Practice by Numbers, the developer of a patient management software used in thousands of dentists’ offices, has fixed a security flaw that exposed the private health records of patients on a portal that comes bundled with the software, TechCrunch has learned. One patient, Joseph R. Cox, reported the bug to …

OpenAI is getting serious about account security. The company on Thursday launched Advanced Account Security (AAS), a set of opt-in protections for ChatGPT users designed for high-value individuals — but available to anyone who wants them. As part of that new program, digital security provider Yubico announced it has partnered …

Security researchers are sounding the alarm on a newly discovered vulnerability in the widely used web server management software cPanel and WebHost Manager (WHM). The bug allows hackers to hijack and take full control of the servers running the affected software, which is thought to be used by tens of …

Last year, WhatsApp and Apple notified several people in Italy, including journalists and activists, that they had been targeted with government spyware. In particular, WhatsApp pointed the finger at the Israeli American surveillance tech maker Paragon Solutions as the company that provided the technology for a hacking campaign that targeted …

A man accused of carrying out cyberattacks on behalf of the Chinese government has been extradited to the United States, and faces over a decade in prison if convicted. Justice Department accused Xu Zewei of working as a contractor for the Chinese Ministry of State Security to conduct a series …

Yet another government spyware maker has been caught after its customers used fake Android apps to install its surveillance software on targets, according to a new report. On Thursday, Osservatorio Nessuno, an Italian digital rights organization that researches spyware, published a report on a new malware it calls Morpheus. The …

App and website hosting giant Vercel on Thursday said hackers had accessed some of its customers’ data before the company discovered its recent data breach, suggesting that this incident may have broader security implications than initially known. In an update on its security incident page, Vercel said it had identified …

Trump’s twice-chosen pick to run the U. federal cybersecurity agency CISA has requested to withdraw from the position, leaving the agency without any clear person to lead it on a permanent basis. In a letter to the White House on Wednesday, Sean Plankey requested that the Trump administration withdraw his …

A group of unauthorized users has reportedly gained access to Mythos, the cybersecurity tool recently announced by Anthropic. Much has been made of Mythos and its purported power — an AI product designed for enterprise security that, in the wrong hands, could become a potent hacking tool, according to the …

Cloud app hosting giant Vercel this weekend said hackers had breached its internal systems and accessed customer data. Hackers have claimed they have stolen sensitive customer credentials from Vercel’s systems and are selling the data online. In a statement on Sunday, Vercel said the breach originated from another software maker, …