ALL POSTS

Key Findings DoJ disrupted command-and-control infrastructure for 4 IoT botnets Botnets infected approximately 3 million devices worldwide Attacks measured up to 31.4 Tbps, causing potential massive internet disruption Botnets launched hundreds of thousands of DDoS attack commands Potential suspects include a 23-year-old Canadian and a 15-year-old German Multiple international law enforcement agencies and tech companies collaborated on the operation Background The botnet disr

Key Findings * ShinyHunters claims to have stolen approximately 1 petabyte of data from Telus Digital * Breach discovered through stolen Google Cloud Platform credentials from a previous Salesforce-related hack * Telus confirms unauthorized access to internal systems * No disruption to customer services reported * Investigations and forensic analysis are ongoing Background Telus Digital, a subsidiary of Canadian telecommunications giant Telus, provides business process outsou

Key Findings: A new cybersecurity incident involving a dating website called WhiteDate has been reported. Instagram has experienced a data breach where user information, including passwords, was scraped and made publicly available. Troy Hunt is currently in Oslo, Norway. Background The WhiteDate Breach WhiteDate is a dating website that has experienced a security breach. Details of the breach, including the extent of the data exposed, are still being investigated. The inciden

Key Findings Coupang, a major e-commerce company in South Korea, has suffered a massive data breach affecting over 33.7 million accounts - more than half of the country's population. The breach was initially detected on November 18, 2025, when suspicious activity was observed on around 4,500 accounts. Further investigation revealed that the breach actually dated back to late June 2025 and had compromised the personal information of nearly the entire Coupang user base. Exposed

Key Findings OpenAI confirmed a data breach involving its third-party analytics provider Mixpanel The breach exposed limited API user metadata like names, emails, locations, and browser info No passwords, API keys, chat content, or payment data were involved Regular ChatGPT users were not affected, only those interacting with the OpenAI API Background OpenAI, the company behind the popular AI assistant ChatGPT, has confirmed a data breach involving Mixpanel, a third-party ana

Background In September 2025, SonicWall, a cybersecurity firm, disclosed a security breach that exposed firewall configuration files tied to MySonicWall accounts. The company initially claimed that less than 5% of customers were impacted, and no files were leaked. However, in October, SonicWall confirmed that threat actors had accessed the preference files of all firewalls using its MySonicWall cloud backup service. Key Findings The stolen files contained encrypted credential