LexisNexis Hack Exposes 3.9M Records Through Unpatched React Vulnerability

LexisNexis confirmed a data breach after hackers leaked stolen files, with attackers claiming they exploited the React2Shell vulnerability.

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate ...

Hacker mass-mails HungerRush extortion emails to restaurant patrons

Customers of restaurants using the HungerRush point-of-sale (POS) platform say they received emails from a threat actor attempting to extort the company, warning that restaurant and customer data ...

ShinyHunters Leak 12.4 Million CarGurus Records in Massive Data Dump

ShinyHunters allegedly leaked 12.4 million CarGurus records, exposing personal and financing data and raising risks of ...

Multiple mental health apps riddled with high severity security flaws

Researchers found 1,500 vulnerabilities in 10 popular apps, including dozens of high-severity flaws.

PayPal Warns Of Exposed Social Security Numbers In 6-Month Data Breach

Faulty code for a loan application ultimately let to exposed personal information, including SSNs, for nearly half of 2025.

300,000+ Chrome users installed these malicious extensions posing as AI assistants ...

Unsuspecting Chrome users put their browsing data at risk by installing these 30 extensions which promised quick access to AI but were really after their passwords, emails and other data.