University of Hawaii says a ransomware gang breached its Cancer Center in August 2025, stealing data of study participants, including documents from the 1990s containing Social Security numbers. […]
Target’s dev server offline after hackers claim to steal source code
Hackers are claiming to be selling internal source code belonging to Target Corporation, after publishing what appears to be a sample of stolen code repositories on a public software development platform. After BleepingComputer notified Target, the files were taken offline and the retailer’s developer Git server was inaccessible. […]
Apple confirms Google Gemini will power Siri, says privacy remains a priority
Apple and Google have confirmed that the next version of Siri will use Gemini and Google Cloud in a multi-year collaboration between the two tech giants. […]
n8n Supply Chain Attack Abuses Community Nodes to Steal OAuth Tokens
Threat actors have been observed uploading a set of eight packages on the npm registry that masqueraded as integrations targeting the n8n workflow automation platform to steal developers’ OAuth credentials.
One such package, named “n8n-nodes-hfgjf-irtuinvcm-lasdqewriit,” mimics a Google Ads integration, and prompts users to link their advertising account in a seemingly legitimate form and then
One such package, named “n8n-nodes-hfgjf-irtuinvcm-lasdqewriit,” mimics a Google Ads integration, and prompts users to link their advertising account in a seemingly legitimate form and then
Hidden Telegram proxy links can reveal your IP address in one click
A single click on what may appear to be a Telegram username or harmless link is all it takes to expose your real IP address to attackers due to how proxy links are handled. Telegram says it will add warnings to proxy links after researchers demonstrated that such one-click interactions could reveal a Telegram user’s real IP address. […]
Spanish energy giant Endesa discloses data breach affecting customers
Spanish energy provider Endesa and its Energía XXI operator are notifying customers that hackers accessed the company’s systems and accessed contract-related information, which includes personal details. […]
Microsoft is retiring the Lens scanner app for iOS, Android
Microsoft has started retiring the Microsoft Lens PDF scanner app for Android and iOS devices on Friday, January 9th, with plans to remove it from app stores next month. […]
Cyber Insights 2026: What CISOs Can Expect in 2026 and Beyond
Here we examine the CISO Outlook for 2026, with the purpose of evaluating what is happening now and preparing leaders for what lies ahead in 2026 and beyond.
The post Cyber Insights 2026: What CISOs Can Expect in 2026 and Beyond appeared first on SecurityWeek.
Prevent cloud data leaks with Microsoft 365 access reviews
Microsoft 365 has made file sharing effortless, but that convenience often leaves organizations with little visibility into who can access sensitive data. Tenfold explains how access reviews for shared cloud content can help organizations regain visibility, reduce unnecessary permissions, and prevent data leaks in Microsoft 365. […]
Instagram Fixes Password Reset Vulnerability Amid User Data Leak
The social media platform confirmed that the issue allowed third parties to send password reset emails to Instagram users.
The post Instagram Fixes Password Reset Vulnerability Amid User Data Leak appeared first on SecurityWeek.