security incident
-
Discord says support vendor breach exposed customer data
Discord said a compromised third-party customer support vendor exposed support tickets and personal details, including billing data and ID images, and that it cut the vendor’s access, launched an investigation and notified law enforcement.
-
Nx supply-chain attack: Malicious npm packages exfiltrate credentials and tokens
Security researchers say a supply-chain attack on the nx build system led to malicious nx npm packages that exfiltrated credentials and tokens. The breach was tied to a vulnerable PR workflow and elevated GitHub permissions, prompting widespread token rotation and intensified vendor-targeted remediation.
-
Inotiv ransomware attack disrupts operations as Qilin claims data theft
Inotiv, an Indiana-based contract research organization, disclosed a ransomware incident on August 8, 2025 that encrypted some systems and data, disrupting operations. The company engaged external security experts, notified law enforcement, and said it is restoring networks while a Qilin ransomware gang claims to have stolen hundreds of thousands of files and published data samples.
-
WestJet Investigates Cyberattack Disrupting Operations and Services
WestJet is investigating a cyberattack that has disrupted access to its internal systems and app, affecting service for users. The airline is working with law enforcement and Transport Canada to contain the situation.
-
Texas Department of Transportation Reports Data Breach Affecting 300,000 Individuals
The Texas Department of Transportation has reported a data breach affecting approximately 300,000 individuals, with sensitive crash record information accessed by unauthorized actors on May 12, 2025.
