The Record

Roblox says it will build a system to ensure that adults and children aren't communicating unless they know one another outside the gaming platform.

Australian airline Qantas reduced bonuses for its corporate leaders in response to a breach that exposed the data of 5.7 million people earlier this year.

After the notices from Sitecore and Mandiant on Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its exploited bugs catalog, giving all federal civilian agencies three weeks to patch it.

A malware campaign dubbed GhostRedirector by researchers at ESET attempts to compromise websites to drive traffic to gambling sites.

Luxury automaker Jaguar Land Rover says employees should stay home through the weekend as it works to mitigate the impact of a cyberattack.

In breach notifications submitted to regulators in Maine and Vermont, Chess.com explained that 4,541 people had personal information exposed to hackers who breached an unnamed file transfer application between June 5 and June 18.

More than 880,000 Texans were affected by the breach at education tech provider PowerSchool, state Attorney General Ken Paxton noted in filing a lawsuit against the company.

A federal jury awarded plaintiffs suing Google $425 million in damages, holding that by collecting the data of users who had switched off an app activity-tracking feature, the tech giant invaded the privacy of millions.

A former information security professor with more than 25 years in the Ukrainian armed forces, Oleksandr Potii is blunt about Moscow’s capabilities: “We see that Russia’s technical level is high and its potential is strong. We cannot underestimate them."

Google has been penalized €325 million ($379 million) and clothing retailer Shein has been ordered to pay €150 million ($175 million) for not getting proper consent from users for advertising cookies, France's CNIL said.

Cloud storage and remote operation can expose critical sectors to Chinese espionage, warned the Czech Republic's NÚKIB, "making trust in the reliability of the provider absolutely crucial."

A trade group for media giants said it worked with Egyptian authorities to shut down Streameast, a website known for pirating broadcasts of major sports leagues.

Ten-year extensions of a threat information sharing law and a cybersecurity grant program for states and localities won bipartisan approval in the House Homeland Security Committee.

The complaint alleges that the toy manufacturer Apitor published a privacy policy saying that it complied with the Children’s Online Privacy Protection Rule, but in reality violated the law by collecting the location data from children without parental consent.

Ukraine’s security service is accusing the country’s anti-corruption agencies of seeking “revenge” by bringing charges against Illia Vitiuk, the former head of the agency’s cybersecurity unit.

Multiple tech firms have publicly detailed how incidents involving the third-party Salesloft Drift tool have exposed customer data.

In October 2024, Amazon disrupted another APT29 operation that attempted to use phishing domains impersonating AWS.

The Cybersecurity and Infrastructure Security Agency announced that Nicholas Andersen has taken over as the executive assistant director for cybersecurity.

The Federal Trade Commission (FTC) announced Disney has agreed to pay $10 million to settle allegations that it collected personal data from children watching YouTube videos without parental notification or consent.

Pennsylvania Attorney General Dave Sunday said his office has made significant progress in recovering from an August 11 cyberattack, and it did not pay a ransom to the intruders.