VulnHub

Companies House, the British agency responsible for company registration in the UK, recently confirmed that a security flaw in its WebFiling service exposed sensitive business information since October 2025. The agency temporarily took the service offline on Friday to address the issue, which raised concerns about the privacy of companies' data. While they have since restored the service, the breach could have serious implications for businesses relying on the registry for compliance and reporting. Companies should review their security practices and remain vigilant about potential misuse of their exposed information. This incident underscores the need for robust security measures in public-facing services.

On February 6, 2026, it was reported that 889 Starbucks Partner Central accounts were compromised in a data breach. This incident has raised concerns about the security of employee information within the company. The breach affects employees who use the Partner Central platform, which is integral for accessing company resources and information. As attackers gain access to these accounts, sensitive employee data could be at risk, potentially leading to further security issues or identity theft. This breach serves as a reminder for companies to continually assess and improve their cybersecurity measures to protect employee data.

The FBI is investigating reports of malware affecting several games on the Steam platform. The games under scrutiny include BlockBlasters, Chemia, Dashverse/DashFPS, Lampy, Lunara, PirateFi, and Tokenova. This investigation comes as a response to concerns that these games may have been compromised, potentially putting users at risk. The FBI is looking to gather information from victims who may have been affected by this malware. This situation raises alarms about the security of online gaming platforms and the potential for malware to spread through popular titles, which could impact a large number of gamers. Users should remain vigilant and consider the security of the games they play.

Companies House, the UK's official register of companies, recently addressed a significant flaw in its WebFiling service. This vulnerability allowed unauthorized users to not only view sensitive director details but also modify company records. The issue prompted Companies House to take the service offline temporarily while they worked on a fix. After resolving the flaw, the WebFiling service was restored, but the incident raises concerns about the security of sensitive corporate information. Users and companies relying on this service need to be aware of the potential risks associated with such vulnerabilities.

Recent vulnerabilities in CrackArmor's AppArmor have been discovered, allowing local users of Linux systems to escalate their privileges to root access. This flaw not only compromises the host system but also allows attackers to break out of container environments and launch denial-of-service (DoS) attacks. The implications are significant for any organization relying on Linux, as it increases the risk of unauthorized access and system disruption. Users should be particularly vigilant if they are running systems with AppArmor enabled, as these vulnerabilities could lead to severe security incidents if exploited. Immediate action is advised to mitigate potential risks associated with these flaws.

A recent glitch on the Companies House website in the UK has exposed sensitive personal and corporate information of millions of users, raising serious concerns about data security. The issue allowed unauthorized access to details that should have been protected, potentially enabling fraudsters to exploit this information. Companies House, which is responsible for maintaining the official register of companies in the UK, has acknowledged the problem and is working to rectify it. This incident is particularly alarming as it affects the privacy of business owners and the integrity of the corporate registration process. Users and businesses are advised to monitor their information and report any suspicious activity immediately.

The U.S. government has officially classified cyber-enabled fraud as transnational organized crime through a new executive order. This change emphasizes the need for a more aggressive approach to combat cybercrime, moving beyond just defensive measures. The article argues that the private sector must also take a proactive stance to dismantle the criminal infrastructure that supports these activities. By recognizing cybercrime as organized crime, U.S. authorities are urged to target the business models that enable these operations, rather than simply responding to individual attacks. This shift is crucial for reducing the overall impact of cybercrime on businesses and individuals alike.

A recent report from Google reveals a significant shift in the ransomware landscape, indicating that attackers are increasingly focusing on data extortion rather than traditional ransom demands. This change complicates the understanding of the full scope of cybercrime and its impact on businesses and individuals. Researchers found that this evolution allows cybercriminals to extract sensitive information from victims and threaten to release it publicly if their demands are not met. This trend raises serious concerns for organizations, as it puts their data security at risk and can lead to severe reputational damage. Companies need to be more vigilant about securing their data and preparing for potential breaches, as the consequences of data extortion can be devastating.