issues, offering transparency through blockchain technology, and should not be banned by legislation.
Digital life
fromExchangewire
5 days ago

Regulating Social Media: Where do we go from here?

Social media platforms are designed for addiction, prompting global legislative actions to restrict children's access.
#privacy
more#privacy
Privacy professionals
fromSilicon Canals
2 days ago

A money-transfer app stored customer passports on an unencrypted, publicly accessible server for nearly five years - Silicon Canals

Fintech companies face regulatory pressure to collect identity documents but lack enforceable obligations to protect them, leading to data breaches.
#meta
Law
fromTechCrunch
5 days ago

Meta was finally held accountable for harming teens. Now what? | TechCrunch

Meta has been held liable for endangering child safety and designing addictive apps, leading to significant legal consequences.
Information security
fromWIRED
2 days ago

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.
Law
fromTechCrunch
5 days ago

Meta was finally held accountable for harming teens. Now what? | TechCrunch

Meta has been held liable for endangering child safety and designing addictive apps, leading to significant legal consequences.
Information security
fromWIRED
2 days ago

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.
more#meta
fromComputerworld
2 days ago

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.
Information security
#ai-security
Information security
fromInfoWorld
3 days ago

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.
Information security
fromInfoWorld
3 days ago

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.
more#ai-security
fromTheregister
2 days ago

NHS staff resist using Palantir software

One official reportedly described Palantir as 'ethically bankrupt' in justifying his refusal to use the software, and noted that he knows of coworkers who deliberately slow their work pace when forced to use the system.
EU data protection
Information security
fromInfoWorld
2 days ago

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

TeamPCP exploited Trivy to access sensitive cloud credentials and data, creating significant vulnerabilities for organizations.
Privacy professionals
fromZDNET
3 days ago

I turned to PrivacyBee to clean up my data - here's how it made me disappear

PrivacyBee is preferred for its comprehensive data removal services and user-friendly management tools.
EU data protection
fromComputerWeekly.com
5 days ago

High Court dismisses judicial review against eVisa system | Computer Weekly

The High Court upheld the Home Office's eVisa system, ruling it lawful despite ongoing data issues and lack of alternative proof for immigration status.
Privacy professionals
fromThe Verge
3 days ago

Pinterest said he violated laid-off colleagues' privacy. Now he's going public

A former Pinterest engineer claims he was unjustly fired for sharing a tool that revealed employee layoffs.
#cyberattack
EU data protection
fromSecurityWeek
6 days ago

European Commission Reports Cyber Intrusion and Data Theft

The European Commission confirmed a cyberattack that compromised its cloud infrastructure, resulting in the theft of hundreds of gigabytes of data.
Privacy professionals
fromTechCrunch
4 days ago

Hasbro says it was hacked, and may take 'several weeks' to recover | TechCrunch

Hasbro confirmed a cyberattack, prompting system shutdowns and ongoing investigations, with potential operational disruptions lasting several weeks.
EU data protection
fromSecurityWeek
6 days ago

European Commission Reports Cyber Intrusion and Data Theft

The European Commission confirmed a cyberattack that compromised its cloud infrastructure, resulting in the theft of hundreds of gigabytes of data.
Privacy professionals
fromTechCrunch
4 days ago

Hasbro says it was hacked, and may take 'several weeks' to recover | TechCrunch

Hasbro confirmed a cyberattack, prompting system shutdowns and ongoing investigations, with potential operational disruptions lasting several weeks.
more#cyberattack
Information security
fromSecurityWeek
2 days ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
Privacy professionals
fromHer Campus
5 days ago

Who's Watching The Watchers? AI, Age Verification, And Online Privacy

Parents are increasingly concerned about children's exposure to harmful online content despite regulations like CIPA and platforms like YouTube Kids.
Information security
fromInfoQ
3 days ago

Open Source Security Tool Trivy Hit by Supply Chain Attack, Prompting Urgent Industry Response

A malicious release of the Trivy vulnerability scanner exposed critical weaknesses in software supply chain security, allowing for potential credential theft.
Information security
fromSecurityWeek
5 days ago

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.
Privacy professionals
fromMedCity News
2 weeks ago

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.
fromSecurityWeek
3 days ago

Mercor Hit by LiteLLM Supply Chain Attack

We believe that the compromise originated from the Trivy dependency used in our CI/CD security scanning workflow. Our security team moved promptly to contain and remediate the incident.
Information security
Information security
fromSecuritymagazine
5 days ago

The Rising Tide of Executive Protection: Corporations Ramp Up Security in an Era of Heightened Threats

Companies are increasingly investing in executive protection due to rising threats, making it a strategic necessity for business continuity and resilience.
Privacy professionals
fromTheregister
2 weeks ago

Age verification isn't sage verification inside OSes

California's Digital Age Assurance Act attempts age verification for minors but is vague, incoherent, and creates liability risks without clearly defining compliance requirements or addressing practical implementation across diverse computing devices.
Information security
fromTheregister
4 days ago

Claude Code's source reveals extent of system access

Claude Code has significant control over devices, raising concerns about data retention and potential misuse in sensitive environments.
Information security
fromThe Hacker News
2 weeks ago

Why Security Validation Is Becoming Agentic

Security validation tools operate in silos while attackers exploit interconnected systems, creating a structural blind spot that Agentic Exposure Validation can address through continuous, autonomous, context-aware assessment.
Information security
fromComputerWeekly.com
3 weeks ago

Vulnerability reports: Increase in quantity, decrease in quality? | Computer Weekly

Bug bounty programs face sustainability challenges due to increased low-quality submissions, prompting cURL founder Daniel Stenberg to shut down his HackerOne program and switch to GitHub for vulnerability reporting.
Information security
fromBusiness Matters
1 month ago

7 Data Privacy Risks Leaders Miss in 2026

Organizations overlook seven critical privacy risks in 2026 that bypass security awareness, including public WiFi interception, malicious browser extensions, shadow AI tools, unencrypted messaging, credential reuse, unmanaged personal devices, and data retention gaps.
fromThe Hacker News
2 months ago

New Research: 64% of 3rd-Party Applications Access Sensitive Data Without Justification

Research analyzing 4,700 leading websites reveals that 64% of third-party applications now access sensitive data without business justification, up from 51% in 2024. Government sector malicious activity spiked from 2% to 12.9%, while 1 in 7 Education sites show active compromise. Specific offenders: Google Tag Manager (8% of violations), Shopify (5%), Facebook Pixel (4%).
Information security
Information security
fromEntrepreneur
2 months ago

How to Keep Your Company's Data Out of the Wrong Hands

Data security requires keeping sensitive data local, restricting access strictly, and holding vendors to higher standards to prevent breaches, leaks, and legal exposure.
Information security
fromwww.housingwire.com
2 months ago

Reducing risk: The importance of administrative access responsibilities

Clearly defined and strictly managed administrative access reduces cybersecurity risk while preserving operational efficiency in real estate, title insurance, and mortgage systems.
[ Load more ]