Lucene search
K

29 matches found

HackRead
HackRead
added 2026/02/06 2:55 p.m.7 views

Flickr Notifies Users of Data Breach After External Partner Security Flaw

Flickr says a third-party email vendor flaw may have exposed user names, emails, IP data, and activity logs,…...

5.4AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/10/06 2:8 p.m.7 views

What Recent Cyber Attacks Reveal About Readiness in 2025

When we last wrote about the rising tide of cyberattacks hitting the retail sector, the headlines were already sobering: disruption at major brands, ransomware claims, and attackers showing a deep understanding of how to break into systems and exploit trust. But that was just the beginning. Since...

6.9AI score
Exploits0
HackRead
HackRead
added 2025/08/05 2:51 p.m.3 views

Pandora Cyber Attack Exposes Customer Data Via Third-Party Vendor

Pandora cyber attack exposes customer data via third-party breach. No passwords or payment info leaked, but phishing risks remain...

7.4AI score
Exploits0
HackRead
HackRead
added 2025/07/02 3:31 p.m.5 views

Qantas Confirms Major Data Breach Linked to Third-Party Vendor

Qantas has confirmed a data breach after attackers gained access through a third-party call centre platform, affecting millions…...

7.3AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2025/05/27 2:0 p.m.13 views

Retail Under Siege: What Recent Cyber Attacks Tell Us About Today’s Threat Landscape

When several major UK organizations, including well-known retail brands, found themselves caught in a cyber attack earlier this year, it made headlines. But this incident wasn’t the first, and it won’t be the last. It reflects a growing trend where attackers exploit third-party vendors to breach...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/06 11:17 a.m.20 views

Suspicious Minds: Insider Threats in The SaaS World

Everyone loves the double-agent plot twist in a spy movie, but it's a different story when it comes to securing company data. Whether intentional or unintentional, insider threats are a legitimate concern. According to CSA research, 26% of companies who reported a SaaS security incident were stru...

7.3AI score
Exploits0
HackRead
HackRead
added 2024/03/04 7:21 p.m.9 views

American Express Cardholders Impacted by Third-Party Vendor Data Breach

By Waqas Another day, another third-party data breach! This is a post from HackRead.com Read the original post: American Express Cardholders Impacted by Third-Party Vendor Data Breach...

7.3AI score
Exploits0
The Coalfire Blog
The Coalfire Blog
added 2023/09/28 7:14 p.m.13 views

Guardians of IoT: Safeguarding connectivity of input and output channels

Ensuring the security of the Internet of Things IoT demands a meticulous examination of industry-specific vulnerabilities and a profound comprehension of data handling. Have you taken the necessary steps to confirm that your chosen third-party security vendor possesses a comprehensive understandi...

7AI score
Exploits0
Ivanti
Ivanti
added 2023/02/14 7:22 a.m.8 views

SA40662 - Pulse Workspace data exposure

Problem A data exposure issue was discovered by a third party security research group where access to a small section of Pulse Secure customer data store on a recognized cloud service provider during the period of 11 AM to 2 PM on March 16, 2017. During this three-hour period, Pulse Secure has no...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/05 11:0 a.m.12 views

Software provider denied insurance payout after ransomware attack

The Supreme Court of Ohio issued a ruling days before the New Year that a software and service provider shouldn't be covered by insurance against a ransomware attack as it didn't cause direct or physical harm to tangible components of software, as it doesnt have any. "When insurance policy covers...

1.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/12/15 10:45 a.m.16 views

Uber data stolen via third-party vendor

Uber is facing a new cybersecurity incident after threat actors stole some of its data from Teqtivity, a third-party vendor that provides asset management and tracking services. "We are aware of customer data that was compromised due to unauthorized access to our systems by a malicious third...

0.8AI score
Exploits0
Talos Blog
Talos Blog
added 2022/11/08 2:33 p.m.22 views

The Company You Keep – Preparing for supply chain attacks with Talos IR

Given the increasing frequency of supply chain attacks, the sophistication of those attacks, and the expansion of the attack surface beyond an organizations direct control, incident preparedness and response activities must be considered in the overall supply chain risk mitigation strategy. Suppl...

7.1AI score
Exploits0
Trellix
Trellix
added 2022/08/25 12:0 a.m.17 views

A Door Isn’t a Door When It’s Ajar - Part 3

A Door Isn’t a Door When It’s Ajar - Part III By Trellix · August 25, 2022 This story was also written by Steve Povolny and Sam Quinn Contents Installing OnGuard by Third Party Vendor Exploitation and Hacking the Planet! Putting it all Together Building the Final Demo System The Demo Lessons and...

7.6AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2022/05/09 7:0 a.m.82 views

Upcoming improvements to Azure Data Factory and Azure Synapse Pipeline infrastructure in response to CVE-2022-29972

Executive Summary Microsoft recently mitigated and remediated a vulnerability affecting Azure Data Factory and Azure Synapse Pipelines. The vulnerability was found in the third-party ODBC data connector used to connect to Amazon Redshift, in Integration Runtime IR in Azure Synapse Pipelines, and...

7.8CVSS8.2AI score0.03686EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/04/20 6:35 a.m.28 views

Okta Says Security Breach by Lapsus$ Hackers Impacted Only Two of Its Customers

Identity and access management provider Okta on Tuesday said it concluded its probe into the breach of a third-party vendor in late January 2022 by the LAPSUS$ extortionist gang and that it was far more limited in scope. Stating that the "impact of the incident was significantly less than the...

7.2AI score
Exploits0
ThreatPost
ThreatPost
added 2021/06/25 9:31 p.m.107 views

Mercedes-Benz Customer Data Flies Out the Window

Ahh, the luxury of Mercedes-Benz cars: The high-end upholstery, plush carpeting, polished wood trim, LED mood lighting. “Even the scent signals that this vehicle is special,” as the automaker sighs. Of course, even a company like Mercedes-Benz can inadvertently fart out customer data. That’s what...

7AI score
Exploits0References11
ThreatPost
ThreatPost
added 2021/06/17 4:47 p.m.195 views

CVS Health Records for 1.1 Billion Customers Exposed

More than 1 billion records for CVS Health customers were left in the database of a third-party, unnamed vendor – exposed, unprotected, online. Researchers said the data points revealed could be strung together to create an extremely personal snapshot of someones’s medical situation. The glitch i...

7AI score
Exploits0References8
ThreatPost
ThreatPost
added 2021/03/03 9:15 p.m.179 views

Malaysia Air Downplays Frequent-Flyer Data Breach

Malaysia Airlines sent out an email to frequent flyer program members assuring them that there’s “no evidence” their personal data has been misused in the wake of a supply-chain attack via a third-party vendor. However, experts think that’s unlikely. And, they say the repercussions could be...

0.8AI score
Exploits0References7
Hacker One
Hacker One
added 2020/11/06 1:33 p.m.21 views

HackerOne: Stored XSS on https://events.hackerone.com

@nagli found a stored Cross-Site Scripting vulnerability in a 3rd party vendor that was used by HackerOne. This system did not contain any data related to reports submitted and stored on hackerone.com. HackerOne worked with the vendor to remediate the vulnerability. The report is partially...

0.5AI score
Exploits0
Hacker One
Hacker One
added 2020/06/13 3:13 p.m.1674 views

Greenhouse.io: SSH port on store.greenhouse.io is vulnerable to brute force attacks

Open SSH port found on third party vendor...

1.2AI score
Exploits0
Rows per page
Query Builder