Posted in Commentary with tags Hacked on August 28, 2025 by itnerd
Consumer credit reporting giant TransUnion warns it suffered a data breach exposing the personal information of over 4.4 million people in the United States. According to a filing submitted to the Office of the Maine AG, the breach occurred on July 28, 2025, and was discovered two days later.
Paul Bischoff, Consumer Privacy Advocate at Comparitech had this comment:
“For context, the TransUnion breach compromised 4.4 million people. The 2017 Equifax breach compromised 147 million. It’s not as big, but it’s just as serious for those 4.4 million people. TransUnion does more than just generate credit reports. Other businesses that suffer data breaches frequently enlist TransUnion to provide credit monitoring and identity theft protection to breach victims. This breach could dissuade victims of other breaches from enrolling in those protective services.”
Roger Grimes, Data-Driven Defense Evangelist at KnowBe4 had this to say:
“Another data breach? “Only” involving single millions of digits? It’s almost a non-event. Data breaches involving hundreds of millions of records barely make the news anymore. How worried can you be about one “little” data breach when the information revealed to the hackers has likely been stolen many times? My only problem is why the breach was confirmed in late July and not reported to consumers until late August? Four weeks to publicly report, while likely legal, seems like a lot of time to let involved compromised users go around blindly without knowing about the additional risk, whether big or small. I’ve seen this lately…data breaches that must be reported publicly, taking a month or many months before they are publicly reported to those who are impacted. In today’s instant online world is seems more and more unacceptable.”
When the company that helps to protect people from getting taken advantage of after a breach gets breached, we’re all in deep trouble. These companies need to ensure that everything they do is beyond reproach or consumers will stop trusting them.
KnowBe4 today released a comprehensive resource kit in support of Cybersecurity Awareness Month 2025. The toolkit aligns with this year’s theme “Secure Our World” and supports the global movement to emphasize the importance of securing our digital lives. Cybersecurity Awareness Month, established in 2004 through a joint effort by the U.S. Department of Homeland Security and the National Cyber Security Alliance, provides organizations worldwide an opportunity to strengthen their security culture through education and awareness. This year’s focus is on simple, effective practices like using strong passwords, enabling non-phishable multifactor authentication (MFA), recognizing and reporting phishing attempts, and keeping software up to date.
EnGenius Technologies Inc., a global leader in advanced connectivity and cloud-managed networking solutions, today announced the official launch and immediate availability of the ECW510 Wi-Fi 7 indoor access point. Expanding the company’s line of affordable Wi-Fi 7 access points, the ECW510 makes next-generation wireless networking even more accessible for small businesses. Ideal for deployments in small offices, retail shops, motels, apartments, and cafés or small restaurants, the ECW510 delivers enterprise-grade Wi-Fi 7 performance in everyday business environments.
EnGenius ECW510: Reliable Wi-Fi 7 Made Simple for Small Businesses
Powered by the Qualcomm® Networking Pro 1220 platform, the ECW510 delivers dual band 2×2 Wi-Fi 7 performance with aggregated speeds up to 5 Gbps. At an MSRP of just $129, the ECW510 redefines value in professional-grade networking—empowering IT professionals, managed service providers (MSPs), and integrators to deliver reliable, future-ready connectivity at a disruptive price point.
The ECW510 is equipped with essential features including:
Affordable Wi-Fi 7: High-speed tri-band performance (up to 5 Gbps) for less than the cost of many Wi-Fi 6 access points.
Easy to Set Up: Use the free EnGenius Cloud To-Go app—most networks are running in under 5 minutes.
No Hidden Fees: Centralized cloud management comes license-free, saving ongoing costs.
Coverage & Capacity: Delivers strong Wi-Fi across up to 1,000 sq. ft. and supports up to 400 connected devices at once.
Built for Growth: Supports multiple access points, making it easy to expand as your business grows.
Secure and Reliable: WPA3 Enterprise-grade security and a 5-year warranty for peace of mind.
