Enterprise Security Tech

Coinbase has confirmed a newly disclosed insider breach after a contractor improperly accessed sensitive customer data late last year, adding to a growing list of incidents that show how fragile trust boundaries can become when internal tools fall into the wrong hands. The cryptocurrency exchange said the incident occurred in December and affected roughly 30 customers. According to the company, the access was detected by its internal security team and tied to a single contra

As Data Privacy Day 2026 arrives, the conversation around protecting personal information is shifting in a way that feels both inevitable and unsettling. Data itself is no longer the first line of defense. Identity is. Across modern enterprises, identity has quietly become the control plane that governs access to systems, applications, and sensitive data. Attackers understand this reality better than most defenders, and the rapid spread of cloud services, non-human identitie

A massive trove of stolen login credentials, totaling nearly 150 million unique usernames and passwords, was recently found sitting exposed on the open internet, underscoring just how industrialized and fragile the modern credential theft ecosystem has become. The cache, uncovered by cybersecurity researcher Jeremiah Fowler at ExpressVPN , contained more than 149 million records and roughly 96 gigabytes of raw data. The database was neither encrypted nor protected by a passwo

Food delivery giant Grubhub  is investigating a data breach that has escalated into what sources describe as an extortion attempt, underscoring how stolen SaaS credentials can reverberate across companies months after an initial compromise. The company confirmed that attackers accessed parts of its internal systems and downloaded data, but declined to specify when the intrusion occurred, whose information was involved, or whether ransom demands are underway. In a statement, G

A Tennessee man has admitted to repeatedly breaching some of the federal government’s most sensitive digital systems, a case that underscores how fragile legacy authentication practices remain even at the highest levels of U.S. institutions. Court records show that 24 year old Nicholas Moore of Springfield, Tennessee, pleaded guilty on Friday to unlawfully accessing the U.S. Supreme Court’s electronic filing system more than two dozen times. Prosecutors say the intrusions oc

Cybercriminals are attempting to sell what they claim is a massive cache of internal source code linked to Target, igniting fresh concern over how quietly sensitive development systems can be exposed without triggering alarms. The episode surfaced after a previously unknown threat actor posted on a well known underground forum, advertising what was described as sensitive development files allegedly taken from the US retail giant. To bolster the claim, the actor briefly publi