Tag: leak
-
Hackers launch data leak site to extort 39 victims, or Salesforce
Scattered Lapsus$ Hunters launched a data leak site over the weekend, aiming to pressure organizations whose Salesforce databases they have plundered into paying to prevent … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/06/data-leak-site-extortion-salesforce/
-
Hackers Allegedly Breach Huawei Technologies, Leak Source Code and Internal Tools
Cybersecurity researchers are reporting an alleged security breach involving Chinese technology giantHuawei Technologies, with hackers claiming to have accessed and leaked sensitive source code and internal development tools. The incident, which surfaced through social media channels, represents a potentially significant security compromise of one of the world’s largest telecommunications equipment manufacturers. Hacker illustrating world’s biggest…
-
Scattered Lapsus$ Hunters Extorts Victims, Demands Salesforce Negotiate
The threat group Scattered Lapsus$ Hunters, which last month said it was shutting down operations, is back with a data leak site listing dozens of high-profile Salesforce customers and claiming to have stolen almost 1 billion data files. The group is demanding that Salesforce negotiate with it or risk the data being released. First seen…
-
Scattered Lapsus$ Hunters Extorts Victims, Demands Salesforce Negotiate
The threat group Scattered Lapsus$ Hunters, which last month said it was shutting down operations, is back with a data leak site listing dozens of high-profile Salesforce customers and claiming to have stolen almost 1 billion data files. The group is demanding that Salesforce negotiate with it or risk the data being released. First seen…
-
Thieves steal IDs and payment info after data leaks from Discord support vendor
Outsourcing your helpdesk always seems like a good idea until someone else’s breach becomes your problem First seen on theregister.com Jump to article: www.theregister.com/2025/10/06/discord_support_data_breach/
-
Cyberbedrohungslage für KMUs spitzt sich zu
Tags: ai, business, cisco, cyberattack, cyersecurity, extortion, germany, infrastructure, leak, phishing, ransomware, risk, vulnerabilityKMUs sind häufig Ziel von Ransomware-Angriffen.Laut der Transferstelle Cybersicherheit im Mittelstand haben sich Cyberangriffe auf deutsche Unternehmen, die auf Leak-Seiten veröffentlicht wurden, zwischen den Jahren 2021 bis 2024 mehr als vervierfacht. Damit ist Deutschland trauriger Spitzenreiter, gefolgt von Italien, Frankreich und Spanien.Auch die Zahlen des Bundeskriminalamts (BKA) bestätigen diese Entwicklung. Der polizeilichen Kriminalstatistik von 2024…
-
Chat-Leaks geben Einblick in Taktiken – Was die geleakten LockBit-Chats über Cyber-Erpressung verraten
First seen on security-insider.de Jump to article: www.security-insider.de/lockbit-leak-chats-cyber-erpressung-a-15f4bb818abf2eeaff48316685c5f384/
-
ChatGPT social could be a thing, as leak shows direct messages support
OpenAI doesn’t want ChatGPT to remain just a chatbot for interacting with a large language model. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/chatgpt-social-could-be-a-thing-as-leak-shows-direct-messages-support/
-
New Study Warns Several Free iOS and Android VPN Apps Leak Data
A Zimperium zLabs analysis of 800 free Android and iOS VPN apps exposes critical security flaws, including the Heartbleed bug, excessive system permissions, and non-transparent data practices. Learn how these ‘privacy’ tools are actually major security risks, especially for BYOD environments. First seen on hackread.com Jump to article: hackread.com/studyfree-ios-android-vpn-apps-leak-data/
-
US Auto Insurance Platform ClaimPix Leaked 10.7TB of Records Online
Cybersecurity researcher Jeremiah Fowler discovered a massive 10.7TB ClaimPix leak exposing 5.1M customer files, vehicle data, and Power of Attorney documents. Read the full details. First seen on hackread.com Jump to article: hackread.com/us-auto-insurance-claimpix-leaked-10tb-records/
-
Datenleck bei Kido-Kindergärten
Eine Ransomware-Bande hat die Daten von mehr als 8.000 Kindern der Kido-Kindergärten gestohlen.Die Ransomware-Bande Randiant veröffentlichte kürzlich einen Darknet-Post mit Hinweisen auf einen Angriff auf den britischen Kindertagesstättenbetreiber Kido. Berichten zufolge haben die Täter als Beweis dafür Namen, Fotos, Adressen und familiäre Kontaktdaten von zehn Kindern hochgeladen, die eine der 18 Kido-Kitas im Großraum London…
