Latest news as of 5/23/2026, 9:28:20 PM
Have I Been Pwned
In January 2026, . The dataset contained 17M rows of public Instagram information, including usernames, display names, account IDs, and in some cases, geolocation data. Of these records, 6.2M included an associated email address, and some also contained a phone number. The scraped data , despite coinciding in timeframe. There is no evidence that passwords or other sensitive data were compromised. data allegedly scraped via an Instagram API was posted to a popular hacking forum appears to be unrelated to password reset requests initiated on the platform
Bleeping Computer
The California Privacy Protection Agency (CalPrivacy) has taken action against the Datamasters marketing firm that sold the health and personal data of millions of users without being registered as a data broker. [...]
Bleeping Computer
Instagram says it fixed a bug that allowed threat actors to mass-request password reset emails, amid claims that data from more than 17 million Instagram accounts was scraped and leaked online. [...]
Bleeping Computer
Microsoft is retiring a feature that allowed you to send your documents to Kindle straight from Microsoft Word. [...]
Bleeping Computer
The latest incarnation of the notorious BreachForums hacking forum has suffered a data breach, with its user database table leaked online. [...]
Bleeping Computer
Authorities in Spain have arrested 34 individuals allegedly part of a criminal network involved in cyber fraud and believed to be connected to the Black Axe group responsible for illicit activities across Europe. [...]
Have I Been Pwned
In October 2025, . In the months leading up to the takedown, the site itself suffered a data breach that exposed 324k unique email addresses, usernames, and Argon2 password hashes. a reincarnation of the hacking forum BreachForums, which had previously been shut down multiple times, was taken offline by a coalition of law enforcement agencies
The Hacker News
The Iranian threat actor known as MuddyWater has been attributed to a spear-phishing campaign targeting diplomatic, maritime, financial, and telecom entities in the Middle East with a Rust-based implant codenamed RustyWater. "The campaign uses icon spoofing and malicious Word documents to deliver Rust based implants capable of asynchronous C2, anti-analysis, registry persistence, and modular
Bleeping Computer
Ireland's Department of Foreign Affairs has recalled nearly 13,000 passports after a software update caused a printing defect. The printing error makes the documents non-compliant with international travel standards and potentially unreadable at automated border gates. [...]
The Hacker News
Europol on Friday announced the arrest of 34 individuals in Spain who are alleged to be part of an international criminal organization called Black Axe. As part of an operation conducted by the Spanish National Police, in coordination with the Bavarian State Criminal Police Office and Europol, 28 arrests were made in Seville, along with three others in Madrid, two in Málaga, and one in Barcelona