23andMe inherits lawsuit over 'disturbing' DNA data breach
California AG claims genetics biz downplayed 2023 mega-leak while paying ransom to attacker
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
In Other News: Trump Mobile Data Breach, FIFA World Cup Phishing, CISA Responds to Supply Chain Attacks
Noteworthy stories that might have slipped under the radar: Trump Mobile exposes customer data, phishers target the 2026 FIFA World Cup, CISA responds to recent supply chain attack…
Meta considers becoming a hyperscaler
Meta has raised the possibility that it could be joining the likes of Amazon, Microsoft and Google in offering cloud services at some point in the future — although potential custo…
UCLA seeks pre-litigation resolution with Oracle
Discussion understood to concern delayed SaaS transformation project
AI and data sovereignty in Postgres: An answer to the datacenter energy crisis
A billion AI agents walk into a power grid
Microsoft slaps new coat of paint on Copilot, buries annoying button
Look, says Redmond, usage up 27-43% based on one week of data - admits it 'may not be indicative of long-term usage trends'
Charter Communications Data Breach Could Impact Nearly 5 Million
The notorious ShinyHunters extortion group leaked over 42 million records allegedly stolen from Charter in April. The post Charter Communications Data Breach Could Impact Nearly 5 …
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit
An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a…
Asia's Cyber Insurance Market Shows Signs of Life
The cyber insurance industry has made relatively weak inroads into Asia due to a variety of factors, but that could be changing.
MokN Raises $15 Million for Phish-Back Platform
MokN's platform deploys realistic decoy access points to lure attackers into revealing compromised credentials, enabling organizations to respond before abuse occurs. The post MokN…
From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market
DDoS attacks are increasingly being sold like subscription services, complete with pricing tiers, support, and reseller programs. Flare explores how the DDoS-as-a-Service market ha…
Dutch govt disrupts malware botnet with 17 million infected devices
Dutch authorities have taken offline a massive botnet of 17 million devices and seized more than 200 servers at a local provider that supported the operation. [...]
With Complex Cloud Integrations, Small Errors Lead to Major Compromises
Researchers discover an exploit chain combining over-permissioned roles, secrets discovery, and non-human identities that could have compromised a popular automation service.
Dutch cops wrest 17M devices from mystery botnet's clutches
Hosting provider pulled the plug after police traced 200 servers to the Netherlands
Gogs Zero-Day Exposes Servers to Remote Code Execution
The critical-severity issue, assigned a CVSS score of 9.4, is an argument injection flaw that can be exploited by authenticated attackers via pull requests with malicious branch na…
FCC warns US broadcasters their licenses are a privilege, not a right
TV and radio stations told to review current practices to align with public interest obligations
Google Chrome adds session cookie theft protection for all users
Google says the Chrome Device Bound Session Credentials (DBSC) security feature is now generally available and is rolling out to all users to prevent account takeovers. [...]
'The Com' Cyberattacks Support Violence & Sexploitation
Your organization's security failures have consequences for everyone else as well since this criminal gang uses its cyber winnings to support more violent and widespread crimes.
ChatGPT blindly trusts browser content, turning the page into a payload
You and me go ChatGPhish-ing in the dark
Russia-linked threat group put ChatGPT to work from lure to payload
Researchers say 'GREYVIBE' crew used AI tools throughout a campaign targeting Ukrainian military and government
New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks
A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 20…
Blue Origin's New Glenn makes a crater-sized dent in Artemis plans
Explosion wrecks rocket and pad, leaving NASA's lunar ambitions looking less than launch-ready
California Sues 23andMe, Alleging It Failed to Protect User Data in 2023 Breach
Attorney General Rob Bonta filed the lawsuit against Chrome Holding Co., which 23andMe rebranded under after filing for bankruptcy last March. The post California Sues 23andMe, All…
Man sent to prison for selling data of 7 millions elderly Americans
A North Carolina man was sentenced to more than 10 years in prison for selling the personal information of over 7 million elderly Americans to Jamaican scammers. [...]
Chilling Effects
Younger Americans have soured on the second Donald Trump presidency, but they are not protesting it. Despite an unpopular Iran war and an even more unpopular Trump administration, …
What 2,000 Exposed Vibe-Coded Apps Reveal About the Limits of Most Security Stacks
Shadow AI used to mean employees pasting things they shouldn't into ChatGPT. It now means something bigger: employees building full applications with AI, wiring them into productio…
ShinyHunters adds Charter to trophy shelf after 4.9M customer records leak
Telco giant says no sensitive data was taken, though names, addresses, phones, and emails are now out there
Chrome 148 Update Patches 151 Vulnerabilities
The browser update resolves critical-severity security defects that could potentially lead to remote code execution. The post Chrome 148 Update Patches 151 Vulnerabilities appeared…
US charges Google security engineer with Polymarket insider trading
A Google security engineer was charged with insider trading after winning $1.2 million using confidential company data to place bets on the cryptocurrency-based Polymarket decentra…
That an app 'Fits on a Floppy' is still a useful measure in 2026
In a world of mass-produced bot-slopware, small is more beautiful than ever