Tag
An incident where Google's Gemini AI model inadvertently shared another user's chat history with the poster.
Meta has paused its employee-tracking program, the Model Compatibility Initiative (MCI), after an internal security breach exposed sensitive data collected from workers, following employee protests and privacy concerns.
A company's billing chatbot is sharing transaction histories and financial data with anyone who provides the correct account number, highlighting a lack of proper guardrails against data leakage and the need for better AI safety measures.
Lawmakers demand answers after a CISA contractor intentionally exposed AWS GovCloud keys and other secrets on a public GitHub repository, raising concerns about the agency's security culture amid staffing disruptions.
Trump Mobile is accused of insecurely storing customer data, potentially leaking addresses and phone numbers from T1 Phone pre-orders. The leak also reveals order numbers far lower than viral claims.
A CISA contractor leaked highly privileged AWS GovCloud credentials and internal system passwords on a public GitHub repository, representing one of the most egregious government data leaks in recent history.
A critical privacy flaw in DeepSeek allows users to access each other's conversations by entering a specific character, breaking session isolation and exposing sensitive data.
AI chatbots like Gemini, ChatGPT, and Claude are exposing real phone numbers and personal information due to training data containing PII, causing a 400% increase in privacy-related queries to services like DeleteMe.
A Dutch suicide prevention hotline was found to share sensitive visitor metadata with Google and Microsoft without proper consent, leading to the suspension of tracking tools and potential GDPR violations.
A Red Access investigation reveals that thousands of AI-generated web apps on platforms like Lovable and Replit are exposing sensitive private data due to misconfigurations. This highlights significant security risks associated with the rising trend of 'vibe coding' and unvetted AI tool usage.
Vercel has confirmed an intrusion by the hacker group ShinyHunters, who are openly selling core source code, internal database access, and secrets for $2 million. All Vercel users should immediately review and rotate environment variables and related keys.