Cybercriminals are always looking for new ways to trick people, using exploitative tactics to steal money, data, and sensitive information. Netcraft has observed a recent shift in how they have been leaning on a subtle but clever tactic that exploits how we visually process text using the Japanese Hiragana character ん. Netcraft uncovered novel attacks targeting cryptocurrency wallets and exchanges, prominent travel websites, large cloud services, and as we’ve also seen, security researchers use it in testing.
Initial reports earlier in August have identified that campaigns are leveraging this abuse against Booking.com. However, our own investigation revealed that this technique can be tracked back to November 25, 2024, beginning with the domain ioんhardware-wallet[.]best. Netcraft later identified more than 600 related domains using this technique.
Figure 1: The Hiragana character “ん” (Latin “n”) deployed in a URL
By using carefully chosen lookalike Unicode characters in domain names, attackers can make fake websites URLs that look almost identical to legitimate ones. This type of attack, often called a homoglyph attack, works because different scripts or writing systems have characters that look similar; think about a Latin ’a’ and a Greek ‘α’ (alpha). This is not a new attack vector, dating back to the early 2000s, but threat actors have found a new twist exploiting an edge case in the processing rules designed to prevent confusion.
These attacks rely on the use of “confusable” characters like Unicode symbols that resemble Latin letters or symbols but are encoded differently. Recent activity has begun to use the Japanese character “ん” (hiragana ‘n’). At a quick glance, it is intended to look like a forward slash “/”. And when it’s dropped into a domain name, it’s easy to see how it can be convincing. That tiny swap is enough to make a phishing site domain look real, which is the goal of threat actors trying to steal logins and personal information or distribute malware.
Figure 2: How Hiragana ん appears in Chrome’s URL display. The host domain name is “comprehensive-protection[.]guru” in the example shown.
To make these deceptive domains functional, threat actors rely on Punycode, a way to encode Unicode characters into ASCII so they can be used in DNS. For instance, a domain like example.comんlogin would be encoded as example.xn--comlogin-0o4g, allowing it to be registered and resolved like any other domain.
Tracing the Campaign’s Early Activity
Our investigation revealed that the majority of the 600 domains leveraging this deceptive character technique were aimed at cryptocurrency users. These domains frequently impersonated legitimate browser extensions, particularly fake versions of the Google Chrome Web Store, as part of an effort to lure victims into downloading malicious wallet applications. These wallets include Phantom, Rabby, OKX, Coinbase, MetaMask, Exodus, PancakeSwap, Bitget, and Trust.
Mapping the Infrastructure Behind New Domain Activity
Days after the Booking.com domains were uncovered, we identified a wave of newly registered domains that appeared shortly after the initial public reporting:
First, we took chromewebstore[.]google[.]comんdetailんokx-wallet.comprehensive-protection[.]guru and examined the contents of the phishing page, which mimicked Google’s Chrome Web Store to download the OKX cryptocurrency wallet browser extension. Clicking “Add to Chrome” prompted us to add the OKX Wallet as an extension, however, this was fake. Instead, it redirected to /welcome, which prompted us to either create or import a wallet.
Figure 4: Navigation path leading to fake OKX Wallet import page
Once a seed phrase was entered, we tracked that the phrase was sent to process.php, which appeared to validate the phrase before harvesting it. After validation, the seed phrase was leaked, giving threat actors unlimited access to the victim’s Bitcoin wallet.
While this page looks nearly identical to the example above, the outcome is quite different. Clicking ‘Add to Chrome’ did not redirect us to a web-based seed phrase stealer. Instead, it immediately downloaded an .exe file named “acmacodkjbdgmoleebbolmdjsighsdch.exe,” a malicious file that the page implies is a browser extension for Chrome named Rabby Wallet (a commonly available wallet for the Ethereum and EVM cryptocurrencies). After the download, the page presents a fake error message appears, claiming the installation failed and instructing the page visitor to manually open the downloaded file.
Figure 6: Error message used to trick users into running the malicious file
Upon closer analysis, the .exe appears to be malicious. The file is signed with a valid cryptographic signature, issued to OLAN LLC, which introduces a new layer of uncertainty. It is possible that the certificate belongs to a legitimate IT services company, and that the threat actors are now leveraging it for malicious activity, as other campaigns have abused other commercial IT administration tools, such as ConnectWise.
