#icloud-security

[ follow ]
#cybersecurity #data-breach #apple #vulnerabilities #malware #privacy #data-protection #ios #security #ai
#cybersecurity
Information security
fromTNW | Eu
14 hours ago

European Commission breached after hackers poisoned open-source security tool Trivy

A major data breach at the European Commission was caused by TeamPCP exploiting a supply chain attack on the Trivy security tool.
EU data protection
fromSecurityWeek
17 hours ago

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Hackers stole over 300GB of data from the European Commission's AWS environment using a compromised API key from the Trivy supply chain attack.
Healthcare
fromSecurityWeek
5 days ago

Healthcare IT Platform CareCloud Probing Potential Data Breach

CareCloud experienced a cybersecurity incident that may have compromised patient information, but the impact is believed to be limited and manageable.
Information security
fromTNW | Eu
14 hours ago

European Commission breached after hackers poisoned open-source security tool Trivy

A major data breach at the European Commission was caused by TeamPCP exploiting a supply chain attack on the Trivy security tool.
more#cybersecurity
Apple
fromMail Online
1 day ago

Apple issues warning to iPhone users over stealthy attack: Act NOW

Apple has released critical iOS updates to protect against the DarkSword cyberattack method targeting vulnerable devices.
EU data protection
fromEngadget
10 hours ago

Ireland is testing out a digital wallet that conducts age verification for social media users

Ireland is trialing a Government Digital Wallet to verify user age for social media access, aiming for user-friendly design before its 2026 EU deadline.
Cryptocurrency
fromnews.bitcoin.com
16 hours ago

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.
#data-breach
Privacy professionals
fromSilicon Canals
1 day ago

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.
Healthcare
fromTechCrunch
4 days ago

Health data giant CareCloud says hackers accessed patients' medical records | TechCrunch

CareCloud experienced a data breach where hackers accessed patient electronic health records for over eight hours, but data exfiltration status remains unclear.
Privacy technologies
fromTechCrunch
2 days ago

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.
Privacy professionals
fromSilicon Canals
2 days ago

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.
Information security
fromSecuritymagazine
2 days ago

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.
Information security
fromTheregister
2 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
Privacy professionals
fromSilicon Canals
1 day ago

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.
Healthcare
fromTechCrunch
4 days ago

Health data giant CareCloud says hackers accessed patients' medical records | TechCrunch

CareCloud experienced a data breach where hackers accessed patient electronic health records for over eight hours, but data exfiltration status remains unclear.
Privacy technologies
fromTechCrunch
2 days ago

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.
Privacy professionals
fromSilicon Canals
2 days ago

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.
Information security
fromSecuritymagazine
2 days ago

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.
Information security
fromTheregister
2 days ago

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.
more#data-breach
Artificial intelligence
fromTechRepublic
1 day ago

AI Breakthroughs, Security Breaches, and Industry Shakeups Define the Week in Tech - TechRepublic

Tech industry faces rapid AI advancements alongside significant security vulnerabilities and human costs.
#openclaw
DevOps
fromInfoWorld
1 day ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
1 day ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
DevOps
fromInfoWorld
1 day ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
1 day ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
more#openclaw
#ai
Privacy technologies
fromComputerWeekly.com
2 days ago

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.
Privacy technologies
fromComputerWeekly.com
2 days ago

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.
more#ai
Wearables
fromMakeUseOf
4 days ago

Your phone's Bluetooth is broadcasting more than you think - here's how to limit it

Bluetooth remains active and broadcasts data even when not connected, potentially allowing for tracking without user consent.
#apple
Apple
fromSecurityWeek
2 days ago

Apple Rolls Out DarkSword Exploit Protection to More Devices

Apple is updating older iOS devices to protect against the DarkSword exploit kit targeting vulnerabilities in its mobile platforms.
Apple
fromTechRepublic
2 days ago

Apple Issues Rare Patch: Up to 270M iPhones Could Be Vulnerable to 'DarkSword' Exploit

