Explore

Rapid Read Rapid Read
DocketWise Data Breach Exposes Personal Information of 116,666 Individuals

DocketWise Data Breach Exposes Personal Information of 116,666 Individuals

DocketWise, a cloud-based immigration case management software company, has disclosed a significant data breach affecting approximately 116,666 individuals across the United States. The breach involved unauthorized access to login credentials of third-party partner repositories, which were part of a data migration pipeline for the DocketWise application. This breach exposed various types of personal information, including Social Security numbers, financial account details, and health insurance policy numbers. The company has initiated an investigation with cybersecurity experts to assess the scope of the breach and has begun notifying affected individuals.
Rapid Read Rapid Read
DocketWise Data Breach Exposes Personal Information of 116,000 Individuals

DocketWise Data Breach Exposes Personal Information of 116,000 Individuals

DocketWise, a cloud-based immigration case management software company, has disclosed a data breach affecting approximately 116,666 individuals across the United States. The breach, discovered in October 2025, involved unauthorized access to third-party partner repositories containing unstructured data. This data included sensitive personal information such as names, addresses, Social Security numbers, and financial details. The breach was reported to the Maine Attorney General on April 3, 2026, and affected individuals have been notified. DocketWise is offering 24 months of complimentary credit monitoring and identity restoration services to those impacted.
Trendline Trendline
Meta Suspends AI Data Collaboration with Mercor Following Security Breach

Meta Suspends AI Data Collaboration with Mercor Following Security Breach

Meta Suspends AI Data Collaboration with Mercor Following Security Breach
Rapid Read Rapid Read
European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Affecting EU Entities

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack Affecting EU Entities

The European Commission (EC) has confirmed a significant data breach involving over 300GB of data stolen from its AWS environment. This breach was linked to a compromised API key in the Trivy supply chain attack. The incident, which occurred on March 24, was initially disclosed on March 27. Hackers accessed the AWS account, part of the backend for the Europa.eu hosting service, which supports public websites for the EC and other European Union entities. The breach was facilitated by a compromised version of Trivy, a vulnerability scanner, which the EC had received through normal software update channels. The attackers, identified as the TeamPCP hacking group, used the compromised AWS key to create and attach a new access key to a user account, allowing them to conduct reconnaissance and exfiltrate data. The stolen data, which includes personal information such as names, email addresses, and usernames, was later added to a Tor-based leak site by the ShinyHunters extortion group.
Rapid Read Rapid Read
Security Researchers Uncover 'Storm' Infostealer's Remote Credential Decryption

Security Researchers Uncover 'Storm' Infostealer's Remote Credential Decryption

Security researchers at Varonis have identified a new strain of malware known as 'Storm' that targets browser credentials, session cookies, and crypto wallets. This infostealer emerged on cybercrime networks in early 2026 and represents a significant shift in credential theft tactics. Unlike traditional methods that decrypt data locally, Storm sends encrypted files to the attacker's server for decryption. This approach circumvents security measures introduced by Google in Chrome 127, which made local decryption more challenging. Storm handles data from both Chromium and Gecko-based browsers server-side, enhancing its stealth capabilities. The malware automates the retrieval of stolen logs, allowing attackers to restore hijacked sessions remotely without triggering alerts. It targets high-value platforms such as Google, Facebook, and major cryptocurrency services, with compromised data often traded on credential marketplaces.
Trendline Trendline
Meta Halts Collaboration with AI Startup Mercor Following Data Breach

Meta Halts Collaboration with AI Startup Mercor Following Data Breach

Meta Halts Collaboration with AI Startup Mercor Following Data Breach
Trendline Trendline
Mobile Device Security Threats Escalate as Enterprises Struggle for Control

Mobile Device Security Threats Escalate as Enterprises Struggle for Control

Mobile Device Security Threats Escalate as Enterprises Struggle for Control
Trendline Trendline
BHIM App Launches Biometric Authentication for UPI Payments, Enhancing Security and Convenience

BHIM App Launches Biometric Authentication for UPI Payments, Enhancing Security and Convenience

BHIM App Launches Biometric Authentication for UPI Payments, Enhancing Security and Convenience
Trendline Trendline
AI Recruiting Firm Mercor Suffers Data Breach in Supply Chain Attack

AI Recruiting Firm Mercor Suffers Data Breach in Supply Chain Attack

AI Recruiting Firm Mercor Suffers Data Breach in Supply Chain Attack
Rapid Read Rapid Read
European Cyber Agency Identifies Hacking Gangs in Major Data Breach Affecting EU Entities

European Cyber Agency Identifies Hacking Gangs in Major Data Breach Affecting EU Entities

The European Union's cybersecurity agency has identified a cybercriminal group known as TeamPCP as responsible for a significant data breach at the EU's executive body, the European Commission. The breach involved the theft of approximately 92 gigabytes of compressed data from a compromised Amazon Web Services (AWS) account. This account was used by the European Commission to host websites and publications for the bloc's institutions and agencies. The stolen data included personal information such as names, email addresses, and email contents. The breach originated on March 19 when hackers acquired a secret API key associated with the European Commission's AWS account. This was facilitated by a previous hack targeting the open-source security tool Trivy, which the Commission inadvertently downloaded. The stolen data was subsequently posted online by another hacking group, ShinyHunters. CERT-EU, the EU's cybersecurity agency, is currently analyzing the data and has contacted affected organizations.
Rapid Read Rapid Read
Scammers Exploit Fake Recall Notices to Steal Personal Information

Scammers Exploit Fake Recall Notices to Steal Personal Information

A new scam has emerged targeting online shoppers with fake recall notices, as reported by Consumer Reports. The scam involves sending text messages that appear to be from Amazon, claiming that a product purchased by the recipient is under recall. The message includes a link to review details and refund options. Taylor Smith, a frequent Amazon shopper, received such a text and became suspicious when she noticed it was addressed to only 18 people. Upon checking with Amazon's AI tool, Rufus, she confirmed there was no recall, identifying the message as a phishing scam. The scammers aim to trick recipients into clicking the link and entering personal information, which can then be stolen and sold on the dark web. Consumers are advised to verify recall notices through official channels like the product's app or website, recalls.gov, or the Consumer Product Safety Commission's website.
Curious Chronicles Curious Chronicles
Traveling Abroad? Your Digital Security Demands a Good VPN

Traveling Abroad? Your Digital Security Demands a Good VPN

You're sitting at JFK waiting for your flight to London, and you need to check your bank balance. That free airport Wi-Fi looks tempting. But here's what most travelers don't realize: public Wi-Fi networks are digital hunting grounds. Hackers use simple tools to intercept data flowing through these networks. Your banking login, credit card numbers, and personal emails travel in plain text that anyone with basic technical skills can read. A 2024 study by the Cybersecurity and Infrastructure Security Agency found that 68% of travelers experienced some form of digital security breach while using public Wi-Fi abroad. The financial cost averaged $1,847 per incident. Airports, hotels, and coffee shops offer convenience, but their networks often lack encryption. When you connect, you're essentially broadcasting your digital life to anyone within range.