SoundCloud confirmed a cyberattack that compromised data from 20% of its users, including email addresses and public profile information. The company quickly contained the breach and is enhancing its security measures to prevent future incidents. Misconfigurations caused temporary issues for some users on VPNs, but SoundCloud is working to resolve them.

Microsoft Copilot allows non-technical users to create AI agents easily, but this can lead to serious security vulnerabilities. A recent report shows how these agents can be manipulated to leak sensitive data and cause data exposure. The simplicity of deployment makes it easy for users to overlook necessary security measures.

Ledger customers were notified of a data leak involving personal information after third-party partner Global-e suffered a security incident. The exposed data includes customer names and contact details, but Ledger confirmed that its own systems remain secure and no payment information was compromised.

This article discusses the MongoBleed vulnerability (CVE-2025-14847), which allows attackers to read sensitive data from the heap memory of MongoDB databases. The vulnerability affects all versions since 2017 and can be exploited without authentication, posing significant risks to publicly-accessible instances.

This article discusses the alarming trend of users inadvertently sharing sensitive data, like passwords and credentials, on online code formatting tools. The authors reveal their investigation into two popular tools, JSONFormatter and CodeBeautify, where they uncovered thousands of exposed secrets due to a lack of user awareness about the shareable nature of saved content.

The article discusses the importance of keeping sensitive information out of logs to prevent data leaks and enhance security. It emphasizes implementing best practices for logging, such as avoiding the logging of sensitive data and using encryption to protect log files. Additionally, it highlights the need for regular audits to ensure compliance with privacy regulations.

A security flaw in the covert surveillance app Catwatchful exposed sensitive data, including email addresses and passwords, of 62,000 users due to a SQL injection vulnerability. While the app is marketed for parental monitoring, its stealth features raise concerns about misuse for malicious purposes.

Notorious image board 4chan has been hacked, resulting in the leak of sensitive internal data. The breach raises concerns about user privacy and security on the platform, which has a history of controversial content and activities. Investigations are underway to assess the extent of the damage and the implications for its users.

Hundreds of TeslaMate instances are exposed to the internet without authentication, leading to significant leaks of sensitive Tesla vehicle data, including GPS locations and trip details. The lack of built-in security measures poses a serious risk to Tesla owners, highlighting the importance of securing such applications. Users are urged to implement basic authentication and firewall restrictions to protect their data.

ShinyHunters has launched a new data leak site called Trinity of Chaos, targeting organizations that have fallen victim to ransomware attacks. This site aims to publicly expose sensitive information, continuing the group's trend of high-profile data breaches and data leaks, particularly in the wake of recent ransomware incidents affecting various sectors.

A recent Bloomberg report has revealed that a teenage hacker and his accomplice accessed a Crypto.com employee’s account, leading to a leak of users' personal data. Crypto.com stated that the breach affected a small number of individuals and confirmed that no customer funds were compromised.

A new tea app aimed at men is reportedly leaking personal data, including users' driver's licenses. Concerns have been raised about the app's security measures and the potential risks to user privacy. Experts are calling for immediate investigations and stronger data protection regulations.

The article discusses the recent discovery of popular Chrome extensions that are leaking user data through unencrypted connections. This raises concerns about user privacy and the security of sensitive information while using these extensions. Users are advised to be cautious and consider the risks associated with such tools.

An employee at Elon Musk's xAI accidentally leaked an API key on GitHub, which allowed unauthorized access to private large language models (LLMs) used by xAI for internal data from Musk's companies, including SpaceX and Tesla. Despite GitGuardian alerting xAI about the leak nearly two months prior, the key remained active until the repository was removed shortly after direct notification to the security team. Experts warn that the exposure of these internal models poses significant security risks, potentially allowing malicious actors to manipulate sensitive information.