Apple is issuing a rare security patch for iOS 18 to combat the DarkSword hacking tool, breaking from its usual upgrade policy.
Apple
fromTechCrunch
3 days ago

Apple releases security fix for older iPhones and iPads to protect against DarkSword attacks | TechCrunch

Apple released security updates for older iPhones and iPads to protect against the DarkSword hacking toolkit that steals user data.
Apple
fromZDNET
3 days ago

Still running iOS 18? Install this critical update ASAP

Apple has released a security patch for iPhones running iOS 18 to protect against the DarkSword exploit.
Apple
fromMacRumors
4 days ago

Apple Sets Privacy Rules for Third-Party Access to Live Activities and Notifications

Apple is implementing new iOS features for third-party wearables while enforcing strict privacy rules on notification forwarding.
Privacy technologies
fromEngadget
1 week ago

Apple introduces age verification for iCloud accounts in the UK

Apple requires UK users to verify their age to access certain features, enhancing child safety protections.
Apple
fromSecurityWeek
2 days ago

Apple Rolls Out DarkSword Exploit Protection to More Devices

Apple is updating older iOS devices to protect against the DarkSword exploit kit targeting vulnerabilities in its mobile platforms.
Apple
fromTechRepublic
2 days ago

Apple Issues Rare Patch: Up to 270M iPhones Could Be Vulnerable to 'DarkSword' Exploit

Apple is issuing a rare security patch for iOS 18 to combat the DarkSword hacking tool, breaking from its usual upgrade policy.
Apple
fromTechCrunch
3 days ago

Apple releases security fix for older iPhones and iPads to protect against DarkSword attacks | TechCrunch

Apple released security updates for older iPhones and iPads to protect against the DarkSword hacking toolkit that steals user data.
Apple
fromZDNET
3 days ago

Still running iOS 18? Install this critical update ASAP

Apple has released a security patch for iPhones running iOS 18 to protect against the DarkSword exploit.
Apple
fromMacRumors
4 days ago

Apple Sets Privacy Rules for Third-Party Access to Live Activities and Notifications

Apple is implementing new iOS features for third-party wearables while enforcing strict privacy rules on notification forwarding.
Privacy technologies
fromEngadget
1 week ago

Apple introduces age verification for iCloud accounts in the UK

Apple requires UK users to verify their age to access certain features, enhancing child safety protections.
more#apple
Privacy professionals
fromSilicon Canals
1 day ago

A money-transfer app stored customer passports on an unencrypted, publicly accessible server for nearly five years - Silicon Canals

Fintech companies face regulatory pressure to collect identity documents but lack enforceable obligations to protect them, leading to data breaches.
DevOps
fromMedium
1 day ago

AWS Security and Compliance Quiz (25 Questions) with Detailed Answers - Cloud Practitioner Guide

Understanding AWS security services is essential for modern applications running on AWS.
#ai-governance
more#ai-governance
Information security
fromSecurityWeek
1 day ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
#amazon
Apple
from24/7 Wall St.
2 days ago

Apple Investors Face New Risk as Amazon Eyes Takeover of iPhone's Satellite Partner

Amazon is in talks to acquire Globalstar for $9 billion, impacting Apple's satellite connectivity and infrastructure.
more#amazon
DevOps
fromTechzine Global
3 days ago

IGEL brings 'Smarter, Zero Trust' approach Contextual Access to endpoints

IGEL's Contextual Access enhances endpoint security by adapting access rights based on user, device, location, and trust status.
Privacy technologies
fromWIRED
4 days ago

This App Makes Even the Sketchiest PDF or Word Doc Safe to Open

Dangerzone is a free tool that safely opens potentially harmful documents by converting them into secure image-based PDFs.
Information security
fromTNW | Insights
14 hours ago

KeeperDB brings zero-trust database access to privileged access management

Database credentials are a major attack vector, and KeeperDB integrates access controls into its PAM platform to enhance security.
fromComputerworld
1 day ago

