In recent days, the US Justice Department and Pentagon have begun investigating an apparent online leak of sensitive documents, including some that were marked “Top Secret”. A portion of the documents, which have since been widely covered by the news media, focused on Russia’s invasion of Ukraine, while others detailed analysis of potential UK policies on the South China Sea and the activities of a Houthi figure in Yemen. The existence of the documents was first reported by the New York Times after a number of Russian Telegram channels shared five photographed files relating to the invasion of Ukraine on April 5 – at least one of which has since been found by Bellingcat to be crudely edited.

Samsung fab personnel reportedly used ChatGPT to optimize operations and create presentations, leaking confidential data to the third-party AI.

Vulkan engineers have worked for Russian military and intelligence agencies to support hacking operations, prepare for attacks on infrastructure and spread disinformation

C’est une faille banale qui a exposé les relevés de cartes bancaires de milliers d’entreprises suisses pendant 18 mois. Et ni l’entreprise qui émet les cartes concernées, ni les banques qui les fournissent à leurs clients ne comptent diffuser l’information. Motif? Le problème a été réglé et les recherches n’ont pas permis d’observer un accès indu aux informations. Une stratégie de communication qui interpelle, à l’heure où la sécurité des données devient un enjeu majeur pour les entreprises.

The startup shared millions of patients' personal information and health data with Google, Facebook, and TikTok.

The hacker claims the stolen data includes confidential presentations from Acer, along with software files for the company's PC products. Acer says consumer data was not breached.

LLaMA, Meta’s latest family of large language models, has been leaked along with its weights and is now available to download through torrents

Credit Suisse is telling its clients that sensitive personal information including social security identification and contact details has been compromised.

A security researcher told TechCrunch that a government server was exposing military emails to the internet because no password was set.

Resecurity notified several data center organizations about malicious cyber activity targeting them and their customers. The initial early-warning threat notification about this activity was sent around September 2021 with further updates during 2022 and January, 2023. Recent cyber-attacks on cloud service providers (CSPs) and managed services providers (MSPs) saw bad actors attempt to leverage a weakness in their cybersecurity supply chain with the goal of stealing sensitive data from their target enterprises and government organizations. Data centers are meaningful targets for attackers and an important element of the enterprise supply chain.

A source code repository allegedly stolen by a former employee of the Russian tech giant Yandex has been leaked online. A Yandex source code repository allegedly stolen by a former employee of the Russian IT giant has been leaked on a popular cybercrime forum. The announcement published on BreachForums includes a magnet link to the alleged […]

The list, which was discovered by a Swiss hacker, contains names and birth dates and over 1 million entries.

SweepWizard, an app that law enforcement used to coordinate raids, left sensitive information about hundreds of police operations publicly accessible.

Confidential details including child passport scans and SEN data is published online, the BBC finds.

No passwords, but plenty of stuff for social engineering and doxxing

Music-streaming service Deezer has owned up to a data breach, after hackers managed to steal the data of over 200 million of its users.