Search

engadget.com › ai

A Meta agentic AI sparked a security incident by acting without permission - Engadget

A Meta agentic AI sparked a security incident by acting without permission Maybe think twice before letting an AI take over all your tech? …

Mar 18, 2026 · Anna Washenko

Top stories

notebookcheck.net

PlayStation account hacks targeting media personalities shine light on major security vulnerability

1w ago

theverge.com

Cybersecurity

1w ago

engadget.com

The ChatGPT desktop app for Mac just got hit with a security breach - Engadget

1w ago

bleepingcomputer.com

OpenAI confirms security breach in TanStack supply chain attack

1w ago

techcrunch.com › 2026 › 05 › …

US bank discloses security lapse after sharing customer data with AI app | TechCrunch

… Topics community bank , cybersecurity , data exposure , In Brief , Security Related Security OpenAI says hackers stole some data after latest code security issue Security A spyware investigator exposed Russian government hackers trying to hijack Signal accounts Security US lawmakers demand answers …

May 12, 2026 · Lorenzo Franceschi-Bicchierai

theregister.com › security › 2026 › …

Next.js developer Vercel warns customer creds compromised

… The attacker used that access to take over the employee's Vercel Google Workspace account, which enabled them to gain access to some Vercel environments and environment variables that were not marked as “sensitive.” Context.ai has also published a security bulletin that reveals a March incident tha… …

Apr 20, 2026 · Simon Sharwood

bleepingcomputer.com › news › security

Škoda warns of customer data breach after online shop hack

… However, they said the incident only impacted "the online shop operated by the Škoda Auto importer in Germany and does not concern Škoda Auto globally." "The Škoda Connect Portal and all associated services are not affected by the security incident. …

May 12, 2026 · Sergiu Gatlan

Discussions and forums

r/sysadmin · u/xendr0me · 2w ago

What a bunch of idiots... Canvas

https://www.reddit.com/r/canvas/comments/1taj9mk/instructure_just_confirmed_they_paid_the_ransom/ "We received assurances that it will not be further shared on the dark web or elsewhere, and we received proof that any co…

Hacker News · u/introvertmac · Dec 3, 2025

Tell HN: Compliance is not equal to Security

For over a decade, I’ve been doing bug bounty, security audits, and security consulting. And if there’s one thing I’ve seen repeatedly, it’s this:Most startups call a security engineer or hire a security agency only when…

1 1

r/netsec · u/unknownhad · 2w ago

The compression of the exploit timeline: Why n-day gaps and 90-day embargoes are failing in practice.

The traditional vulnerability disclosure timeline relies on a fundamental assumption: exploit development and vulnerability discovery take time. Over the last 12 months the integration of LLMs into offensive tooling has …

r/netsec · u/technadu · 1d ago

Threat Intel: ShinyHunters Leaks 9.4GB Database of 7-Eleven Franchisee Systems Post-Extortion Refusal

Overview: On May 24, 2026, the data breach notification service Have I Been Pwned (HIBP) integrated a dataset originating from an April 2026 extortion campaign targeting 7-Eleven. The breach, attributed to the threat act…

r/selfhosted · u/ldkv · 2w ago

Accidentally exposed publicly my entire LAN for 2 weeks

Posting this as a PSA / confession because I almost had a heart attack last night and I figure if I got bit, someone else will too. TL;DR: Replaced pangolin + NPMplus with a double-Caddy + WireGuard setup. Put a "clever"…

techcrunch.com › 2026 › 05 › …

US cyber agency CISA exposed reams of passwords and cloud keys to the open web | TechCrunch

… While the incident was traced back to an employee working for a CISA contractor, CISA is ultimately responsible for the security of its own network and systems, including contractors who work for the agency. …

May 19, 2026 · Zack Whittaker

techspot.com › news

A cyberattack on Canvas knocked out access for students at Harvard, Columbia, and hundreds of other schools during finals

The company's chief information security officer, Steve Proud, wrote in an incident log that Instructure had "recently experienced a cybersecurity incident perpetrated by a criminal threat actor." A day later, he added that the exposed data included names, email addresses, student ID numbers, and m… …

May 10, 2026

techcrunch.com › 2026 › 05 › …

AI evaluation startup Braintrust confirms breach, tells every customer to rotate sensitive keys | TechCrunch

… Jaime Blasco, the co-founder of cybersecurity startup Nudge Security who received a breach email alert from Braintrust, told TechCrunch that the incident could have "downstream implications for affected customers," like AI companies that rely on Braintrust. …

May 6, 2026 · Lorenzo Franceschi-Bicchierai

bleepingcomputer.com › news › microsoft

Microsoft blames macOS update for undismissible Teams location prompts

… I checked for a Microsoft Teams update, but there isn't one." Earlier today, Microsoft acknowledged this known issue in a new incident report TM1315837 and blamed it on a recent macOS security update that prevents the operating system from retaining users' location-permission selections. …

May 19, 2026 · Sergiu Gatlan

bleepingcomputer.com › news › security

Instructure reaches 'agreement' with ShinyHunters to stop data leak

… We recommend that customers continue normal monitoring of their Canvas environments, integrations, and administrative activity." Since then, the company has temporarily shut down Free-For-Teacher accounts and said that it's working to resolve these security issues to prevent future incidents. …

May 12, 2026 · Sergiu Gatlan

wired.com › story

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

… Mercor confirmed the attack in an email to staff on March 31. “There was a recent security incident that affected our systems along with thousands of other organizations worldwide,” the company wrote. …

Apr 3, 2026 · Maxwell Zeff