Therapy Sessions Exposed by Mental Health Care Firm’s Unsecured Database

Video and audio of therapy sessions, transcripts, and other patient records were accidentally exposed in a publicly accessible database operated by the virtual medical company Confidant Health...

CVE-2023-4804

An unauthorized user could access debug features in Quantum HD Unity products that were accidentally exposed...

GHSA-HPV3-F5P7-PXJ9 Jenkins lambdatest-automation Plugin may expose Credentials access token

Jenkins lambdatest-automation Plugin 1.20.10 and earlier logs LAMBDATEST Credentials access token at the INFO level. This can result in accidental exposure of the token through the default system log. lambdatest-automation Plugin 1.21.0 no longer logs LAMBDATEST Credentials access token...

Cisco DNA Center 安全漏洞

Cisco DNA Center is a network management and command center service from Cisco USA. A security vulnerability exists in Cisco DNA Center that originates from the accidental exposure of sensitive information...

Design/Logic Flaw

Airtable.js is the JavaScript client for Airtable. Prior to version 0.11.6, Airtable.js had a misconfigured build script in its source package. When the build script is run, it would bundle environment variables into the build target of a transpiled bundle. Specifically, the AIRTABLEAPIKEY and...

MongoDB Leak Exposed Millions of Medical Insurance Records

An online database belonging to insurance marketing website MedicareSupplement.com was found exposing more than 5 million records with personal information. MedicareSupplement.com is a U.S.-based marketing site that allows users to find supplemental medical insurance available in their area...

Fighting Fire with Fire: API Automation Risks

Akamai research shows that 83 percent of all traffic on the web today are API calls JSON / XML. In many cases this fast growth can be attributed to the adoption and popularity of mobile devices and the mobile app ecosystem, as well as the abuse by threat actors using bots to automate their manual...

Lost BP Laptop Contains Financial Information on Thousands of Gulf Oil Spill Victims

Almost a year has passed since the Deepwater Horizon oil rig exploded and spewed three months of oil into the Gulf of Mexico. But less than six months after the beleaguered oil giant managed to cap that well, it is contending with a new spill of a different sort: the loss of personal information ...

Chaminade University Exposed Student SSNs

Human error is to blame for the accidental exposure last week of more than 4,500 Chaminade University student’s Social Security numbers on the private Catholic college’s official Web site. University officials discovered the snafu Wednesday and quickly removed the obscure but accessible links fro...