Security
AI chatbots crawl website hundreds of times before sending a single actual visitor
Millions of crawls but just a few clicks – new data shows that AI chatbots are leeching attention away from publishers and site owners, harvesting their content but giving back very little traffic in return.
Read more about AI chatbots crawl website hundreds of times before sending a single actual visitor
433K US doctors’ data leaked online, hackers claim
Attackers claim the leaked details include everything from medical practitioners' names to home addresses. The Cybernews research team believes that the data could have come from a third-party service provider breach.
Read more about 433K US doctors’ data leaked online, hackers claim
Tea app says only 0.1% of users affected by breach – is it just the tip of the iceberg?
Tea Dating Advice, the “secure” platform for women to share sensitive information about their dates, has started sending breach notification letters a month after its much-publicized leak
Read more about Tea app says only 0.1% of users affected by breach – is it just the tip of the iceberg?
4chan and Kiwi Farms sue British regulator Ofcom over age verification
American internet forums 4chan and Kiwi Farms have sued the United Kingdom’s communication services regulator Ofcom over the recently adopted Online Safety Act.
Read more about 4chan and Kiwi Farms sue British regulator Ofcom over age verification
Users unaware their passkeys are hijacked, DEF CON 2025 shows
Passkeys were supposed to kill the password for good, but a new vulnerability revealed at DEF CON 2025 has shown the “golden solution” might have cracks of its own.
Read more about Users unaware their passkeys are hijacked, DEF CON 2025 shows
Cybercriminals preparing for scam bonanza ahead of FIFA World Cup 2026
Domains created to take advantage of the FIFA Club World Cup 2025 in the United States were recently found. It’s a sign of what’s to come for the big one – the 2026 World Cup.
Read more about Cybercriminals preparing for scam bonanza ahead of FIFA World Cup 2026
Breached accounts in 2025: the US has over 2M breaches in the first six months
According to Cybernews' Personal data leak checker tool, there were 20 times fewer breached accounts in the first half of 2025 than in the same period in 2024.
Read more about Breached accounts in 2025: the US has over 2M breaches in the first six months
AI becoming more dangerous in the hands of cybercriminals, Anthropic warns
The AI company Anthropic recently stopped a cybercriminal who used Claude Code to write phishing emails, create malicious code, and circumvent safety filters.
Read more about AI becoming more dangerous in the hands of cybercriminals, Anthropic warns
4M+ exposed in TransUnion third-party data breach
TransUnion, one of America’s top three credit reporting agencies, reveals that millions of its US customers were exposed after hackers breached a third-party application.
Read more about 4M+ exposed in TransUnion third-party data breach
International cyber coalition releases advisory on Chinese APT threats, Salt Typhoon tops list
A new joint cybersecurity advisory released on Wednesday by over a dozen international law enforcement organizations exposes the inner workings of Beijing-backed threat groups, with Salt Typhoon topping the list.
Read more about International cyber coalition releases advisory on Chinese APT threats, Salt Typhoon tops list
PR behemoth Singer Associates claimed by ransomware gang
A ransomware cartel has claimed the renowned crisis communications firm Singer Associates. The group shared snippets of data supposedly taken from the company.
Read more about PR behemoth Singer Associates claimed by ransomware gang
Critical security flaw in Chrome discovered by Google's own AI
Google has released an urgent Chrome update for all major platforms, fixing a critical security vulnerability.
Read more about Critical security flaw in Chrome discovered by Google's own AI
Massive attack hits Salesforce users: hackers exfiltrating data with stolen third-party app credentials
Hackers raided numerous corporate Salesforce instances by abusing compromised access tokens from Salesloft Drift integrations, a premium AI-powered conversational marketing platform. Cyber pros warn that OAuth tokens are becoming one of the biggest risks: unlike user sessions, they don’t expire.
Read more about Massive attack hits Salesforce users: hackers exfiltrating data with stolen third-party app credentials
Tencent sites leak sensitive credentials, expose backend to hackers
Cybernews researchers have discovered severe misconfigurations affecting two Tencent sites, exposing sensitive credentials and internal source code. The critical flaws could potentially grant full access to internal services and backend infrastructure within Tencent Cloud. Tencent explained after the publication that no data was exposed and that the findings relate to a honeypot deployed as a security test.
Read more about Tencent sites leak sensitive credentials, expose backend to hackers
Chinese apps are the most “data-hungry” out there, study finds
A study by Incogni, a company that offers information removal services from data brokers, shows that six out of the ten most popular apps in the United States are owned by Chinese tech companies. These apps aggressively collect Americans’ personal data to offer personalized ads and create user profiles, and often share it with other companies.
Read more about Chinese apps are the most “data-hungry” out there, study finds
DOGE whistleblower: entire Social Security database uploaded to open cloud, security experts speak out
A DOGE whistleblower reveals that staffers at the Trump-created agency uploaded an entire Social Security database to an insecure cloud server – compromising the records of hundreds of millions of Americans.
Read more about DOGE whistleblower: entire Social Security database uploaded to open cloud, security experts speak out
FCC cracks down on robocalls: 1,200 voice service providers axed
The Federal Communications Commission (FCC) has axed 1,200 voice service providers from the US phone network for failing to meet the rules protecting users from malicious and illegal calls, known as robocalls.
Read more about FCC cracks down on robocalls: 1,200 voice service providers axed
Fallout from MATLAB maker data breach: 10K+ users exposed
A ransomware attack on the Massachusetts-based mathematical software maker MathWorks exposed the personal details of thousands of users.
Read more about Fallout from MATLAB maker data breach: 10K+ users exposed
Massive Docker Desktop flaw grants hackers full Windows control
Docker Desktop contains a critical flaw that allows hackers to take over control of Windows computers running the software using just a few HTML requests.
Read more about Massive Docker Desktop flaw grants hackers full Windows control
New type of attack tricks AI summaries into pushing malware onto victims
Threat actors have found a new way to deliver ransomware by hiding malicious instructions in AI-generated content summaries. The target then executes a self-sabotaging command and is infected.
Read more about New type of attack tricks AI summaries into pushing malware onto victims
