Tag

Data Leak

All articles tagged with #data leak

Apple Alarmed by Tata Electronics Breach Revealing iPhone 18 Pro Details
technology11 days ago

Apple Alarmed by Tata Electronics Breach Revealing iPhone 18 Pro Details

Reuters reports Apple is concerned after Tata Electronics, its Indian supplier, was targeted by a cyberattack that leaked confidential Apple documents related to the iPhone 18 Pro, including supplier lists, component designs, and drop-test images. Apple is investigating with Tata and preparing longer-term security measures, as the breach could affect its supplier relationships.

Meta pauses employee-tracking AI after internal data exposure
technology18 days ago

Meta pauses employee-tracking AI after internal data exposure

Meta has paused its Model Capability Initiative, an employee-tracking AI program, after sensitive data collected from workers—such as private conversations and performance data—was inadvertently exposed to the entire company. Meta says safeguards were in place and no data was definitively accessed, but the incident has renewed scrutiny of its AI security and follows other recent AI-related breaches at the company.

Meta Suspends AI Training After Internal Data Leak Sparks Employee Backlash
technology18 days ago

Meta Suspends AI Training After Internal Data Leak Sparks Employee Backlash

Meta has paused its Model Capability Initiative, an internal AI training program that used staff keystrokes and interactions, after a leak exposed private conversations, performance data, and transcriptions across the company. Meta says there’s no confirmed improper access but is investigating as the SEV 2 incident prompts employee backlash and follows other security incidents at the company.

technology1 month ago

Congress Demands Answers as CISA Struggles to Contain Contractor-Linked Data Leak

Lawmakers from both parties pressed CISA for answers after KrebsOnSecurity reported a contractor publicly posted plaintext credentials and AWS GovCloud keys to a GitHub account, triggering ongoing credential rotation and breach containment. Experts warn that exposed keys could enable access to code, CI/CD pipelines, and sensitive systems. CISA says it is rotating leaked credentials and coordinating with vendors, while lawmakers demand answers about internal policies amid leadership turnover and broader concerns about the agency’s security culture.

business2 months ago

GTA Leak Triggers Take-Two Stock Rally Worth About $1B

A hacker data dump from Rockstar Games leaked online, exposing earnings from Grand Theft Auto and Red Dead Redemption; in the day after the leak, Take-Two Interactive saw its stock rise about 2.6% to around $206.66 per share, boosting the company’s market value by roughly $1 billion to about $38 billion, though shares remain below their 52-week high amid market volatility.

Calendar invites expose private data through Google Gemini prompt injection
technology5 months ago

Calendar invites expose private data through Google Gemini prompt injection

Researchers demonstrated a prompt-injection attack against Google Gemini by embedding a malicious payload in a Google Calendar invite description. When the recipient asks Gemini about their schedule, the assistant executes the embedded instructions, creates a new event, and copies private meeting details into the event description, leaking sensitive data to the attacker. Google added mitigations after the disclosure, underscoring the need for context-aware defenses as AI assistants access calendar data.

Active Exploitation of Critical MongoDB Vulnerability CVE-2025-14847
database-security6 months ago

Active Exploitation of Critical MongoDB Vulnerability CVE-2025-14847

A critical vulnerability in MongoDB, CVE-2025-14847, allows unauthenticated attackers to remotely leak sensitive data by exploiting a flaw in zlib compression, with over 87,000 instances potentially affected worldwide. Users are advised to update their MongoDB versions and implement mitigations such as disabling zlib compression and restricting server exposure.

MongoBleed Vulnerability in MongoDB Now Actively Exploited in the Wild
technology6 months ago

MongoBleed Vulnerability in MongoDB Now Actively Exploited in the Wild

A critical security flaw called MongoBleed (CVE-2025-14847) in MongoDB servers is actively exploited in the wild, allowing attackers to leak sensitive data through malformed network packets before authentication, affecting many versions and exposing approximately 87,000 vulnerable instances worldwide. Immediate patching and monitoring are recommended.