sensitive data
Coverage of sensitive data in the Nexus archive.
- Meta is 'pausing' employee tracking program after it let the whole company see sensitive data
Meta has paused an employee tracking program after it exposed sensitive data to the entire company. The move is unlikely to improve the controversial AI training initiative's popularity.
- Hackers claim they stole Novo Nordisk's drug and AI secrets
Hackers claim to have stolen over a terabyte of sensitive data from Novo Nordisk, a pharmaceutical company, after they refused to pay a $25 million ransom. The stolen data includes drug and AI secrets.
- OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks
OpenAI introduced Lockdown Mode to protect sensitive data from prompt injection attacks. However, ChatGPT may still be vulnerable to such attacks despite the new feature.
- DentaQuest data breach exposed info of 2.6 million accounts
A data breach at the dental benefits administrator DentaQuest has exposed the sensitive data of 2.6 million accounts.
- LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure
A high-severity SSRF vulnerability (CVE-2026-33626) in LMDeploy, an open-source LLM deployment toolkit, was actively exploited in the wild within 13 hours of disclosure. The flaw, rated CVSS 7.5, allows attackers to access sensitive data via server-side request forgery.
- Chinese attackers are pwning your infrastructure to use in attacks, 10 countries warn
A joint advisory from 10 countries warns that China-linked threat actors are exploiting compromised routers and IoT devices globally to create proxy networks for cyberattacks, data theft, and operational disruptions. The attackers use these devices to launch further intrusions and steal sensitive information.
- New Checkmarx supply-chain breach affects KICS analysis tool
Hackers compromised Docker images, VSCode, and Open VSX extensions for Checkmarx's KICS analysis tool to steal sensitive data from developer environments. The breach exploits the supply chain to harvest information from affected systems.
- Another npm supply chain worm is tearing through dev environments
Another npm supply chain attack is spreading through compromised packages, stealing secrets and sensitive data from developers' environments. The attack shares similarities with previous infections linked to the TeamPCP group and references a 'TeamPCP/LiteLLM method' in its payload.
- Japan should think twice before entrusting Palantir with sensitive data
The article warns Japan against entrusting sensitive data to Palantir, suggesting caution is needed. Palantir is highlighted as a company handling sensitive information, prompting concerns about data security and trustworthiness.