Latest news as of 2/27/2026, 1:07:19 AM
Have I Been Pwned
In February 2026, the Dutch telco . Following the incident, 1M records containing 317k unique email addresses was published publicly, with a threat by the attackers to continue leaking more data in the following days. The data also included names, physical addresses, phone numbers, bank account numbers and notes about customers left by service operators. detailing the extent of the incident, providing an FAQ and advising the incident also impacted dates of birth, passport and drivers licence numbers. Odido was the victim of a data breach and subsequent extortion attempt Odido has published a disclosure notice
Dark Reading
When a company gets breached through a third-party security vendor, who should bear responsibility? For one FinTech company, the answer is the firewall provider.
Dark Reading
The maximum-severity vulnerability CVE-2026-20127 was exploited by an unknown but sophisticated threat actor who left very little evidence behind.
Graham Cluley
A new report claims that the cost of insider security incidents has surged 20% in two years, reaching an average of US $19.5 million per organization annually, with no sign that the alarming figure is flattening. Read more in my article on the Fortra blog.
Bleeping Computer
Google API keys for services like Maps embedded in accessible client-side code could be used to authenticate to the Gemini AI assistant and access private data. [...]
The Hacker News
Cybersecurity researchers have disclosed details of a new botnet loader called Aeternum C2 that uses a blockchain-based command-and-control (C2) infrastructure to make it resilient to takedown efforts. "Instead of relying on traditional servers or domains for command-and-control, Aeternum stores its instructions on the public Polygon blockchain," Qrator Labs said in a report shared with The
Bleeping Computer
Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems. [...]
Bleeping Computer
DIY store chain ManoMano is notifying customers of a data breach personal data, which was caused by hackers compromising a third-party service provider. [...]
Bleeping Computer
A critical vulnerability in the Junos OS Evolved network operating system running on PTX Series routers from Juniper Networks could allow an unauthenticated attacker to execute code remotely with root privileges. [...]
Bleeping Computer
French professional football club Olympique de Marseille has confirmed a cyberattack after a threat actor claimed on Monday that it breached the club's systems earlier this month. [...]