Further investigation revealed that the malware communicates with 826exe.carnegie.workers[.]dev. In communication we intercepted between the executable and this address, the program transmitted profile data about the infected system to its command & control service, including the logged-in user account name, machine name, operating system version, and other parameters.
Figure 7: The initial C2 check-in communication with profile data masked out
Subsequent connections to the C2 address revealed that the program self-identifies as “Performance Enhancement Tool v.3.7.2” and deploys a payload into a folder named PerformanceModules under the logged in user’s AppData\Local folder path.
Figure 8: The “Performance Enhancement Tool” executable communicates with its C2 that it has deployed a payload under the MyTestExtension folder
Inside that folder, the malware placed a subfolder named Module_ with eight random hexadecimal characters appended to the folder name, and inside that folder, creates a folder named MyTestExtension that contains more than 900 files that appear to contain some of the actual Rabby Wallet code, as well as scripts, images, and text that seems to have nothing to do with Rabby Wallet, including references to online Web games. Some of the graphics embedded in this code appear to prompt the user with guidance on how to change the cryptocurrency wallet address their currency is contained within.
Figure 9: The “Rabby Wallet” code appears inside this MyTestExtension folder the file drops into the user’s AppData path
Additionally, we identified a malicious payload hosted at storage.googleapis[.]com/8-26b/acmacodkjbdgmoleebbolmdjsighsdch.exe. This suggests a well-orchestrated setup that blends certificate abuse, cloud-hosted payloads, and evasive infrastructure to facilitate data theft or remote access.
Following the initial wave of phishing domains targeting Booking.com and popular cryptocurrency wallets, our investigation uncovered a broader and rapidly evolving infrastructure leveraging the deceptive character. While many of these domains initially focused on impersonating cryptocurrency platforms, we have since identified a growing number of domains that extend beyond crypto and travel sectors.
A significant portion of these newly observed domains currently lack active content, but their structural patterns, registration timing, and thematic similarities suggest they are likely part of a coordinated setup. Notably, we saw these domains that do not target cryptocurrency, begin appearing shortly after public reporting on August 14, 2025, indicating that threat actors may be quickly adopting this tactic across multiple verticals.
Some of the newly discovered domains appear to target major tech platforms. For instance, we found several Microsoft-themed domains such as:
This domain is impersonating Cloudflare’s access control feature. Interestingly, both the original Booking.com phishing domain hxxps://account[.]booking[.]comんdetailんrestric-access[.]www-account-booking[.]com/en/ and the Cloudflare domain share the same hostname segment: restric-access. This reuse of hostname structure across different brands likely suggests a shared domain generation pattern or toolkit, possibly indicating a common threat actor or automated infrastructure setup.
Other domains seem to target educational services. Examples include:
sdu[.]edu[.]cnんcasんlogin[.]pass-sdu-edu[.]cn
These resemble login portals for universities and could be used in credential harvesting campaigns targeting students.
We also observed additional crypto-related domains like booth[.]pmんgiftsん8f53a3a2-adbc-4d10-9d03-f338215de494ん[.]sakurayuki[.]dev, which appears to be themed around digital gifts or giveaways, a common lure in crypto phishing. Another domain www[.]revolut[.]comんviewんtransactionんb3edf3638c29m4qdl5kdlx3んstatus[.]online, mimics the all-in-one finance application, likely intended to exploit user trust and familiarity with financial platforms.
In addition to these, we found several domains that are likely test cases or proof-of-concept setups, possibly created by researchers or security teams:
These domains contain keywords such as “test”, “donot[.]press”, and “webphishing”, which suggest they are likely not part of active malicious campaigns but rather used for experimentation or awareness.
While these domains are not currently serving malicious content, their existence highlights how quickly this tactic is spreading. It’s common for threat actors to register domains in advance, either to avoid detection or to prepare infrastructure for future campaigns. The consistent use of the ん character across both malicious and experimental domains reinforces its potential as a tool for visual deception.
