A copy of the U.S. Transportation Security Administration’s “no-fly list” has been found by a Swiss hacker exposed on the open internet in yet another case of misconfigured cloud storage. First reported by The Daily Dot, the exposure of the database was found by a Swiss hacker known as “maia arson crimew” on a server ...

Days after cutting off outside services from accessing its application programming interface, Twitter Inc. today updated its developer agreement to ban third-party Twitter clients officially. Third-party services that rely on the Twitter API for access were first reported to have issues as early as last Thursday. Twitter then claimed earlier this week that it was “enforcing long-standing ...

Email marketing platform Mailchimp, owned by Intuit Inc. since September 2021, has achieved the dubious honor of a cybersecurity fail hat trick: It has been hacked for the third time in the space of a year. Mailchimp’s latest data breach was detected on Jan. 11 when an authorized actor was found to be accessing tools used ...

PayPal Holdings Inc. has disclosed a data breach that involved the theft of information from 35,000 customers in a credential-stuffing attack. In a filing Wednesday with the Office of the Maine Attorney General, PayPal said the breach occurred between Dec. 6 and Dec. 8 and was detected on Dec. 20. Details believed to have been accessed ...

T-Mobile US Inc. has disclosed yet-another data breach, with the latest breach compromising data belonging to 37 million customers. In a filing today with the U.S. Security and Exchange Commission, T-Mobile said a bad actor first retrieved data through an application programming interface on or around Nov. 25. The breach wasn’t detected until Jan. 5, and ...

Security compliance startup Vanta Inc. today announced that it has acquired security review automation startup Trustpage for an undisclosed sum. Founded in 2020, Trustpage offers an artificial intelligence-assisted service that can automate questionnaires, share documents and manage security reviews. The company pitches itself as a centralized hub that reimagines how companies communicate their security posture. Trustpage ...

Automated threat modeling solution startup ThreatModeler Software Inc. today launched the Threat Model Marketplace, a cybersecurity asset marketplace offering pre-built, field-tested threat models. Free for a limited time, the models offered by the Threat Model Marketplace allow enterprises to accelerate efforts to visualize attack surfaces, understand security requirements and prioritize steps to mitigate threats. The models ...

Fresh from delivering a January surprise in the form of M2 Pro-powered MacBook Pros, Apple Inc. has today announced a new HomePod smart speaker. The HomePod was launched in 2017, with the most recent version until today being announced in 2020. The HomePod is Apple’s version of Amazon.com Inc.’s Echo devices but more expensive and ...

Cloud-native authorization startup Styra Inc., the founders of Open Policy Agent, an open-source engine for unifying policy enforcement across the software stack, today announced Repo Scan, a service that provides near-instant scanning of configuration files in GitHub. Styra argues that software supply chain security — looking across each component of software to identify and address risk — must ...

Modern commerce platform startup Chord Commerce Inc. today announced that it has raised $15 million in new funding to expand its data capabilities and support availability for larger customers. Bright Pixel Capital and Eclipse co-led the Series A extension, with GC1 Ventures, TechNexus Venture Collaborative, Anti Fund VC, Imaginary Ventures, Foundation Capital and White Star Capital ...