23andMe exposed genetic information of millions, lawsuit says

California has sued the former shell of DNA testing company 23andMe over alleged security failures and misleading statements surrounding its 2023 data breach. On May 27, 2026, Attorney General Rob Bonta filed suit in San Francisco Superior Court against Chrome Holding Co., the company now handlin...

False Security Confidence in Benign LLM Code Generation

Prior work has demonstrated that functionally correct yet vulnerable outputs arise systematically in threat-oriented settings, where adversarial or implicit channels are used to induce security failures in code agents and automated patching workflows. This note introduces a complementary but...

The Hack That Exposed Syria’s Sweeping Security Failures

When Syrian government accounts were hijacked in March, the breach looked chaotic. But it revealed something more troubling: a state struggling with the most basic layer of cybersecurity...

LummaC2 Infects North Korean Hacker Device Linked to Bybit Heist

LummaC2 infostealer infects North Korean hacker’s device, exposing ties to $1.4B Bybit heist and revealing tools, infrastructure and OPSEC failures...

NASCAR Confirms Medusa Ransomware Breach After $4M Demand

Medusa Ransomware breached NASCAR, demanded $4 million, leaked sensitive data including maps and staff info, exposing major security failures. The incident was exclusively reported by Hackread.com...

New whitepaper outlines the taxonomy of failure modes in AI agents

We are releasing a taxonomy of failure modes in AI agents to help security professionals and machine learning engineers think through how AI systems can fail and design them with safety and security in mind. The taxonomy continues Microsoft AI Red Team's work to lead the creation of systematizati...

On the Cyber Safety Review Board

When an airplane crashes, impartial investigatory bodies leap into action, empowered by law to unearth what happened and why. But there is no such empowered and impartial body to investigate CrowdStrikes faulty update that recently unfolded, ensnarling banks, airlines, and emergency services to t...

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

The US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. It was a serious attack by the Chinese government that accessed the emails of senior US government officials. From the executive summary: The Board finds that this intrusion was preventable...

Identity Thief Lived as a Different Man for 33 Years

Plus: Microsoft scolded for a “cascade” of security failures, AI-generated lawyers send fake legal threats, a data broker quietly lobbies against US privacy legislation, and more...

Citrix Gateway unable to connect to Citrix Endpoint Management Cloud server

Citrix Gateway unable to connect to Citrix Endpoint Management cloud server due to SSL certificate issue Symptoms include the below, STA shows down. Secure Hub fails in Enrollments Secure Hub fails to access store...

The High-Stakes Blame Game in the White House Cybersecurity Plan

The Biden administration’s new strategy would shift the liability for security failures to a controversial target: the companies that caused them...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick

cve-2022-44268-detector - detect malicious PNGs cve-2022-4426...

Relay races, batons, and techniques: How to improve your cloud security posture

In 2008, the US 4x100m relay team was the favorite to win the gold medal at the Beijing Olympics. Not a massive surprise, considering that team included the second fastest athlete in history, Tyson Gay. It was a great shock though when the team blundered on the last exchange, dropping the baton,...

When Security Takes a Backseat to Productivity

"We must care as much about securing our systems as we care about running them if we are to make the necessary revolutionary change." -CIA's Wikileaks Task Force. So ends a key section of a report the U.S. Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led ...

Company Detected Years-Long Breach Only After Hacker Maxed Out Servers' Storage

What could be even worse than getting hacked? It's the "failure to detect intrusions" that always results in huge losses to the organizations. Utah-based technology companyInfoTrax Systems is the latest example of such a security blunder, as the company was breached more than 20 times from May 20...

Securing the managed service provider (MSP)

Managed service providers MSPs have been a boon to midsize enterprise. They allow for offloading technical debt to an agent with the skills and resources to manage it, thereby giving an organization room to focus on growing a business, rather than the particulars of infrastructure. For a long...

Security Industry Failing to Establish Trust

MADRID—In other industries, failure is embraced as a learning opportunity. In security, not so much. Instead, it’s too often an opportunity to victim-shame, a chance to mock a corporate giant such as Equifax which recently lost 145 million customer records and had a CISO—albeit with a lengthy IT...

Frontline Takes On Wikileaks Scandal

The Wikileaks scandal has dominated headlines for the better part of two years, with revelations about the leak of classified military documents, diplomatic cables and more. Now PBS’s award-winning investigative news show, Frontline, is taking a crack at Julian Assange, Bradley Manning and the...

Some Advice for Howard Schmidt

It’s been little more than 24 hours since President Obama named Howard Schmidt his White House Cybersecurity Coordinator, but it didn’t take nearly that long for just about everyone with any interest in security to line up on one side or the other of the “he has no chance/he’ll save the Internet”...

DeluxeBB mutiple vulnerabilities

====================================================================== Advisory : DeluxeBB mutiple vulnerabilities Release Date : July 18th, 2006 Application : DeluxeBB Version : Deluxe 1.07 and previous versions Platform : PHP Vendor URL : http://www.deluxebb.com/ Authors : Jessica Hope...