Implications for Defenders
One of the challenges with tracking these kinds of phishing campaigns is that Unicode makes detection and monitoring more complex than traditional Latin characters. Characters like ん are visually similar to Latin letters but are coded differently, meaning it is possible that they can slip past basic string-matching filters or regex-based detection rules.
Chrome’s IDN policy allows certain scripts, such as Latin and Hiragana to be used within a single label. This is permitted to support multilingual domain names, but with some exceptions to prevent abuse. For example, Chrome restricts combinations that are known to be highly confusable or deceptive. However, the policy still allows enough flexibility that threat actors can exploit visually similar characters like ん in phishing domains.
Many security tools and URL scanners aren’t configured to normalize or visually compare Unicode characters, which allows these domains to evade automated detection.
Outpacing Confusable Character Threats
The use of confusable Unicode characters in phishing domains isn’t new but is evolving. The abuse of Hiragana ん is just one example of how subtle character swaps can bypass filters and fool even vigilant users. Netcraft will continue to monitor this tactic, track emerging infrastructure, and share updates as attackers refine their methods.
Alluxio today announced strong results for the second quarter of its 2026 fiscal year. During the quarter, the company launched Alluxio Enterprise AI 3.7, a major release that delivers sub-millisecond TTFB (time to first byte) latency for AI workloads accessing data on cloud storage.
Alluxio also reported new customer wins across multiple industries and AI use cases, including model training, model deployment, and feature store query acceleration. In addition, the MLPerf Storage v2.0 benchmark results underscored Alluxio’s leadership in AI infrastructure performance, with the platform achieving exceptional GPU utilization and I/O acceleration across diverse training and checkpointing workloads.
Key Features of Alluxio Enterprise AI 3.7
Ultra-Low Latency Caching for Cloud Storage – Alluxio AI 3.7 introduces a distributed, transparent caching layer that reduces latency to sub-millisecond levels while retrieving AI data from cloud storage. It achieves up to 45× lower latency than S3 Standard and 5× lower latency than S3 Express One Zone, plus up to 11.5 GiB/s (98.7 Gbps) throughput per worker node, with linear scalability as nodes are added.
Enhanced Cache Preloading – The Alluxio Distributed Cache Preloader now supports parallel loading, delivering up to 5× faster cache preloading to ensure hot data availability for faster AI training and inference cold starts.
Role-Based Access Control (RBAC) for S3 Access – New granular RBAC capabilities allow tight integration with identity providers (OIDC/OAuth 2.0, Apache Ranger), controlling user authentication, authorization, and permitted operations on cached data.
Customer Momentum in H1 2025
The first half of 2025 saw record market adoption of Alluxio AI, with customer growth exceeding 50% compared to the previous period. Organizations across tech, finance, e-commerce, and media sectors have increasingly deployed Alluxio’s AI acceleration platform to enhance training throughput, streamline feature store access, and speed inference workflows. With growing deployments across hybrid and multi-cloud environments, demand for Alluxio AI reflects rapidly rising expectations for high-performance, low-latency AI data infrastructure. Notable customers added in the half include:
Salesforce
Dyna Robotics
Geely
Substantial I/O Performance Gains Confirmed in MLPerf Storage v2.0 Benchmark
Alluxio’s distributed caching architecture underscores its commitment to maximizing GPU efficiency and AI workload performance. In the MLPerf Storage v2.0 benchmarks:
Training Throughput
ResNet50: 24.14 GiB/s supporting 128 accelerators with 99.57% GPU utilization, scaling linearly from 1 to 8 clients and 2 to 8 workers.
Acronis and Intel, today announced Acronis Cyber Protect Cloud’s availability with AI PCs powered by Intel Core Ultra processors, a new collaboration that brings advanced and automated threat detection and remediation to endpoint devices without compromising performance. By integrating Acronis Cyber Protect Cloud with Intel technology, managed service providers (MSPs), managed security service providers (MSSPs), and enterprise customers experience faster, more efficient cybersecurity, ideal for today’s resource-constrained users.
