SOUTHFIELD, MI - A newly surfaced dark-web listing claims that 700Credit, a provider of credit-reporting and identity-verification services for auto dealers, suffered a substantial data breach in late October 2025 - potentially exposing more than eight million customer records. What the Listing Claims According to the listing, the compromised database includes highly sensitive consumer information commonly handled by credit-reporting services - full names, Social … [Read more...]
Microsoft Warns Advertisers of New OAuth Consent Phishing Threat Targeting Users
REDMOND, WA - Microsoft has issued a new security alert to users of its Microsoft Advertising platform, warning of a wave of OAuth consent phishing attacks - a sophisticated form of credential theft designed to look completely legitimate. In its notice, Microsoft explained that malicious actors are sending out fake login or permission prompts that appear identical to the company’s official consent screens. Once a user clicks “Accept”, the attacker gains access to sensitive … [Read more...]
October: National Cybersecurity Awareness Month: Is Your Business Truly Protected?
WEST PALM BEACH, FL - Every October, businesses across the country are reminded of a simple but critical truth: cybersecurity is no longer optional. As cybercriminals refine their tactics, small and medium-sized businesses have increasingly become their top targets. Phishing emails, ransomware, and malware aren’t just problems for Fortune 500 companies - they’re threats to any business with valuable data and daily digital operations. This year’s National Cybersecurity … [Read more...]
Massive “Combo List 93M” Surfaces on Dark Web, Exposing Millions of Emails
WEST PALM BEACH, FL - A newly circulated credential database called Combo List 93M has emerged on underground forums, raising concerns for millions of email account holders. The massive compilation - reportedly containing over 93 million records - is being distributed within cybercriminal communities for use in credential-stuffing and phishing campaigns. What Is Combo List 93M? Unlike a traditional “data breach” tied to a single company, Combo List 93M appears to be an … [Read more...]
Aflac Hit by Sophisticated Cyberattack: What Victims, Businesses Need to Know
COLUMBUS, GA - Aflac Incorporated, a leading supplemental insurance provider, disclosed that its U.S. systems suffered a cyberattack on June 12, 2025, potentially exposing sensitive customer data. The breach was quickly contained, but it may have compromised claims information, health records, Social Security numbers, and other personal identifiers. What We Know So Far Potential Data Exposure Aflac’s Response Broader Industry Implications What Affected … [Read more...]
Record-Breaking Data Leak Exposes 16 Billion Credentials Including Session Tokens
WEST PALM BEACH, FL - A massive trove of approximately 16 billion username-password combinations—along with session tokens and cookies - has surfaced on unsecured servers, cybersecurity researchers confirmed. The cache appears to be an aggregate of around 30 previously known data sets, sourced from malware-based credential thefts and older breaches, rather than a fresh, single-source attack. Security analysts emphasize the sheer volume of data makes it impossible to … [Read more...]
Records From 2024 AT&T Data Breach Are Once Again For Sale On The Dark Web
PALM BEACH, FL - A massive trove of nearly 90 million AT&T customer records, including Social Security numbers and other sensitive information, has resurfaced for sale on the dark web, reigniting concerns over personal data security. The data were first posted to a Russian-language cybercrime forum on May 15 and reappeared on June 3, with cybersecurity researchers confirming these are decrypted records - mostly repackaged from previous breaches. AT&T indicates … [Read more...]
Global Domain Name Industry Poised for Growth: Insights from Data Industry Leaders
WEST PALM BEACH, FL - The domain name industry is experiencing significant growth, with projections indicating a continued upward trajectory. According to the recently released Domain Names – Global Strategic Business Report 2025 by ResearchAndMarkets.com, the global market for domain names was estimated at 378.6 million registered domains in 2024 and is projected to reach 459.9 million by 2030, reflecting a compound annual growth rate (CAGR) of 3.3% . Regional Growth and … [Read more...]
Massive Data Breach Exposes 184 Million Login Credentials from Major Tech Platforms
WEST PALM BEACH, FL - A significant data breach has compromised over 184 million login credentials, affecting users of major platforms including Google, Apple, Meta (Facebook, Instagram), Microsoft, Snapchat, and others. The exposed information includes email addresses, usernames, plaintext passwords, and login URLs, posing a substantial risk of identity theft and unauthorized account access. Cybersecurity researcher Jeremiah Fowler discovered the unprotected database, … [Read more...]
The End of an Era: Whois Lookup Service Fades Into History, Replaced by RDAP
WEST PALM BEACH, FL - In a significant shift for the internet's infrastructure, the decades-old Whois system is being phased out, making way for its modern successor: the Registration Data Access Protocol (RDAP). This transition marks the end of an era for one of the internet's most recognizable tools and ushers in a new chapter in how domain registration data is accessed and managed. For years, Whois has been the go-to resource for querying domain name registration … [Read more...]
50 Million Potentially Compromised In PowerSchool Data Breach
SACRAMENTO, CA - On December 28, 2024, PowerSchool, a prominent provider of educational technology services to over 60 million K-12 students worldwide, identified a cybersecurity incident involving unauthorized access to its Student Information System (SIS) through the PowerSource customer support portal. The breach, which occurred between December 19 and December 24, 2024, allowed threat actors to exfiltrate sensitive data, including names, addresses, dates of birth, … [Read more...]
Hackers Utilizing Russian Domains for Rising Number of Complex Phishing Attacks
REDMOND, WA - Cybersecurity experts have noted a large increase in the number of phishing attacks recently as hackers have been altering their attack avenues in order to work their way around increasingly complex email security systems designed to circumvent their efforts. Both the volume and complexity of malicious emails have been on the rise and are proving to be increasingly able to bypass Secure Email Gateways (SEGs) such as Microsoft and Proofpoint, according … [Read more...]
Amazon Seizes Domains Used by Russian Hackers Targeting Windows Users
SEATTLE, WA - Online shopping retail giant Amazon this week seized multiple internet domains that have been utilized by Russian hackers to launch phishing attacks that targeted users of Microsoft’s Windows operating system. Chief Information Security Officer at Amazon, CJ Moses, announced in a blog post that Midnight Blizzard, otherwise known as APT29 – a threat actor directly sponsored by the Russian government – had been targeting government agencies, empires, … [Read more...]
Thousands of “Sitting Duck” Domain Names Highjacked by Russian Cybercriminals
PALM BEACH, FL - A critical vulnerability within the Domain Name System (DNS) has been unearthed and exploited by dozens of cybercriminals and hackers originating from Russia to take over thousands of domain names, according to cybersecurity researchers from Infoblox and Eclypsium. An estimated 30,000 legitimate domains have been hijacked by the digital thieves since 2019, experts say, utilizing a technique known as “Sitting Ducks” that exploits weak DNS services. The … [Read more...]
Experts: Hackers Registered Over 500,000 Domains for Massive Cyber-Attack
SANTA CLARA, CA - Hackers have been around since the debut of the Internet, and over the years they’ve learned a number of underhanded tricks to use on unsuspecting victims; one of the most prolific is registering new domains to use to disseminate malware and conduct fishing attacks – while posing as innocent and trustworthy websites – in order to get the unwary to share sensitive information or download malicious software. That being said, according to cybersecurity … [Read more...]