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.
Information security
Privacy technologies
fromZDNET
1 week ago

5 telltale signs that your phone has been compromised (and how to combat them)

Phone hacking can be detected through signs like battery drain, slow performance, unfamiliar logins, and reduced storage space.
Privacy professionals
fromThe Verge
2 days ago

Pinterest said he violated laid-off colleagues' privacy. Now he's going public

A former Pinterest engineer claims he was unjustly fired for sharing a tool that revealed employee layoffs.
Artificial intelligence
fromTechRepublic
1 week ago

AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech - TechRepublic

The tech industry's rapid advancement in AI tools brings significant privacy and security risks alongside innovation.
#ai-security
Information security
fromInfoWorld
2 days ago

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.
Information security
fromInfoWorld
2 days ago

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.
more#ai-security
Privacy technologies
fromGotechtor
1 week ago

Apple Built a Powerful iPhone Privacy Tool That Most People Ignore-Here's Why You Should Turn It On Today - Gotechtor

Turning on App Privacy Report on iPhone enhances user control over app permissions and data sharing.
#whatsapp
Privacy professionals
fromTechCrunch
3 days ago

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.
Privacy professionals
fromTechCrunch
3 days ago

WhatsApp notifies hundreds of users who installed a fake app that was actually government spyware | TechCrunch

WhatsApp notified 200 users about a malicious fake app containing spyware created by Italian firm SIO.
more#whatsapp
fromTechCrunch
3 days ago

Hasbro says it was hacked, and may take 'several weeks' to recover | TechCrunch

Hasbro detected an intrusion on March 28, prompting the company to take down some of its systems. Parts of Hasbro's website appeared down, with error messages indicating maintenance.
Privacy professionals
Information security
fromSecurityWeek
1 day ago

Critical ShareFile Flaws Lead to Unauthenticated RCE

Two critical vulnerabilities in ShareFile could allow unauthenticated remote code execution through improper access to configuration pages.
Privacy professionals
fromSecurityWeek
3 days ago

FBI Warns of Data Security Risks From China-Made Mobile Apps

Foreign-developed mobile applications pose significant data security risks, particularly those from China, according to an FBI alert.
Information security
fromWIRED
1 day ago

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.
Information security
fromInfoWorld
1 day ago

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

TeamPCP exploited Trivy to access sensitive cloud credentials and data, creating significant vulnerabilities for organizations.
Apple
fromComputerworld
1 week ago

Apple goes global with key MDM tools and services for business

Managed Apple accounts enhance data separation and control for businesses, offering free MDM features and competitive productivity tools.
Apple
fromTechRepublic
2 weeks ago

Apple Rolls Out Real-Time Security Fixes Across iPhone, iPad, and Mac - TechRepublic

Apple launches Background Security Improvements to automatically fix critical vulnerabilities without requiring full OS updates, starting with a WebKit vulnerability in Safari.
Information security
fromTechzine Global
1 day ago

Axios supply chain attack victim posts postmortem to prevent a repeat

Axios was compromised for three hours, distributing Remote Access Trojans due to a sophisticated social engineering attack by North Korean group UNC1069.
#cisco
Information security
fromSecurityWeek
2 days ago

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has released fixes for two critical and six high-severity vulnerabilities affecting various enterprise networking products.
Information security
fromThe Hacker News
2 days ago

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released critical updates to address vulnerabilities in its Integrated Management Controller and Smart Software Manager On-Prem.
Information security
fromSecurityWeek
2 days ago

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has released fixes for two critical and six high-severity vulnerabilities affecting various enterprise networking products.
Information security
fromThe Hacker News
2 days ago

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released critical updates to address vulnerabilities in its Integrated Management Controller and Smart Software Manager On-Prem.
more#cisco
Apple
fromZDNET
3 weeks ago

