The Record

Chinese hackers have been exploiting a vulnerability in a popular Cisco email management tool since late November, the company said in an advisory.

In a decision that only affects Pennsylvanians but could have privacy implications elsewhere, the state's Supreme Court ruled that police did not need a warrant to access a rape suspect's Google searches.

In a disclosure to the London Stock Exchange, the the U.K. healthcare IT provider DXS said it discovered a data breach on December 14.

The Paris Prosecutor’s Office said a person had been arrested on charges “including an attack on an automated personal data processing system operated by the State, as part of an organized group.”

PornHub sent emails out to many users and published a statement warning that it was affected by a recent breach of data analytics service provider Mixpanel.

According to a DOJ announcement, the exchange E-Note was used to process funds stolen by criminals in cyberattacks on healthcare entities and critical infrastructure, among other targets.

TikTok and the gay dating app Grindr are violating European data protection laws by tracking user activities across apps, a digital rights organization alleges.

Under a settlement with the FTC, the Nomad platform will have to redistribute stolen funds that white-hat hackers returned to the company after thieves aggressively exploited a vulnerability in 2022.

Researchers said the campaign likely aimed to collect sensitive information from Ukrainian users in support of broader Russian intelligence objectives.

In a press briefing this week, Amazon officials said the years-long campaign “represents a significant evolution in critical infrastructure targeting."

PDVSA published a statement on Monday that confirmed the attack but claimed the company has still been able to operate.

After several disrupted months as House Homeland Security Committee chairman, Rep. Andrew Garbarino made time to discuss cyber issues such as an upcoming Trump administration strategy document and Chinese state-backed threats.

The president has taken steps to nominate Army Lt. Gen. Joshua Rudd, deputy chief of U.S. Indo-Pacific Command, to lead U.S. Cyber Command and the National Security Agency.

Texas' attorney general, who is suing under the Texas Deceptive Trade Practices Act, says ACR technology violates Texas law because of how it collects consumer data without the user’s knowledge or consent.

Fintech company Prosper Marketplace and car dealership services provider 700Credit are the latest financial institutions to report data breaches affecting millions of Americans.

Data "related to current and former JLR employees, and contractors" was affected by a cyberattack in August, the car maker said in a statement representing the first time it has provided details about the incident.

In her first public speech, the new chief of Britain's MI6, Blaise Metreweli, pointed to the acute threat posed by Russia, warning of the Kremlin’s “attempts to bully, fearmonger and manipulate.”

Palo Alto researchers said the recent activity involved a new strain of malware they call AshTag that has allowed them to steal information from key entities across the Middle East.

The billboards, located near Toronto’s Union Station, reportedly analyze only the age and gender of people nearby, according to their owner.

The Pierce County Library System published breach notifications this week on its website and with regulators in several states, detailing an incident first discovered in April.