-
American First Finance, LLC, a Dallas-based financial services firm, suffered a significant insider breach when a recently terminated employee exploited unauthorized access to its production database. The incident, dubbed the FinWise insider breach, resulted in the exfiltration of sensitive customer records nearly 689,000 names, Social Security numbers, and other personal identifiers via direct SQL queries […] The post FinWise Insider Breach Exposes 700K Customer Records to Former Employee appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in Windows Boot Manager, known as bitpixie, enables attackers to bypass BitLocker drive encryption and escalate local privileges on Windows systems. The vulnerability affects boot managers from 2005 to 2022 and can still be exploited on updated systems through downgrade attacks, posing significant risks to enterprise security. Key Takeaways1. Bitpixie lets attackers bypass BitLocker […] The post Hackers Can Exploit Bitpixie Vulnerability to Bypass BitLocker Encryption and Escalate Privileges appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A sophisticated new campaign that represents the first documented real-world deployment of FileFix attacks beyond proof-of-concept demonstrations. This campaign marks a significant evolution in social engineering tactics, combining advanced steganograp…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A major supply chain attack dubbed “Shai-Halud” has impacted the JavaScript ecosystem by targeting over 477 NPM packages, raising serious concerns among developers and organizations relying on software from the Node Package Manager (NPM) re…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The cybersecurity landscape has witnessed a dramatic escalation in API-targeted attacks during the first half of 2025, with security researchers documenting over 40,000 API incidents across more than 4,000 monitored environments. This surge represents …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability nicknamed “BitPixie” in Windows Boot Manager allows attackers to bypass BitLocker drive encryption and escalate privileges, security researchers have revealed. The flaw exploits a weakness in the PXE soft reboot fea…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical vulnerability in the Linux kernel’s KSMBD implementation has been discovered that allows remote attackers to completely exhaust server connection resources through a simple denial-of-service attack. The flaw, tracked as CVE-2025-38501 …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The rise of large language models (LLMs) has revolutionized how we interact with technology, but their true potential has always been limited by their inability to interact with the real world. LLMs are trained on vast, static datasets, meaning they ha…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Luxury fashion company Kering has confirmed a data exfiltration incident in which threat actor Shiny Hunters accessed private customer records for Gucci, Balenciaga, and Alexander McQueen. The breach, detected in June but occurring in April, exposed personally identifiable information (PII) for an estimated 7.4 million unique email addresses. Key Takeaways1. PII and spend data of […] The post Hackers Stolen Millions of Users Personal Data from Gucci, Balenciaga and Alexander McQueen Stores appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Seraphic today announced at Fal.Con 2025 that its Secure Enterprise Browser (SEB) solution is now available for purchase in the CrowdStrike Marketplace, a one-stop destination for the world-class ecosystem of CrowdStrike-compatible security products. T…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
