Access to India's Aadhaar unique identity enrollment software is unrestricted to anyone for as much as $35 - the price of a debilitating patch for important security features.
RoboCent, a Virginia Beach-based political robocall firm, has exposed the personal details of hundreds of thousands of US voters, according to the findings of a security researcher who stumbled upon the company's database online.
Russia's national vulnerability database (BDU) indexes and lists about a tenth of the security flaws it should be indexing on a normal basis.
Thousands of iOS and Android mobile applications are exposing over 113 GBs of data via over 2,271 misconfigured Firebase databases, according to a report released this week by mobile security firm Appthority.
The vast majority of Redis servers left open on the Internet without any authentication system in place are most likely harboring malware, an Imperva spokesperson said.
An unidentified hacker has breached Bycyklen —Copenhagen's city bikes network— and deleted the organization's entire database, disabling the public's access to bicycles over the weekend.
Security researchers have stumbled across a MongoDB database containing the personal details of over 25,000 users who invested in or received Bezop (BEZ) cryptocurrency.
Security researchers have begun stumbling upon misconfigured Django applications that are exposing sensitive information such as API keys, server passwords, or AWS access tokens.
A new type of attack has been discovered targeting PostgreSQL databases, in which malware authors are using an image of Hollywood actress Scarlett Johansson to hide a cryptocurrency miner they intend to run on the DB's underlying server.
Amazon AWS S3 cloud storage servers might soon fall victims to ransom attacks, similar to how hacker groups held tens of thousands of MongoDB databases for ransom throughout 2017.
Websites built using the Anchor CMS may be accidentally exposing their database passwords in publicly-facing error logs, Dutch security researcher Tijme Gommers has discovered.
For the second time in two months, the voter registration information of over 19 million Californians was leaked online via an unsecured MongoDB database, which was later held for ransom by hackers.
The US Department of Homeland Security (DHS) announced it suffered a data breach last year, during which data for over 247,000 DHS employees and individuals under DHS investigations was taken from a secure DHS database.
A Chinese threat actor has been targeting MSSQL and MySQL databases on Windows and Linux systems all year, deploying one of three malware strains, each with its own design and purpose.
The details of over 19 million California voters were left exposed online in an unsecured MongoDB database and were later held for ransom, according to researchers from the Kromtech Security Center.
Following a long string of data leaks caused by misconfigured S3 servers, Amazon has decided to add a visible warning to the AWS backend dashboard panel that will let server admins know if one of their buckets (storage environments) is publicly accessible and exposing potentially sensitive data on the Internet.
Hackers can exploit exposed Amazon S3 buckets to carry out silent Man-in-the-Middle attacks or other hacks on a company's customers or internal staff.
A Romanian bug hunter has found three flaws in Google's official bug tracker, one of which could have been used to exposed sensitive vulnerabilities to unauthorized intruders.