Substack data breach exposes emails and phone numbers

Substack data breach exposed user email addresses and phone numbers for months before CEO Chris Best confirmed the October ...

Bug in student admissions website exposed children’s personal information

Ravenna Hub, which lets parents apply and track the status of their kids' applications across thousands of schools, allowed any logged-in user to access the personally identifiable data associated ...
Decrypt

Hardware Wallet Owners Hit With Snail Mail Phishing Campaign

The paper mailers mimic Ledger and Trezor branding and device update themes to push users toward malicious verification sites ...
The Hacker News

ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...