Kirsten Doyle

A major data breach has exposed the personal information of over three million individuals, including high school student-athletes and college coaches, according to cybersecurity researcher Jeremiah Fowler. The unprotected database, which was discovered by Fowler and reported to vpnMentor, contained more than 3.1 million records and 135 GB of data, including sensitive personally identifiable information (PII) such as names, phone numbers, emails, addresses, and even passport data. The records appear to belong to PrepHero, a Chicago-based recruiting platform operated by EXACT Sports, which helps high school athletes connect with college programs. Among the exposed data were unencrypted .CSV files containing…

Once viewed as a safe digital playground for kids, Roblox is now in the spotlight for all the wrong reasons. A new class action lawsuit is accusing the company of violating children’s privacy by secretly tracking their activity without proper consent. Filed in a California federal court by plaintiffs Michael and Salena Garcia, the suit alleges that Roblox Corporation is in breach of federal privacy laws. The 45-page filing paints a troubling picture. It claims Roblox uses hidden tracking tools that effectively “wiretap” everything a player does on the platform, from keystrokes and mouse movements to private messages and search…

A sophisticated phishing campaign spoofing India’s Ministry of Defence has been uncovered. The operation, which mirrors tactics seen in previous ClickFix-style attacks, appears to be the work of the Pakistan-linked threat group APT36 (Transparent Tribe). It uses cloned government branding and cross-platform malware delivery to target unsuspecting users. Deceptive Infrastructure Mimics Official Government Portal Researchers at hunt.io discovered a fake domain (email.gov.in.drdosurvey[.]info) designed to closely resemble the official Ministry of Defence press release portal. The malicious site mimicked the layout and structure of the real press archive, but with a critical difference: only the link for March 2025 was active,…

The Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the FBI, Environmental Protection Agency (EPA), and Department of Energy (DoE), has issued a joint alert warning that unsophisticated cyber actors are increasingly targeting operational technology (OT) and industrial control systems (ICS) within the United States’ critical infrastructure.   “CISA is increasingly aware of unsophisticated cyber actor(s) targeting ICS/SCADA systems within U.S. critical Infrastructure sectors (Oil and Natural Gas), specifically in Energy and Transportation Systems,” the agency says. According to the alert, even basic intrusion techniques are proving dangerous due to widespread poor cyber hygiene and internet-exposed systems. These attacks, while…

One of the largest data breaches in U.S. educational history is worsening, as the attacker behind the December 2024 cyberattack on PowerSchool is now directly extorting affected schools, threatening to leak sensitive student and teacher data unless ransom payments are made.  PowerSchool, a widely used student information system (SIS) platform across American K–12 institutions, confirmed that the breach compromised. Data belonging to over 60 million students and 9.5 million educators. Initially believed to have been resolved after PowerSchool paid an undisclosed ransom to the attackers in exchange for a video showing the data’s deletion, the situation has taken a dramatic…

In a novel malware campaign, attackers are leveraging fake AI-powered video and image editing sites to spread a newly identified malware strain: Noodlophile Stealer. This was revealed in recent research by Morphisec.   Cybercriminals are like pickpockets; they go where the crowds are. They see users eagerly flocking to platforms that promise to turn selfies into cinematic videos or enhance images with a click and are seizing the day. “Noodlophile Stealer represents a new addition to the malware ecosystem. Previously undocumented in public malware trackers or reports, this stealer combines browser credential theft, wallet exfiltration, and optional remote access deployment,” Shmuel…

In a recent security advisory, the FBI warned of a quietly growing cyber threat: outdated home and small business routers are being turned into tools for criminal anonymity. Bad actors are compromising end-of-life (EoL) routers (devices no longer supported by their manufacturers) to install malware and conscript them into sprawling proxy networks like 5Socks and AnyProxy. Once infected, these routers become conduits for malicious traffic, obfuscating the true origin of cyberattacks and illicit activities.  “The botnets are used in various ways, such as launching coordinated attacks or selling access to the devices. With the 5Socks and Anyproxy network, criminals are…

While reports suggest that the latest version of Samsung MagicINFO 9 Server (21.1050.0) addresses the high-severity vulnerability tracked as CVE-2024-7399, Huntress has independently confirmed that this version remains vulnerable to a publicly available proof-of-concept (PoC). Huntress has also observed active exploitation of this flaw in the wild, affecting even the most recent version. Until a proper fix is released, Huntress says MagicINFO 9 Server should not be exposed to the internet. On 12 January, a researcher working with SSD Disclosure reportedly notified Samsung of several vulnerabilities in MagicINFO 9 Server, Samsung’s content management system for controlling digital signage displays. An…

A California jury just handed down a major verdict against Pegasus spyware maker NSO Group, ordering the company to pay $167 million in punitive damages for its role in the hacking of 1,400 WhatsApp users’ phones. This wraps up a six-year legal battle, during which WhatsApp alleged that NSO repeatedly launched spyware attacks against its platform—even as its engineering teams worked to patch the vulnerabilities being exploited.  In addition to the punitive damages, the jury awarded WhatsApp $445,000 in compensatory damages to cover the cost of the considerable work its engineers undertook to defend against these attacks. “Six years ago,…

The malicious actors who targeted Marks & Spencer (M&S) and the Co-op tricked IT workers to gain a foothold into their organizations’ systems, according to a new report from Reuters. The social engineering attack on the Co-op enabled attackers to reset a member of staff’s password before breaching the network. A similar tactic was used against M&S. In the wake of these incidents, the NCSC (the government agency responsible for cyber security) has issued guidance to organizations urging them to review their IT help desk “password reset processes” to limit their chances of suffering a breach. Continually Validate Risk Exposure …