Gmail Data Breach Claims Once Again Denied by Google
Recent rumors of a Gmail data breach sparked widespread concern online, with reports claiming millions of accounts had been compromised. Google swiftly dismissed these allegations, explaining that the supposed “breach” stemmed from previously stolen data recycled from old leaks and malware logs, not a new compromise of Gmail’s systems. False reports spark panic The controversy began when online posts alleged
Sotheby’s Data Breach Exposes Employee Financial Information
Sotheby’s data breach has sparked alarm across the luxury art world. The prestigious auction house confirmed that an unknown attacker accessed internal systems, exposing sensitive financial and personal information belonging to employees. The incident occurred in late July 2025. It was discovered after suspicious activity was detected within Sotheby’s network. The company quickly launched an investigation and involved external cybersecurity
SonicWall VPN Breach Hits Over 100 Accounts in Cyberattacks
The SonicWall VPN breach has triggered urgent warnings for organizations worldwide. Security analysts report that attackers accessed more than 100 SonicWall SSL VPN accounts using stolen credentials. The coordinated campaign, active since early October, has already affected multiple corporate environments across several countries. Investigators confirm that the intrusions relied on valid login information rather than brute-force methods. Once inside, attackers
Crimson Collective Launches Advanced AWS Attacks for Data Theft
The Crimson Collective hacker group has launched a new wave of cyberattacks aimed at Amazon Web Services (AWS) cloud environments. Their operations focus on stealing sensitive data from misconfigured instances, exposing how vulnerable cloud infrastructures can become when security practices are neglected. How the Group Infiltrates AWS Environments Researchers report that Crimson Collective exploits exposed AWS access credentials often found
DraftKings Account Breaches After Credential Stuffing
DraftKings account breaches in September 2025 highlight how password reuse still drives online account takeovers. The U.S. sports-betting giant confirmed that attackers used stolen logins from other sites to access a small number of customer accounts. Although no internal systems were compromised, the event renewed attention on multi-factor authentication and credential hygiene. Attack Overview On September 2, 2025, DraftKings’ security
Discord Data Breach Exposes Support Chats and User IDs
The Discord data breach has sparked concern after hackers accessed a third-party support vendor’s systems, stealing user information, support messages, and government ID images. While Discord’s core infrastructure remains secure, the incident highlights serious risks tied to external service providers managing user data. How the Breach Happened Discord confirmed that attackers compromised a third-party customer service platform used to manage
WestJet Data Breach Exposed Customer Passports
The WestJet data breach has placed thousands of travelers at risk after cybercriminals accessed sensitive passenger records. The Canadian airline confirmed that passport numbers and travel documents were among the exposed data. The breach has raised concerns about identity theft and placed renewed pressure on the aviation industry to strengthen its cybersecurity defenses. What Happened WestJet disclosed that an unauthorized
Postmark MCP npm Package Stole User Emails
The Postmark MCP npm package has been exposed as a malicious module that silently stole user emails. Disguised as a legitimate client, the package highlights ongoing risks in the software supply chain and raises concerns for developers relying on npm. How the Attack Happened Security researcher Kamil “kph” Piekarski discovered that the fake package was uploaded to npm on September
Boyd Gaming Data Breach Exposes 184,000 Personal Records
The Boyd Gaming data breach has become another major cybersecurity incident in the casino industry. Boyd Gaming, which operates 28 casinos across 10 U.S. states, confirmed that a recent cyberattack exposed the personal data of more than 184,000 individuals. The breach disrupted critical IT systems and forced the company to take immediate containment measures. This attack highlights how vulnerable the
SonicWall MySonicWall Breach Forces Credential Resets
The SonicWall MySonicWall breach has prompted urgent warnings from the cybersecurity vendor. SonicWall advised all customers to reset credentials and enable multi-factor authentication after attackers gained access to customer accounts. The incident highlights the growing risks tied to vendor platforms that hold sensitive client data. Breach Overview SonicWall confirmed unauthorized activity within its MySonicWall customer portal. This platform manages product
