Tag: Information Security Buzz

Hims & Hers, a telehealth company, has disclosed a data breach involving its third-party customer support ticketing system after hackers gained access between 4 and 7 February 2026.  In a letter to customers, it warned of a data security incident that might have exposed their personal information. …

Read more →

The European Commission has confirmed a cyberattack affecting its Europa.eu web platform, with initial reports indicating that the attackers accessed the data from the cloud infrastructure provided by AWS.   The incident was detected on 24 March, with the commission stating that the attack was contained while the investigation…

Read more →

The integration of artificial intelligence into core business systems, better known as enterprise AI, is moving fast, along with the threats around it. Security teams are confronting AI-powered cyberattacks, tightening global regulations, and facing a growing expectation that cyber defenses…

Read more →

Researchers at Endor Labs, have discovered a supply chain attack on the popular Python package LiteLLM on PyPI, with malicious code injected into versions 1.82.7 and 1.82.8, which have been withdrawn.   The package is used in AI environments and developer tools, with an estimated 95…

Read more →

Organisations have spent years investing heavily in cybersecurity solutions. Firewalls have been strengthened, identity systems refined, and monitoring tools deployed across increasingly complex environments. Yet despite this, data breaches continue to expose vast amounts of sensitive information, often with severe…

Read more →

No longer are geopolitical standoffs settled on the traditional battlefields of diplomacy and arms; now, the digital realm has emerged as the arena for these conflicts.  In this article, we bring together industry experts to discuss the dynamics of the development of…

Read more →

The US Federal Communications Commission (FCC) has announced a plan to prevent the authorization and import of new consumer routers produced outside the US, adding them to its “Covered List” of items that pose a national security risk.  This decision is a…

Read more →

A newly disclosed flaw in Ubuntu’s Snap ecosystem is raising fresh concerns about local privilege escalation risks in default Linux environments.  Researchers at Qualys have identified CVE-2026-3888, a high-severity vulnerability that allows a low-privileged local user to escalate access to full root…

Read more →

Most teams already have cloud security tools in place. That’s not the issue. The problem is that those tools don’t give you any real control. Infrastructure is built fast, modified constantly, and touched by too many people to track. Code…

Read more →

Over the next decade, the way we define security failures is going to change. No longer will it begin with an unpatched server or a careless employee clicking the wrong link. The root cause will be something far more ordinary,…

Read more →

Since the outbreak of the Middle East conflict on 28 February 2026, Akamai has seen a surge of 245% in cyberattacks against key businesses and institutions in North America, Europe, and some Asian Pacific countries.  One group in particular, Handala (widely believed to have…

Read more →

Companies House, the UK’s official registrar of companies, has disclosed a security flaw in its WebFiling service that exposed sensitive data tied to more than five million registered businesses.   The issue traces back to a system update rolled out in October 2025 and went unnoticed for five months…

Read more →

The Qualys Threat Research Unit (TRU) has identified nine vulnerabilities in AppArmor, a Linux Security Module.   The vulnerability has been present since 2017 (version v4.11). AppArmor is the default mandatory access control system for Ubuntu, Debian, SUSE, and several cloud platforms. Its presence in all…

Read more →

Open source intelligence (OSINT) still sits outside the intelligence mainstream. If you’re not acquainted with the intelligence profession, you might not have come across the term at all. OSINT is the targeted collection and analysis of publicly available or licensable…

Read more →

TELUS Digital has fallen victim to a security incident in which unsanctioned actors accessed its systems.   Upon learning of this incident, the company said it took immediate action to resolve it and prevent any future breaches of its systems and environment.…

Read more →

Starbucks has disclosed a data breach attackers gained access to hundreds of employees’ Starbucks Partner Central accounts, which are used for managing employment information, personal data, benefits, and HR information.  In a letter sent to affected staff members, the company said: “On or…

Read more →

Most conversations about AI in business start with the wrong question of “Can AI do the job?” It is entirely the wrong place to start. The real question for leadership is quieter but vastly more important…“Will this platform still exist,…

Read more →

Starbucks has disclosed a data breach attackers gained access to hundreds of employees’ Starbucks Partner Central accounts, which are used for managing employment information, personal data, benefits, and HR information.  In a letter sent to affected staff members, the company said: “On or…

Read more →

“You’re cutting into my overtime. But if I can schedule upgrades to happen overnight and sleep better, I’m in!” This is what a network engineer recently told me as I was discussing network automation. Network infrastructure owners I speak with…

Read more →

Security researchers have demonstrated how a growing class of AI safety controls (known as AI judges) can be manipulated into approving content they are supposed to block.  In new research published by cybersecurity firm Palo Alto Networks’ threat intelligence team Unit 42, analysts describe how…

Read more →