15 Jul, 2026

Spanish energy giant Endesa discloses data breach affecting customers

Spanish energy provider Endesa and its Energía XXI operator are notifying customers that hackers accessed the company’s systems and accessed contract-related information, which includes personal details. Endesa is the largest electric utility company in Spain, now owned by Enel Group, that distributes gas and electricity to more than 10 million customers in Spain and Portugal. In total, […]

3 mins read

Max severity Ni8mare flaw impacts nearly 60,000 n8n instances

Nearly 60,000 n8n instances exposed online remain unpatched against a maximum-severity vulnerability dubbed “Ni8mare.” n8n is an open-source workflow automation platform that allows users to connect different applications and services via pre-built connectors and a visual, node-based interface to automate repetitive tasks without writing code. The automation platform is widely used in AI development to automate […]

2 mins read

Instagram denies breach amid claims of 17 million account data leak

Instagram says it fixed a bug that allowed threat actors to mass-request password reset emails, amid claims that data from more than 17 million Instagram accounts was scraped and leaked online. “We fixed an issue that allowed an external party to request password reset emails for some Instagram users,” a Meta spokesperson told GeekFeed. “We […]

3 mins read

California bans data broker reselling health data of millions

The California Privacy Protection Agency (CalPrivacy) has taken action against the Datamasters marketing firm that sold the health and personal data of millions of users without being registered as a data broker. As per the California Delete Act, businesses buying and selling information about consumers are required to register their data brokerage activity by January 31st […]

2 mins read

BreachForums hacking forum database leaked, exposing 324,000 accounts

The latest incarnation of the notorious BreachForums hacking forum has suffered a data breach, with its user database table leaked online. BreachForums is the name of a series of hacking forums used to trade, sell, and leak stolen data, as well as sell access to corporate networks and other illegal cybercrime services. The site was […]

4 mins read

Spain arrests 34 suspects linked to Black Axe cyber crime

Authorities in Spain have arrested 34 individuals allegedly part of a criminal network involved in cyber fraud and believed to be connected to the Black Axe group responsible for illicit activities across Europe. The operation was carried out with the help of the Bavarian State Criminal Police Office and the support of Europol. During searches […]

2 mins read

Ireland recalls almost 13,000 passports over missing ‘IRL’ code

Ireland’s Department of Foreign Affairs has recalled nearly 13,000 passports after a software update caused a printing defect. The printing error makes the documents non-compliant with international travel standards and potentially unreadable at automated border gates. Missing ‘IRL’ code The government said the affected passports, issued between December 23 and January 6, may fail at eGates and […]

2 mins read

Illinois Department of Human Services data breach affects 700K people

The Illinois Department of Human Services (IDHS), one of Illinois’ largest state agencies, accidentally exposed the personal and health data of nearly 700,000 residents due to incorrect privacy settings. The agency discovered the data breach on September 22 when it found that maps created by the IDHS Division of Family and Community Services for resource […]

2 mins read

Trend Micro warns of critical Apex Central RCE vulnerability

Japanese cybersecurity software firm Trend Micro has patched a critical security flaw in Apex Central (on-premise) that could allow attackers to execute arbitrary code with SYSTEM privileges. Apex Central is a web-based management console that helps admins manage multiple Trend Micro products and services (including antivirus, content security, and threat detection) and deploy components like antivirus […]

2 mins read

Hackers target misconfigured proxies to access paid LLM services

Threat actors are systematically hunting for misconfigured proxy servers that could provide access to commercial large language model (LLM) services. In an ongoing campaign that started in late December, the attackers have probed more than 73 LLM endpoints and generated over 80,000 sessions. According to threat monitoring platform GreyNoise, the threat actors use low-noise prompts to […]

3 mins read