In March 2026, the Colombian fintech company Addi identified unauthorised activity on its platform and advised customers that “it is possible that your personal information may have been compromised”. The “pay or leak” extortion group ShinyHunters subsequently claimed responsibility and published a large trove of personal data allegedly obtained from Addi. The data included 34M unique email addresses from credit scoring requests, credit bureau records, customer identity records and email validation logs. It also contained government issued IDs (Cédula de Ciudadanía), estimated income, socioeconomic levels, purchases and other credit-related data points. – Read more
Latest article
Addi – 34,532,941 breached accounts
In March 2026, the Colombian fintech company Addi identified unauthorised activity on its platform and advised customers that "it is possible that your personal...
Microsoft May security patch fails for some due to boot partition size glitch
“Something didn’t go as planned. Undoing changes.” That’s all the clue some Windows 11 users will get when Microsoft’s May...
Apple’s Siri Revamp May Add Auto-Deleting Chats
Apple’s reported Siri revamp may add auto-deleting AI chats as the company prepares a privacy-focused software push at WWDC 2026.
The post Apple’s Siri Revamp...
Hackers Actively Exploiting Critical NGINX RCE Vulnerability in the Wild
Hackers are wasting no time exploiting a newly disclosed critical vulnerability in NGINX, with security researchers already observing real-world attacks just days after its...
