database

  • Blog

    Someone Found Over 180 Million User Records in an Unprotected Online Database

    If you use the internet, you’ve probably had at least some personal information go missing. It’s just the nature of the web. But this latest discovery, as reported by Wired, is something different. Security researcher Jeremiah Fowler found a public online database housing over 180 million records (184,162,718 to be exact) which amounted to more than 47GB of data. There…

    Read More »
  • Blog

    The EU just launched its own vulnerability database

    Cybersecurity experts have hailed the launch of the EU’s new vulnerability database as a positive step toward enhancing regional security. The new European Vulnerability Database (EUVD), unveiled by the ENISA, will provide organizations with a centralized platform aimed at providing up-to-date information on security flaws akin to MITRE’s CVE database. “The database provides aggregated, reliable, and actionable information such as…

    Read More »
  • Blog

    DOGE is reportedly building a ‘master database’ of government information

    The Committee has also received reports about troubling, fumbling efforts by DOGE to combine sensitive information held by SSA, the IRS, HHS, and other agencies into a single cross-agency master database. Improving how federal agencies share data to improve outcomes and customer service is a longstanding and bipartisan goal in Congress. Information obtained by the Committee, however, indicates that DOGE…

    Read More »
  • Blog

    CISA’s Reversal Extends Support for CVE Database

    Image: CROCOTHERY/Adobe Stock The nonprofit organization MITRE, which maintains the Common Vulnerabilities and Exposures (CVE) database, said on April 15 that the US government funding for its operations will expire without renewal; however, in a last-minute reversal announced the morning of April 16, CISA said it has extended support for the database. At the same time, CVE Board members have…

    Read More »
  • Blog

    Seized database helps Europol snare botnet customers in ‘Operation Endgame’ follow-up sting

    Europol has detained several people believed to be involved in a botnet operation as part of a follow-up to a major takedown last year. Following the Operation Endgame investigation, major malware droppers including IcedID, SystemBC, Pikabot, Smokeloader and Bumblebee, were shut down last year. According to Europol, analysis of the contents of a seized database enabled it to identify customers…

    Read More »
  • Blog

    Flaws in a popular dev library could let hackers run malicious code in your MongoDB database

    A researcher has uncovered two related vulnerabilities in a popular developer library used to connect applications and MongoDB that could allow hackers to sneak into your database. Mongoose is an object data modeling (ODM) library for MongDB that connects it to the Node.js runtime environment, essentially simplifying interactions between applications and MongoDB databases The flaws were discovered by Dat Phung,…

    Read More »
  • Blog

    DeepSeek exposes database with over 1 million chat records

    DeepSeek, the Chinese AI startup known for its DeepSeek-R1 LLM model, has publicly exposed two databases containing sensitive user and operational information. The unsecured ClickHouse instances reportedly held over a million log entries containing user chat history in plaintext form, API keys, backend details, and operational metadata. Wiz Research discovered this exposure during a security assessment of DeepSeek’s external infrastructure.…

    Read More »
  • Blog

    DeepSeek Locked Down Public Database Access That Exposed Chat History

    On Jan. 29, U.S.-based Wiz Research announced it responsibly disclosed a DeepSeek database previously open to the public, exposing chat logs and other sensitive information. DeepSeek locked down the database, but the discovery highlights possible risks with generative AI models, particularly international projects. DeepSeek shook up the tech industry over the last week as the Chinese company’s AI models rivaled…

    Read More »
  • Blog

    DeepSeek database left user data, chat histories exposed for anyone to see

    DeepSeek has secured a “completely open” database that exposed user chat histories, API authentication keys, system logs, and other sensitive information, according to cloud security firm Wiz. The security researchers said they found the Chinese AI startup’s publicly accessible database in “minutes,” with no authentication required. The exposed information was housed within an open-source data management system called ClickHouse and…

    Read More »
  • Blog

    UN aviation agency confirms recruitment database security breach

    ​The United Nations’ International Civil Aviation Organization (ICAO) has confirmed that a threat actor has stolen approximately 42,000 records after hacking into its recruitment database. This follows ICAO’s announcement on Monday that it was investigating what it described as a “potential information security incident.” While the UN agency didn’t provide additional details, this came two days after a threat actor…

    Read More »
Back to top button
close