Why I use Apple's and Google's password managers - and don't mind the chaos

Apple and Google offer free, beginner-friendly password managers that securely store passwords across devices, with Apple best for iOS users and Google best for Android or mixed-device environments.
Information security
fromSecurityWeek
4 days ago

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.
fromSecurityWeek
2 days ago

Mercor Hit by LiteLLM Supply Chain Attack

We believe that the compromise originated from the Trivy dependency used in our CI/CD security scanning workflow. Our security team moved promptly to contain and remediate the incident.
Information security
fromComputerworld
4 days ago

Why the axios supply chain attack should have Apple worried

The attack illustrates the extent to which Big Tech relies on open-source software. Without the many contributions of open-source developers, Apple, Amazon, Google, Microsoft, and everyone else would need to invest vast sums in building more of the infrastructure of our digital world.
Information security
Information security
fromTechRepublic
3 days ago

Google Warns Quantum Computers Could Crack Crypto Sooner Than Expected

Quantum computing poses an imminent threat to cryptocurrency security, with fewer resources needed to break current cryptographic protections than previously estimated.
Information security
fromComputerWeekly.com
4 days ago

Banning routers won't fix what's already broken | Computer Weekly

The FCC's ban on foreign-made routers addresses future procurement, not current security risks, as routers are already vulnerable and widely deployed.
Information security
fromInfoQ
5 days ago

Cloudflare Adds Active API Vulnerability Scanning to Its Edge

Cloudflare's Web and API Vulnerability Scanner focuses on detecting Broken Object Level Authorization vulnerabilities in APIs.
Information security
fromSecurityWeek
4 days ago

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.
Information security
fromSecurityWeek
1 week ago

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

macOS users are targeted by a ClickFix campaign delivering a Python-based information stealer through a fake Cloudflare verification page.
#iphone-security
Information security
fromArs Technica
2 weeks ago

Hundreds of millions of iPhones can be hacked with a new tool found in the wild

DarkSword, a sophisticated iPhone hacking technique discovered in use by Russian hackers, can silently compromise hundreds of millions of iOS devices running older operating system versions through infected websites.
Information security
fromWIRED
2 weeks ago

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A sophisticated iPhone hacking technique called DarkSword enables attackers to silently compromise iOS devices through infected websites, affecting hundreds of millions of users running older iOS versions.
Information security
fromArs Technica
2 weeks ago

Hundreds of millions of iPhones can be hacked with a new tool found in the wild

DarkSword, a sophisticated iPhone hacking technique discovered in use by Russian hackers, can silently compromise hundreds of millions of iOS devices running older operating system versions through infected websites.
Information security
fromWIRED
2 weeks ago

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A sophisticated iPhone hacking technique called DarkSword enables attackers to silently compromise iOS devices through infected websites, affecting hundreds of millions of users running older iOS versions.
more#iphone-security
Information security
fromZDNET
2 weeks ago

As AI agents spread, 1Password's new tool tackles a rising security threat

AI agents require credentials to access systems, creating enterprise security risks similar to managing human employee access, necessitating unified credential management solutions.
Apple
fromTechRepublic
2 months ago

New iOS and iPadOS Flaws Leave Millions of iPhones at Risk

Two WebKit vulnerabilities (CVE-2025-43529 and CVE-2025-14174) allow zero-click remote code execution in Safari, potentially giving attackers full access to iPhones and iPads.
fromComputerworld
2 months ago

Apple touts 'unparalleled' protection for M5 Macs

Among other additions, it features new topic sections concerning quantum security, single sign-on (SSO), and satellite communications: Quantum Security: Another VGT, Apple deployed postquantum cryptographic protection (PQ3) in iMessage in iOS 17.4 and macOS 14.4. This protection against future quantum-based attacks has now been extended in iOS 26, iPadOS 26, macOS 26, tvOS 26, and watchOS 26, including the introduction of CryptoKit, which developers can use to help protect the software they offer on the platforms.
Apple
[ Load more ]