Privacy
-
Google expands Personal Intelligence into AI Mode in Search
A product blog from Google announced Personal Intelligence will expand into AI Mode in Search, letting AI Pro and AI Ultra subscribers opt in to link Gmail and Photos for tailored results as a Labs experiment starting today.
-
Malicious VSCode extensions with 1.5 million installs exfiltrate developer data
Two malicious Visual Studio Code extensions installed about 1.5 million times read and transmit open files and workspace data to China based servers, the technical analysis by Koi Security reports.
-
GDPR fines pass £1 billion as daily breach reports top 400
Europe’s GDPR fines topped £1 billion in 2025 and authorities recorded an average of 443 breach notifications a day, a 22 percent rise and the first time daily reports passed 400 since GDPR took effect.
-
Tennessee man pleads guilty after hacking Supreme Court e-filing system and leaking VA and AmeriCorps data
A Tennessee man pleaded guilty after using stolen credentials to access the Supreme Court e-filing system at least 25 times and to breach AmeriCorps and VA accounts between August and October 2023, prosecutors said.
-
Critical Fast Pair flaw lets attackers hijack Bluetooth headsets and eavesdrop
Researchers found a Fast Pair implementation flaw that lets attackers force-pair Bluetooth audio devices, enabling hijack, eavesdropping, and tracking of hundreds of millions of accessories. Patches from manufacturers are required to fix vulnerable devices.
-
France fines Free and Free Mobile €42 million after breach exposed 24.6 million records
CNIL imposed a collective €42 million fine on Free and Free Mobile after an October 2024 breach exposed 24,633,469 customer records including IBANs. The decision cited weak VPN authentication, ineffective detection and poor data retention controls.
-
Monroe University data breach exposed information on 320,973 people
Monroe University said a December 2024 cyberattack exposed personal, financial, and health data for 320,973 people. Notifications began in January and affected individuals are offered one year of free credit monitoring.
-
Ransomware breach at Cancer Center exposes participant files including 1990s Social Security numbers
A ransomware attack on August 31, 2025 breached the Cancer Center in Honolulu and stole study participant files including 1990s documents with Social Security numbers, the university said in a report to the state legislature.
-
Endesa discloses customer data breach affecting contract and payment details
Endesa and operator Energía XXI disclosed that hackers accessed a commercial platform and obtained customer contract information, including identity and payment details. The firm serves about 22 million clients and is notifying affected customers.
-
Two Chrome extensions exfiltrated ChatGPT and DeepSeek conversations from 900,000 users
A technical analysis by OX Security found two malicious Chrome extensions that collected ChatGPT and DeepSeek conversations and tab URLs from about 900,000 users and sent the data to external servers on a regular schedule.
