Friday , July 10 2026

Data Breach

French Football Federation Reports Hackers Access Club Software Admin Controls

French

The French Football Federation (FFF) has reported a major cybersecurity breach that led to the theft of personal data from members and licensees. The federation announced that hackers had breached the centralized software used by football clubs to handle memberships and daily tasks. The breach happened not because of software …

Read More »

OpenAI Reveals API customer data breach via Mixpanel vendor hack

Mixpanel

OpenAI has revealed a data breach involving Mixpanel, a third-party analytics provider that was used to monitor API platform usage. The breach exposed limited but sensitive user information, including names, email addresses, operating system details, and browser metadata. OpenAI stated that the incident came from Mixpanel’s infrastructure and did not involve …

Read More »

SitusAMC breached: JPMorgan, Citi, Morgan Stanley client data may have exposed

SitusAMC

SitusAMC, a real estate finance and tech firm, announced a data breach after suffering a hacker attack. They discovered the incident on November 12th and found that sensitive data may have been compromised. The SitusAMC breach is notable because it serves major Wall Street banks and many other financial institutions. …

Read More »

WhatsApp API flaw let researchers scrape millions of Bangladeshi accounts

API

Researchers gathered 3.5 billion WhatsApp phone numbers and personal information by abusing a contact-discovery API without proper rate limiting. This study shows a common tactic used by threat actors to collect user information from unprotected public APIs, even though the researchers haven’t shared the data. Abusing WhatsApp API: The researchers …

Read More »

Clop ransomware claim to breach Oracle via E-Business Suite 0-Day hack

Clop ransomware

The Clop ransomware gang claims to have breached Oracle’s internal systems and has listed the company on its dark web leak site. This is part of a large extortion campaign that takes advantage of a serious zero-day vulnerability in Oracle E-Business Suite (EBS), dubbed CVE-2025-61882. Security experts report that Clop …

Read More »

Several Forbes AI 50 Companies Leak Secrets on GitHub

AI

Wiz, a cloud security company, analyzed GitHub repositories of major AI firms and discovered that many had leaked verified secrets that could reveal sensitive information. Leaked secrets are typically found by GitHub’s scanners, repository owners’ scans, and third-party automated scans for marketing. The cloud security firm aimed for a new …

Read More »

Hacker exploited Cisco ISE and Citrix flaws in zero-day attacks

zero-day

Amazon’s threat intelligence team discovered that attacker exploiting previously undisclosed zero-day vulnerabilities in Cisco Identity Service Engine (ISE) and Citrix systems. This campaign utilized custom malware and showed access to various hidden vulnerabilities, indicating a trend where attackers target essential identity and network access controls. Amazon’s MadPot honeypot service identified …

Read More »