this week in security — october 12 2025 edition
Clop and ShinyHunters are extorting dozens of organizations, DHS reassigns CISA cyber staff to assist deportations, India exposed taxpayers' data, and more.
this week in security — october 5 2025 edition
ShinyHunters claim 1 billion stolen Salesforce records, Clop extorting tech execs with data stolen from Oracle apps, U.S. government shutdown, and much more.
Discord says users' government IDs used for age checks stolen by hackers
Thanks to age verification laws, expect more data breaches of users' government-issued passports and driver's licenses.
ICE buys tool that tracks millions of phone locations daily
The surveillance tool allows ICE agents to see "where almost everyone is."
this week in security — september 28 2025 edition
Cisco zero-days used to hack U.S. federal agencies, Secret Service raids SIM farms, U.K. plans mandatory IDs, Jaguar Land Rover bailed out after cyberattack.
this week in security — september 21 2025 edition
Jaguar Land Rover hack hurting U.K. economic security, Scattered Spider hacker charged, Entra ID 'god mode' bugs exposed users, Chrome zero-day, and more.
Cyberattack on check-in system sparks delays at European airports
The ransomware attack on a defense contractor's systems prevented traveler check-ins and baggage drops at airports in Europe. (Updated)
this week in security — september 14 2025 edition
U.S. tech giants helped build China's surveillance state, Salesloft breach post-mortem, Apple's new iPhone security tech helps counter spyware, Vietnam credit hack affects most citizens, and more.
Oura ring deal raises valid concerns about users' health data security
The government partnership sparked customer concerns about the security of data collected by Oura's wearable, even if the spark was a red herring.
How to read and understand a data breach notice
Understanding the contents of a data breach notice can help you take measured, reasonable action to protect yourself and others following a cybersecurity incident.
this week in security — august 31 2025 edition
Whistleblower says DOGE uploaded Social Security database to AWS, Salt Typhoon hacked 600+ companies globally, Salesloft cyberattack affects all Drift customers, TransUnion's data breach, and more.
Salesforce instances targeted in new 'widespread' wave of data thefts
Salesloft confirmed a security incident affecting customers who integrate cloud data with its Drift product, the latest wave of data thefts targeting Salesforce instances. (Updated)