-
New Harrods Data Breach Leaks Personal Information of 430,000 Customers
Luxury department store Harrods has become the latest victim of a significant cybersecurity incident after hackers successfully accessed personal data belonging to 430,000 customers. The prestigious London retailer confirmed that threat actors contacted the company following the breach, though Harrods has stated it will not engage with the attackers. Limited Data Exposure The compromised information was obtained from…
-
Google Project Zero Discloses Apple Vulnerability Allowing ASLR Bypass
Google Project Zero researcher Jann Horn has disclosed a novel vulnerability in Apple’s macOS and iOS systems that could potentially allow attackers to bypass Address Space Layout Randomization (ASLR) protections through pointer leaks in serialization processes. Vulnerability Overview The vulnerability exploits a technique that leverages pointer-keyed data structures in Apple’s NSKeyedArchiver serialization framework to leak…
-
Google Project Zero Discloses Apple Vulnerability Allowing ASLR Bypass
Google Project Zero researcher Jann Horn has disclosed a novel vulnerability in Apple’s macOS and iOS systems that could potentially allow attackers to bypass Address Space Layout Randomization (ASLR) protections through pointer leaks in serialization processes. Vulnerability Overview The vulnerability exploits a technique that leverages pointer-keyed data structures in Apple’s NSKeyedArchiver serialization framework to leak…
-
Cloud Posture for Lending Platforms: Misconfigurations That Leak PII
We have witnessed a surge in cloud adoption and data exposures, with a similar trajectory. A cloud security report highlights that 95% of organizations experienced cloud-related breaches in an 18-month period. Among them, 92% of breaches exposed sensitive data. It is important to note that most incidents do not germinate from exploits that fall under……
-
Archer Health Data Leak Exposes 23GB of Medical Records
California-based Archer Health exposed 23GB of patient records, including SSNs, IDs, and medical files, after an unprotected database was found online. First seen on hackread.com Jump to article: hackread.com/archer-health-data-leak-23gb-medical-records/
-
Salesforce AI Agents Forced to Leak Sensitive Data
Yet again researchers have uncovered an opportunity (dubbed ForcedLeak for indirect prompt injection against autonomous agents lacking sufficient security controls, but this time the risk involves PII, corporate secrets, physical location data, and so much more. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/salesforce-ai-agents-leak-sensitive-data
-
Threatsday Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More
/* ===== Container ===== */.td-wrap {}/* ===== Section ===== */.td-section {}.td-title { margin: 16px 0 4px; font-size: 32px; line-height: 1.2; font-weight: 800; }.td-subtitle { margin: 0 0 24px; color: #64748b; font-size: 16px; }/* ===== Timeline ===== */.td-timeline { position: relative; margin: 0 !important;padding: 0!important; list-style: none; }/* spine */.td-timeline:before { First seen on thehackernews.com Jump…
-
Threatsday Bulletin: Rootkit Patch, Federal Breach, OnePlus SMS Leak, TikTok Scandal & More
/* ===== Container ===== */.td-wrap {}/* ===== Section ===== */.td-section {}.td-title { margin: 16px 0 4px; font-size: 32px; line-height: 1.2; font-weight: 800; }.td-subtitle { margin: 0 0 24px; color: #64748b; font-size: 16px; }/* ===== Timeline ===== */.td-timeline { position: relative; margin: 0 !important;padding: 0!important; list-style: none; }/* spine */.td-timeline:before { First seen on thehackernews.com Jump…
-
AI coding assistants amplify deeper cybersecurity risks
Tags: access, ai, api, application-security, attack, authentication, business, ceo, ciso, cloud, compliance, control, cybersecurity, data, data-breach, detection, fintech, flaw, governance, injection, leak, LLM, metric, open-source, programming, radius, risk, risk-management, service, software, startup, strategy, threat, tool, training, vulnerability‘Shadow’ engineers and vibe coding compound risks: Ashwin Mithra, global head of information security at continuous software development firm Cloudbees, notes that part of the problem is that non-technical teams are using AI to build apps, scripts, and dashboards.”These shadow engineers don’t realize they’re part of the software development life cycle, and often bypass critical…
