Another avoidable breach. This time impacting EY and their clients. Plaintext data, including PII, controlled IP, keys, and tokens were exposed and exfiltrated. Why are we still working with plaintext databases? https://t.co/vHyjfCe5Hu #cybersecurity #databreach

According to Cybersecurity Ventures @CybersecuritySF, #cybercrime damages are expected to hit $10.5 trillion annually this year. That’s a massive jump from the $3 trillion in damages hit in 2015.

🚨 DIG AI - Darknet AI Tool Enables Hackers to Launch Sophisticated Attacks Source: https://t.co/wqR6xeOKaU A new and ominous player has emerged in the rapidly expanding landscape of "Shadow AI." DIG AI, an uncensored artificial intelligence tool hosted on the darknet, is

A Look Ahead at AI Security Challenges and Solutions for 2026 https://t.co/97E5BkNGRp #AI #Encryption #AgenticAI #DataSecurity #Cybersecurity

More unencrypted, plaintext data exposed. Thank you @ChuckDBrooks for posting.

⚡ Amazon confirms a Russian GRU unit hacked Western energy and infrastructure networks for years. The threat wasn’t malware, it was silent credential theft from live traffic. From 2021–2025, APT44 relied less on zero-days and more on exposed routers and VPN gateways. 🔗 Read

With increased online activity and reduced staffing, the holiday season makes an attractive target for threat actors. That’s why robust logging and real-time monitoring are critical. Learn more: https://t.co/dZJHjcLJNV #SecureTheSeason

🚨🔐⚠️ "Data breach at credit check giant 700Credit affects at least 5.6 million" At least 5.6 M people had their names, addresses, DOB, & Social Security numbers stolen in a data breach at 700Credit, a company that runs credit checks 🖥️ https://t.co/HSekaiCsVK

#ICYMI: Check out our new guidance for #CriticalInfrastructure owners & operators on tailoring AI to OT systems: https://t.co/3tmkMjeGBh

🚨 North Korean hackers are exploiting the new React2Shell bug (10.0-severity) to drop EtherRAT — malware that hides its commands inside Ethereum smart contracts. It even makes 9 blockchain nodes “vote” to pick its server, so takedowns fail. 🔗 Read now ↓

Ransomware Payments Surpassed $4.5 Billion: US Treasury

https://t.co/3GYzZzNwXt

ICYMI: Visit https://t.co/hGNEY2YNK6 for more.

More plaintext data exposed. Threat actors always get in. Encrypt the data! https://t.co/94Ui9i9LFY Tri-Century Eye Care Data Breach Impacts 200,000 Individuals -

What Is The Price Of A Quantum Computer In 2025? Read more: https://t.co/albCn2aemt

🚨 Hackers are uploading fake resumes on Indeed and JazzHR to breach Canadian companies. 80% of attacks in this campaign hit Canada. The “PDFs” actually launch QWCrypt ransomware through a tool called RedLoader. 🔗 Read:

New ‘Broadside’ Botnet Poses Risk to Shipping Companies

Apache warns of 10.0-rated flaw in Tika metadata ingestion tool

🚨 Researchers Hack Google’s Gemini CLI Through Prompt Injections in GitHub Actions Source: https://t.co/1jnRDPjDLa A critical vulnerability class dubbed "PromptPwnd," affects AI agents integrated into GitHub Actions and GitLab CI/CD pipelines. This flaw allows attackers to

CISOs Should Be Asking These Quantum Questions Today

Claude Agent Skills could be used to deploy malware, researchers say | SC Media