Acronis Cyber Protect Cloud uses AI to detect and remediate threats in real-time at the endpoint, analyzing behavioral patterns to uncover advanced attacks, including ransomware, zero-day exploits, and fileless malware that traditional tools might miss. On Intel® Core™ Ultra-powered devices, the solution becomes even more efficient by leveraging OpenVINO™ to offload heavy AI tasks such as behavioral heuristics and anomaly scoring to the processor’s neural processing unit (NPU). Offloading AI-driven behavioral detection from the CPU to the NPU within Intel Core Ultra processors reduces CPU load by up to 92%, based on internal performance testing. This optimizes performance, extends battery life, and keeps systems running smoothly.
Acronis Cyber Protect Cloud, a SaaS-based, multi-tenant platform, delivers award-winning protection from cyberthreats, including next-generation anti-malware, email security, data loss prevention (DLP), and endpoint and extended detection and response (EDR /XDR). Security professionals who use Acronis spend less time juggling tools thanks to its natively integrated solution that integrates cybersecurity, endpoint and posture management, data protection, automated backups, and disaster recovery. Acronis also proudly aligns with NIST cybersecurity functions, helping users identify, protect, detect, respond, and recover more effectively.
Traditional anti-malware software often struggles to detect modern threats and can drain system resources, leading to slowdowns, increased support tickets, and lost productivity. Fragmented security solutions further strain overburdened IT teams while increasing operational complexity. Acronis Cyber Protect Cloud solves this with natively integrated cyber protection that minimizes impact on system performance. And with Intel technology, it runs even more efficiently.
Cybernews researchers have uncovered critical misconfigurations on two Tencent Cloud subdomains that exposed sensitive credentials and internal source code for months, posing risks to millions of Tencent Cloud users.
Tencent Cloud is one of the largest global cloud providers, serving over 10 million users worldwide across gaming, finance, communications, and enterprise sectors.
Key takeaways:
One of the affected services was related to Tencent’s internal load balancer, and another subdomain was a deployment of JEECG, an open-source development platform promoted by Tencent Cloud.
The hardcoded credentials appeared to grant direct access to Tencent Cloud’s administrative console.
The environment files with hardcoded administrative console credentials and the .git directory have been publicly accessible for months.
The exposed passwords were also weak and vulnerable to dictionary attacks. They were composed using the company name, the year, and some symbols.
Tencent acknowledged it as a “known issue” and closed access.
Leak significance
A malicious actor with access to the misconfigured files and directories could potentially:
Gain full administrative access to the production systems
Tamper with internal API services
Attach malicious payloads to the trusted front-end code
Pivot further into Tencent’s internal cloud infrastructure
Or simply abuse the trusted Tencent domain for malicious phishing campaigns
Posted in Commentary with tags Nikon on August 27, 2025 by itnerd
Nikon Canada Inc. has announced the release of firmware version 2.00 for its full-frame/FX-format mirrorless camera, the Nikon Z6III. This marks the first major update since the launch of the Z6III and introduces several features equivalent to those found in the flagship Nikon Z9 and Nikon Z8.
With its already incredible high-speed performance, this firmware update adds the long-awaited [Birds] mode to subject detection, offering an enhanced shooting experience for both still and videos. Plus, the Auto Capture function now enables automatic shooting under pre-configured conditions, supporting flexible shooting styles tailored to various situations.
Additionally, for the first time for a Nikon product, the Z6III supports the Nikon Authenticity Service – a solution primarily aimed at media organizations and creators who require a high level of trustworthiness in their work. The service is compatible with the C2PA (Coalition for Content Provenance and Authenticity) standard, clearly recording provenance information from shooting through to editing to ensure greater transparency and reliability of content.
Nikon will continue to enhance its products through firmware updates that address user needs, while also fostering an environment in which all photographers and creators can engage in creative and professional activities with confidence and peace of mind.
Improved Subject Detection with Dedicated [Birds] Mode
A dedicated Birds mode has been added to the Z6III’s subject-detection options. When Birds mode is selected, the camera automatically tracks birds in flight with great precision, keeping them in focus even against complex, high-contrast backgrounds such as forests and rocky mountains. This allows photographers to concentrate on framing images, helping to meet their expectations. There is also a Focus limiter setting that can be assigned to a custom control to limit the shooting distance range, for more accurate focusing on the desired subject. In addition, the JPEG fine image quality setting can now be selected when Pre-Release Capture, which records images for up to one second before the shutter-release button is fully pressed, is used during full-frame shooting at 60 fps. This makes it possible to capture the moment a bird takes flight with superior image quality.
