Incidents & Breaches Archives - Page 4 of 22

June 19, 2026 AI Security Cloud Security Incidents & Breaches Vulnerability Intelligence

A Practical Workflow for A simple method to dedupe similar advisories across sources and languages

A Practical Workflow for A simple method to dedupe similar advisories across sources and languages helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more

June 19, 2026 AI Security Identity & Governance Incidents & Breaches Security Operations

Malicious JetBrains Plugins and Chrome Extensions Steal AI API Keys and Chat Data

Researchers uncovered 15 malicious JetBrains plugins posing as AI coding assistants that exfiltrate API keys for OpenAI, DeepSeek, and other LLMs, alongside two Chrome extensions stealing AI chat conversations from major platforms, highlighting supply chain risks in developer tools and browser extensions. Read more

June 18, 2026 AI Security Cloud Security Incidents & Breaches Vulnerability Intelligence

A Practical Workflow for What to capture from a data breach disclosure for later follow-up

A Practical Workflow for What to capture from a data breach disclosure for later follow-up helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more

June 18, 2026 AI Security Cloud Security Incidents & Breaches Vulnerability Intelligence

A Practical Workflow for How to write an internal alert from a CERT bulletin without exaggeration

A Practical Workflow for How to write an internal alert from a CERT bulletin without exaggeration helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more

June 18, 2026 AI Security Cloud Security Incidents & Breaches Vulnerability Intelligence

A Practical Workflow for Build a supplier exposure watchlist from East Asia vulnerability notes

A Practical Workflow for Build a supplier exposure watchlist from East Asia vulnerability notes helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more

June 18, 2026 AI Security Cloud Security Incidents & Breaches Vulnerability Intelligence

A Practical Workflow for Questions to ask when a vendor advisory lacks version ranges

A Practical Workflow for Questions to ask when a vendor advisory lacks version ranges helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more

June 18, 2026 Cloud Security Identity & Governance Incidents & Breaches Security Operations

Malicious LNK Files Disguised as Privacy Consent Forms Target South Korean Users via Fileless PowerShell and Task Scheduler Abuse

AhnLab identifies a campaign distributing malicious LNK files masquerading as personal information consent forms to execute fileless PowerShell scripts, establish persistence via Windows Task Scheduler, deploy info-stealers and backdoors, and use decoy documents to evade detection, with observed TTP overlaps to Kimsuky-like activity. Read more

June 18, 2026 AI Security Cloud Security Incidents & Breaches Security Operations

Supply Chain Attack on Mastra npm Packages Exposes AI Development Environments to Cryptocurrency Theft

A coordinated supply chain attack compromised 144 Mastra npm packages by hijacking a former contributor's account to inject a malicious dependency that steals cryptocurrency and establishes persistence, posing significant risks to AI development workflows and cloud infrastructure environments globally. Read more

June 18, 2026 AI Security Incidents & Breaches Security Operations Vulnerability Intelligence

RoguePlanet Zero-Day Exposes Critical Race Condition in Microsoft Defender’s Privileged Engine

Microsoft confirmed active development of a patch for CVE-2026-50656, a zero-day elevation of privilege vulnerability in Microsoft Defender that allows attackers to gain SYSTEM access via a race condition in the Malware Protection Engine, affecting fully patched Windows 10 and 11 systems despite real-time protection being enabled. Read more

June 18, 2026 AI Security Cloud Security Incidents & Breaches Vulnerability Intelligence

A Practical Workflow for A Taiwan-listed company discloses a cyber incident; what should you verify first?

A Practical Workflow for A Taiwan-listed company discloses a cyber incident; what should you verify first? helps security, cloud, and supplier-risk teams keep an East Asia cyber or AI-risk signal under review when there is no fresh publish-ready news item. It explains how to preserve the original link, separate visible evidence from assumptions, and route unclear findings without inventing unsupported claims. Read more