Many patients who sought the services of a mental health provider found out their private information may be inadvertently passed on to online advertisers and social media giants without their knowledge. In other news, PeopleGrove exposed the personal information of its users, including higher education and career details. In another data leakage case, the Italian unit of BMW was found to leave its website files unprotected. Read along for the top headlines from the weekend.
01
Cerebral, a mental health startup, exposed the private health information of as many as 3.1 million U.S. patients, including mental health assessments, to advertisers and social media giants like Facebook, Google, and TikTok.
02
PeopleGrove (formerly CampusKudos), a career networking platform, left an unsecured database online, leaking gigabytes of personal information. Email addresses, phone numbers, addresses, university achievements and scores, and resumes were leaked.
03
Researchers discovered sensitive files related to the BMW Italy website left in an unprotected environment, leaving the door open for source code or customer data breaches.
04
Canada’s defense department confirmed that its systems were not affected after a ransomware attack on a defense contractor engineering firm named Black & McDonald.
05
The BATLOADER malware downloader was observed impersonating apps from Adobe, OpenAPI, Spotify, Tableau, and Zoom in malicious ads distributed via Google Ads to deliver Vidar Stealer and Ursnif.
06
A team of researchers from the University of Oxford and Carnegie Mellon University made a significant breakthrough in secure communication by developing an algorithm that conceals sensitive information effectively through steganography.
07
An attack spree by the Dark Pink APT group has been found targeting government and military entities in Southeast Asian countries with a malware called KamiKakaBot.
08
A new study by Cyberhaven Labs analyzed the use of ChatGPT by 1.6 million workers across industries and found that 5.6% of them have used it in the workplace and 4.9% have provided company data to it.
09
CloudSEK witnessed a 200-300% month-on-month surge in AI-generated YouTube videos about software cracks containing malicious links to a variety of stealer malware such as Raccoon, RedLine, and Vidar.
10
Brazilian multinational service and software provider Stefanini Group announced the acquisition of a majority stake in Safeway Consultoria, a cybersecurity consulting firm.
