Hims & Hers, the telehealth company that sells weight-loss drugs and sexual health prescriptions, has confirmed a data breach affecting its third-party customer service platform. The healthcare company said in a data breach notice filed with the California attorney general’s office on Thursday that the hackers stole data about user …

American toy-making giant Hasbro has confirmed a cyberattack, and the company says it may take “several weeks” before the incident is resolved. The owner of properties including Transformers, Peppa Pig, and Dungeons & Dragons said in a legally required disclosure with the U. Securities and Exchange Commission on Wednesday that …

WhatsApp says it has notified around 200 users who were tricked into installing a malicious fake version of the chat app that contained spyware. WhatsApp accused Italian spyware maker SIO of creating a fake version of its messaging app for iPhones, according to an announcement the company shared with TechCrunch. …

Apple has pushed a security update to older iPhones and iPads that protects against a leaked set of powerful hacking tools capable of stealing data from a person’s device. The tech giant said on Wednesday that it released iOS 18. 7 to allow a broader range of devices to “receive …

Decentralized finance company Drift says it has suspended withdrawals and deposits after confirming a security incident. The crypto platform said in a post on X that it was “experiencing an active attack,” and that it was working to “contain the incident. ” Security researchers and public blockchain data suggest the …

Healthcare technology giant CareCloud has confirmed that hackers accessed one of its stores of patients’ electronic health records during a data breach earlier this month. The disclosure, filed with the U. Securities and Exchange Commission last Friday, said the company detected unauthorized access on March 16 to one of six …

A suspected North Korean hacker has hijacked and modified a popular open source software development tool to deliver malware that could put millions of developers at risk of being compromised. On Monday, a hacker pushed malicious versions of the widely used JavaScript library called Axios, which developers rely on to …

Mercor, a popular AI recruiting startup, has confirmed a security incident linked to a supply chain attack involving the open-source project LiteLLM. The AI startup told TechCrunch on Tuesday that it was “one of thousands of companies” affected by a recent compromise of LiteLLM’s project, which was linked to a …

Apple has provided federal agents with the real identities of at least two customers who used one of the company’s privacy features designed to mask their email addresses from apps and websites. “Hide My Email” is a feature that allows paying Apple iCloud+ customers to generate anonymous email addresses that …

LiteLLM, makers of a popular AI gateway used by millions of developers, has publicly announced that it is ditching compliance startup Delve and will redo its security certifications with another company and auditor. The announcement comes after LiteLLM’s open source version fell victim to some horrific credential-stealing malware last week. …