Summary: Genetic, medical, and lifestyle data from all 500,000 UK Biobank volunteers was listed for sale on Alibaba after three Chinese research institutions with legitimate access violated their data-sharing agreements. The data was de-identified but includes genome sequences, hospital diagnoses, and biological measures that experts say can be re-identified. Alibaba removed the listings before any […]
Summary: Lovable, the $6.6 billion vibe coding platform with eight million users, has faced three documented security incidents exposing source code, database credentials, and thousands of user records, with the most recent BOLA vulnerability left open for 48 days after the company closed a bug bounty report without escalation. The incidents are representative of a […]
In short: OpenAI is releasing GPT-5.4-Cyber, a model fine-tuned for defensive cybersecurity with lowered refusal boundaries and binary reverse engineering capabilities, and scaling its Trusted Access for Cyber programme to thousands of verified defenders. The move comes a week after Anthropic restricted its more powerful Mythos model to just 11 organisations, setting up a philosophical […]
Anna Moneymaker/Getty Images
In short: Google has brought end-to-end encryption in Gmail to Android and iOS, closing the mobile gap that remained after the feature launched on the web in April 2025. Enterprise users on Google Workspace Enterprise Plus with the Assured Controls add-on can now compose and read encrypted messages directly in the Gmail app, with no extra […]
Database credentials remain one of the most common attack vectors in enterprise breaches, yet most organisations still manage them through shared spreadsheets, hardcoded connection strings, or standalone credential vaults with no session oversight. Keeper Security, the Chicago-based cybersecurity company best known for its password management platform, is attempting to close that gap with KeeperDB, a […]
CERT-EU has attributed a major data breach at the European Commission to cybercrime group TeamPCP, which exploited a supply chain attack on the open-source security tool Trivy to steal 92 GB of compressed data from the Commission’s AWS infrastructure. The notorious ShinyHunters gang then published the data, which included emails and personal details from up […]
[Washington, DC – April 2, 2026] – IREX, a global pioneer in ethical AI and intelligent video analytics deployed across 10+ countries and over 300,000 cameras, announced a major update to its FireTrack smoke and fire detection module. The update doesn’t require any additional hardware and broadens FireTrack’s applicability to critical infrastructure such as energy […]
WhatsApp has notified approximately 200 users, primarily in Italy, that they were tricked into installing a counterfeit version of the messaging app that was actually government spyware. The fake application was built by SIO, an Italian surveillance technology company that develops spyware for law enforcement and intelligence agencies through its subsidiary ASIGINT. WhatsApp said it […]
