Category: Bleeping Computer

Jaguar Land Rover
06
Jan
2026

Jaguar Land Rover wholesale volumes down 43% after cyberattack

Jaguar Land Rover (JLR) revealed this week that a September 2025 cyberattack led to a 43% decline in third-quarter wholesale…

Share: X : Jaguar Land Rover wholesale volumes down 43% after cyberattackFacebook : Jaguar Land Rover wholesale volumes down 43% after cyberattackLinkedin : Jaguar Land Rover wholesale volumes down 43% after cyberattackReddit : Jaguar Land Rover wholesale volumes down 43% after cyberattackTelegram : Jaguar Land Rover wholesale volumes down 43% after cyberattackWhatsApp : Jaguar Land Rover wholesale volumes down 43% after cyberattackEmail : Jaguar Land Rover wholesale volumes down 43% after cyberattack
Sedgwick
06
Jan
2026

Sedgwick confirms breach at government contractor subsidiary

Claims administration and risk management company Sedgwick has confirmed that its federal contractor subsidiary, Sedgwick Government Solutions, was the victim…

Share: X : Sedgwick confirms breach at government contractor subsidiaryFacebook : Sedgwick confirms breach at government contractor subsidiaryLinkedin : Sedgwick confirms breach at government contractor subsidiaryReddit : Sedgwick confirms breach at government contractor subsidiaryTelegram : Sedgwick confirms breach at government contractor subsidiaryWhatsApp : Sedgwick confirms breach at government contractor subsidiaryEmail : Sedgwick confirms breach at government contractor subsidiary
AI identity attacks
06
Jan
2026

How generative AI accelerates identity attacks against Active Directory

Active Directory is still how most organizations manage user identities, making it a frequent focus during attacks. What’s changed isn’t…

Share: X : How generative AI accelerates identity attacks against Active DirectoryFacebook : How generative AI accelerates identity attacks against Active DirectoryLinkedin : How generative AI accelerates identity attacks against Active DirectoryReddit : How generative AI accelerates identity attacks against Active DirectoryTelegram : How generative AI accelerates identity attacks against Active DirectoryWhatsApp : How generative AI accelerates identity attacks against Active DirectoryEmail : How generative AI accelerates identity attacks against Active Directory
Copilot
06
Jan
2026

Are Copilot prompt injection flaws vulnerabilities or AI limits?

Microsoft has pushed back against claims that multiple prompt injection and sandbox-related issues raised by a security engineer in its…

Share: X : Are Copilot prompt injection flaws vulnerabilities or AI limits?Facebook : Are Copilot prompt injection flaws vulnerabilities or AI limits?Linkedin : Are Copilot prompt injection flaws vulnerabilities or AI limits?Reddit : Are Copilot prompt injection flaws vulnerabilities or AI limits?Telegram : Are Copilot prompt injection flaws vulnerabilities or AI limits?WhatsApp : Are Copilot prompt injection flaws vulnerabilities or AI limits?Email : Are Copilot prompt injection flaws vulnerabilities or AI limits?
Cloud file-sharing sites targeted for corporate data theft attacks
06
Jan
2026

Cloud file-sharing sites targeted for corporate data theft attacks

A threat actor known as Zestix has been offering to sell corporate data stolen from dozens of companies likely after breaching…

Share: X : Cloud file-sharing sites targeted for corporate data theft attacksFacebook : Cloud file-sharing sites targeted for corporate data theft attacksLinkedin : Cloud file-sharing sites targeted for corporate data theft attacksReddit : Cloud file-sharing sites targeted for corporate data theft attacksTelegram : Cloud file-sharing sites targeted for corporate data theft attacksWhatsApp : Cloud file-sharing sites targeted for corporate data theft attacksEmail : Cloud file-sharing sites targeted for corporate data theft attacks
Windows BSOD
06
Jan
2026

ClickFix attack uses fake Windows BSOD screens to push malware

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of Death…

Share: X : ClickFix attack uses fake Windows BSOD screens to push malwareFacebook : ClickFix attack uses fake Windows BSOD screens to push malwareLinkedin : ClickFix attack uses fake Windows BSOD screens to push malwareReddit : ClickFix attack uses fake Windows BSOD screens to push malwareTelegram : ClickFix attack uses fake Windows BSOD screens to push malwareWhatsApp : ClickFix attack uses fake Windows BSOD screens to push malwareEmail : ClickFix attack uses fake Windows BSOD screens to push malware
Brightspeed
05
Jan
2026