-
Chrome High-severity Flaws Expose Sensitive Data, Trigger System Crashes
Google has released an urgent security update for its Chrome browser, addressing three high-severity vulnerabilities that could allow attackers to leak sensitive information and cause system instability. The latest Chrome version 140.0.7339.207/.208 for Windows and Mac, and 140.0.7339.207 for Linux, patches critical flaws in the V8 JavaScript engine that powers the browser’s web content processing.…
-
$150K awarded for L1TF Reloaded exploit that bypasses cloud mitigations
Researchers earned $150K for “L1TF Reloaded,” combining L1TF and half-Spectre to leak VM memory from public clouds despite mitigations. Researchers from Vrije Universiteit Amsterdam earned $150K for exploiting L1TF Reloaded, a flaw combining L1TF (Foreshadow) and half-Spectre. The attack bypasses prior mitigations, showing that transient CPU vulnerabilities remain practical and can leak memory from VMs…
-
EV charging biz zaps customers with data leak scare
Names, emails unplugged in DCS support snafu but ‘billing is safe’ First seen on theregister.com Jump to article: www.theregister.com/2025/09/23/dcs_data_breach/
-
EV charging biz zaps customers with data leak scare
Names, emails unplugged in DCS support snafu but ‘billing is safe’ First seen on theregister.com Jump to article: www.theregister.com/2025/09/23/dcs_data_breach/
-
2 Clinics Notify 700,000 Patients of Alleged BianLian Hacks
Now-Dormant Gang Claimed North Carolina, Florida Groups on Data Leak Site This Year. Two medical practices – in North Carolina and Florida – are notifying a total of more than 700,000 patients whose information was potentially stolen in separate hacks earlier this year. The now-dormant ransomware gang BianLian had claimed both organizations as victims on…
-
Closing the Visibility Gap: Corporate Exposure Analytics in the Infostealer Era
Co-authored by Constella Intelligence and Kineviz As infostealer malware continues to scale in reach, automation, and precision, organizations face an increasingly urgent challenge: a lack of comprehensive visibility across their identity exposure landscape. While credential leaks and cookie thefts are often detected in isolation, without centralized and time-aware analytics, security teams cannot understand the true extent……
-
BlackLock Ransomware Targets Windows, Linux, and VMware ESXi Systems
BlackLock, a rebranded ransomware group formerly known as El Dorado, has emerged as a formidable threat to organizations worldwide. First identified in June 2024 when its Dedicated Leak Site (DLS) began exposing victim data, the gang is believed to have been active since March 2024. The latest analysis by AhnLab Security Intelligence Center (ASEC) sheds…
-
ShadowLeak Exploit Exposed Gmail Data Through ChatGPT Agent
Radware researchers revealed a service-side flaw in OpenAI’s ChatGPT. The ShadowLeak attack had used indirect prompt injection to bypass defences and leak sensitive data, but the issue has since been fixed. First seen on hackread.com Jump to article: hackread.com/shadowleak-exploit-exposed-gmail-data-chatgpt-agent/
-
ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent
Cybersecurity researchers have disclosed a zero-click flaw in OpenAI ChatGPT’s Deep Research agent that could allow an attacker to leak sensitive Gmail inbox data with a single crafted email without any user action.The new class of attack has been codenamed ShadowLeak by Radware. Following responsible disclosure on June 18, 2025, the issue was addressed by…
-
Neue Ransomware-Gruppe Yurei: Open-Source-Code erleichtert weltweite Angriffe
Check Point Software Technologies warnt vor einer neuen Ransomware-Bedrohung namens Yurei, ein Begriff aus der japanischen Folklore für rastlose Geister. Check Point Research hat die Gruppe am 5. September 2025 erstmals entdeckt. Bereits in der ersten Woche konnte Yurei drei Unternehmen auf seiner Leak-Seite im Darknet aufführen: Sri Lanka: Ein Lebensmittelhersteller wurde als erstes Opfer kompromittiert.…