C2PA Compliance With Image Provenance Function
Nikon is committed to developing an image provenance function that supports confirmation of image authenticity, aiming to protect individuals and enterprises in the imaging industry from any unfavourable results caused by falsification and/or image manipulation, and to realize a society in which creative and business activities can be conducted with greater peace of mind. Z6III firmware version 2.00 includes an image provenance function that complies with the C2PA standard and is part of the Nikon Authenticity Service. By making a prior request through Nikon Imaging Cloud, users can load the digital certificate necessary for recording provenance data onto the Z6III.
The image provenance function adds metadata – such as information about the equipment used and data that makes it easy to verify whether the image has been tampered with, including a digital signature – to captured image files. This enables users to prove that a photo was taken with a Nikon camera.
Auto Capture Function Expands Shooting Possibilities in Any A Variety Of Situations
Firmware version 2.00 adds the Auto Capture function, which enables automatic shooting with pre-configured conditions. This allows users to specify the subject type, direction of movement, and shooting distance range to capture previously difficult scenes, such as those that require shooting in places or positions where photographers would disturb their subject. The function is also equipped with a scheduling feature that allows the user to specify the day and time to initiate Auto Capture in advance, reducing battery consumption between camera setup and the start of shooting. In combination with a USB-to-Ethernet adapter, it enables high-speed data transfer even to remote destinations, meeting the high demands of professional environments.
Expanded Functions and Improvements to Operability
An Automatic monitor display switch function for disabling the eye sensor when the vari-angle monitor is deployed has been added, a first for the Nikon Z series.
A function that allows users to exit the zoom view with a half-press of the shutter-release button when the focus mode is set to manual has been added.
Pixel shift shooting can now be used in combination with focus shift shooting or AE bracketing settings for more precise photographic expression than ever before.
A Recall shooting functions option that allows users to recall previously stored settings – including shooting mode, shutter speed, aperture value, and ISO sensitivity – with the press of a button has been added to the roles that can be assigned to a custom control.
Adds support for USB streaming (UVC/UAC), which allows the camera to be used as a webcam by simply connecting it to a computer or smartphone.
By default, firmware updates are now installed automatically after the camera connects to Nikon Imaging Cloud (a note about setting the camera’s date and time has been added to the instructions for connecting to the cloud to prevent connection errors between Nikon Imaging Cloud and the camera).
Operation has been simplified by automatically displaying an update confirmation dialog on the camera monitor after registering an imaging recipe in Nikon Imaging Cloud.
Nikon Z6III owners can visit the website here to learn more about the new firmware. Nikon will continue to enhance its products through firmware updates that address user needs, while also fostering an environment in which all photographers and creators can engage in creative and professional activities with confidence and peace of mind.
Today, Specops Software, an Outpost24 company and leading provider of password and identity management solutions, announced that Specops uReset, the company’s self-service password reset (SSPR) solution, now supports cloud-only Entra ID environments, joining Specops Secure Service Desk in enabling organizations across on-premises, hybrid, and cloud infrastructures.
With Specops uReset, customers can access self-service password resets from any browser or device. Whether organizations are fully remote, hybrid, or distributed across multiple locations, uReset eliminates the frustration of password-related downtime while reducing IT overhead costs. Considering 94% of organizations use at least some form of cloud computing, the expansion of Specops Software’s SSPR solution to include Entra ID enabled organizations comes at a critical time.
According to Gartner, 40% of all IT help desk calls are related to passwords, making password management one of the most persistent and costly challenges for IT teams. By shifting these calls to a secure, self-service model, uReset allows organizations to free up IT resources for strategic priorities while providing users with faster, more reliable access to their accounts. With this latest release, uReset brings enterprise-grade self-service password reset capabilities directly to Entra ID customers, extending beyond native options with:
Flexible MFA with 20+ authenticators (including Microsoft Authenticator, Okta, Duo Security, Yubikey, and Specops:ID)
Dynamic end-user feedback during password creation
Breached password protection against Specops’ database of 4+ billion compromised credentials
Simple, privacy-first enrollment
To learn more about Specops uReset for Cloud, click here.