US broadband provider Brightspeed investigates breach claims

Brightspeed, one of the largest fiber broadband companies in the United States, is investigating security breach and data theft claims…

Share: X : US broadband provider Brightspeed investigates breach claimsFacebook : US broadband provider Brightspeed investigates breach claimsLinkedin : US broadband provider Brightspeed investigates breach claimsReddit : US broadband provider Brightspeed investigates breach claimsTelegram : US broadband provider Brightspeed investigates breach claimsWhatsApp : US broadband provider Brightspeed investigates breach claimsEmail : US broadband provider Brightspeed investigates breach claims
NordVPN
05
Jan
2026

NordVPN denies breach claims, says attackers have “dummy data”

NordVPN denied allegations that its internal Salesforce development servers were breached, saying that cybercriminals obtained “dummy data” from a trial…

Share: X : NordVPN denies breach claims, says attackers have “dummy data”Facebook : NordVPN denies breach claims, says attackers have “dummy data”Linkedin : NordVPN denies breach claims, says attackers have “dummy data”Reddit : NordVPN denies breach claims, says attackers have “dummy data”Telegram : NordVPN denies breach claims, says attackers have “dummy data”WhatsApp : NordVPN denies breach claims, says attackers have “dummy data”Email : NordVPN denies breach claims, says attackers have “dummy data”
VSCode IDE forks expose users to
05
Jan
2026

VSCode IDE forks expose users to “recommended extension” attacks

Popular AI-powered integrated development environment solutions, such as Cursor, Windsurf, Google Antigravity, and Trae, recommend extensions that are non-existent in…

Share: X : VSCode IDE forks expose users to “recommended extension” attacksFacebook : VSCode IDE forks expose users to “recommended extension” attacksLinkedin : VSCode IDE forks expose users to “recommended extension” attacksReddit : VSCode IDE forks expose users to “recommended extension” attacksTelegram : VSCode IDE forks expose users to “recommended extension” attacksWhatsApp : VSCode IDE forks expose users to “recommended extension” attacksEmail : VSCode IDE forks expose users to “recommended extension” attacks
CISOs on the line header
05
Jan
2026

Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the Outcome

By Itamar Apelblat, CEO & Co-founder, Token Security If you are a CISO today, agentic AI probably feels familiar in…

Share: X : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeFacebook : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeLinkedin : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeReddit : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeTelegram : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeWhatsApp : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the OutcomeEmail : Agentic AI Is an Identity Problem and CISOs Will Be Accountable for the Outcome
Ledger customers impacted by third-party Global-e data breach
05
Jan
2026

Ledger customers impacted by third-party Global-e data breach

Ledger is informing some customers that their personal data has been exposed after hackers breached the systems of third-party payment…

Share: X : Ledger customers impacted by third-party Global-e data breachFacebook : Ledger customers impacted by third-party Global-e data breachLinkedin : Ledger customers impacted by third-party Global-e data breachReddit : Ledger customers impacted by third-party Global-e data breachTelegram : Ledger customers impacted by third-party Global-e data breachWhatsApp : Ledger customers impacted by third-party Global-e data breachEmail : Ledger customers impacted by third-party Global-e data breach
Hacker holding hands up
04
Jan
2026

Hackers claim Resecurity hack, firm says it was a honeypot

Update: Article updated to reflect that the ShinyHunters says they were not involved in this activity. We have updated our…

Share: X : Hackers claim Resecurity hack, firm says it was a honeypotFacebook : Hackers claim Resecurity hack, firm says it was a honeypotLinkedin : Hackers claim Resecurity hack, firm says it was a honeypotReddit : Hackers claim Resecurity hack, firm says it was a honeypotTelegram : Hackers claim Resecurity hack, firm says it was a honeypotWhatsApp : Hackers claim Resecurity hack, firm says it was a honeypotEmail : Hackers claim Resecurity hack, firm says it was a honeypot