Enterprise Security Tech

Food delivery giant Grubhub is investigating a data breach that has escalated into what sources describe as an extortion attempt, underscoring how stolen SaaS credentials can reverberate across companies months after an initial compromise. The company confirmed that attackers accessed parts of its internal systems and downloaded data, but declined to specify when the intrusion occurred, whose information was involved, or whether ransom demands are underway. In a statement, G

A Tennessee man has admitted to repeatedly breaching some of the federal government’s most sensitive digital systems, a case that underscores how fragile legacy authentication practices remain even at the highest levels of U.S. institutions. Court records show that 24 year old Nicholas Moore of Springfield, Tennessee, pleaded guilty on Friday to unlawfully accessing the U.S. Supreme Court’s electronic filing system more than two dozen times. Prosecutors say the intrusions oc

Cybercriminals are attempting to sell what they claim is a massive cache of internal source code linked to Target, igniting fresh concern over how quietly sensitive development systems can be exposed without triggering alarms. The episode surfaced after a previously unknown threat actor posted on a well known underground forum, advertising what was described as sensitive development files allegedly taken from the US retail giant. To bolster the claim, the actor briefly publi

A wave of LinkedIn phishing attacks is exploiting the platform’s own public comment sections, blurring the line between legitimate support messages and outright fraud in a way that security researchers say marks a new phase in social engineering. The campaign surfaced earlier this week when researchers and targeted users began warning that bot-like accounts were replying directly to posts while impersonating LinkedIn itself. The fake comments claim the recipient has violated

A flood of unexpected Instagram password reset emails has left millions of users wondering whether their accounts were quietly compromised or if something else is unfolding behind the scenes. Meta insists there was no breach of Instagram’s systems and that accounts remain secure. Security researchers are not so quick to dismiss the risks. The confusion stems from reports that a dataset tied to roughly 17.5 million Instagram users is circulating on cybercrime forums. Malwareby

As the cybersecurity industry closes the books on 2025, the year is already solidifying around a familiar but unsettling conclusion: attackers didn’t need radically new malware to cause outsized damage. They needed people, timing, and a growing catalog of quietly catastrophic infrastructure flaws. That’s the throughline emerging from a year-end review by incident response specialists at LevelBlue , which absorbed digital forensics heavyweight Stroz Friedberg earlier this year