Qwiet AI has unveiled game-changing updates to its application security platform. These updates, which include expanded integrations across Azure DevOps, Azure Boards, and GitHub, and the introduction of new AI-powered AutoFix capabilities and an enhanced user experience, are set to revolutionize how development and security teams release secure applications. By empowering teams to release secure applications at the speed of innovation without disrupting developer workflows, these updates promise a more comfortable and user-friendly experience.
The latest release from Qwiet AI is a testament to its developer-first approach, as it integrates security into the tools engineers already use. The AutoFix Pull Request integration in Azure DevOps, the production-ready integration in Azure Boards, and the new GitHub app featuring agentic AI capabilities have all been meticulously developed and tested to ensure their reliability and effectiveness. With the addition of support for SARIF analyses for non-CPG projects and advanced AST-based policy support for Swift, the AutoFix now offers broader protection across more languages and environments, promising a more secure and efficient development process.
Beyond new integrations, the platform has been refined to enhance usability and provide deeper insights. Updates include enhanced webhook notifications, automated data export processes, expanded secrets configuration, minor UI/UX enhancements, and a beta of new observability graphs and reports around vulnerability trend analysis. These improvements give AppSec, DevOps, and IT leaders the visibility and control they need to prioritize issues, demonstrate measurable progress, and respond quickly to emerging risks.
These enhancements come at a crucial time when organizations grapple with the pressure to secure software amidst rapid release cycles, fragmented security tools, and escalating compliance demands. Industry research underscores these challenges: 74% of organizations navigate multi-vendor security ecosystems, and 70% juggle more than ten separate tools. The prevalence of delayed patching, a key driver of breaches with up to 80%traced back to unpatched vulnerabilities, further underscores the need for a solution like Qwiet AI. Qwiet AI is helping its customers overcome these hurdles by consolidating workflows and accelerating remediation.
With these updates now available, Qwiet AI continues to deliver on its mission to integrate security into the software development lifecycle. It enables organizations in fintech, retail, SaaS, healthcare, manufacturing, and e-commerce to reduce risk while maintaining speed and agility, demonstrating Qwiet AI’s commitment to customer success.
TransUnion Gets Hit By A Data Breach
Posted in Commentary with tags Hacked on August 28, 2025 by itnerdConsumer credit reporting giant TransUnion warns it suffered a data breach exposing the personal information of over 4.4 million people in the United States. According to a filing submitted to the Office of the Maine AG, the breach occurred on July 28, 2025, and was discovered two days later.
Paul Bischoff, Consumer Privacy Advocate at Comparitech had this comment:
“For context, the TransUnion breach compromised 4.4 million people. The 2017 Equifax breach compromised 147 million. It’s not as big, but it’s just as serious for those 4.4 million people. TransUnion does more than just generate credit reports. Other businesses that suffer data breaches frequently enlist TransUnion to provide credit monitoring and identity theft protection to breach victims. This breach could dissuade victims of other breaches from enrolling in those protective services.”
Roger Grimes, Data-Driven Defense Evangelist at KnowBe4 had this to say:
“Another data breach? “Only” involving single millions of digits? It’s almost a non-event. Data breaches involving hundreds of millions of records barely make the news anymore. How worried can you be about one “little” data breach when the information revealed to the hackers has likely been stolen many times? My only problem is why the breach was confirmed in late July and not reported to consumers until late August? Four weeks to publicly report, while likely legal, seems like a lot of time to let involved compromised users go around blindly without knowing about the additional risk, whether big or small. I’ve seen this lately…data breaches that must be reported publicly, taking a month or many months before they are publicly reported to those who are impacted. In today’s instant online world is seems more and more unacceptable.”
When the company that helps to protect people from getting taken advantage of after a breach gets breached, we’re all in deep trouble. These companies need to ensure that everything they do is beyond reproach or consumers will stop trusting them.
Leave a comment »