Tag: leak
-
Can Your Security Stack See ChatGPT? Why Network Visibility Matters
Generative AI platforms like ChatGPT, Gemini, Copilot, and Claude are increasingly common in organizations. While these solutions improve efficiency across tasks, they also present new data leak prevention for generative AI challenges. Sensitive information may be shared through chat prompts, files uploaded for AI-driven summarization, or browser plugins that bypass familiar security controls. First seen…
-
1,000+ Devs Lose Their Secrets to an AI-Powered Stealer
One of the most sophisticated supply chain attacks to date caused immense amounts of data to leak to the Web in a matter of hours. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/1000-devs-lose-secrets-ai-powered-stealer
-
The Nx >>s1ngularity<< Attack: Inside the Credential Leak
On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with credential-harvesting malware. Using GitGuardian’s monitoring data, we analyzed the exfiltrated credentials and reconstructed a fuller scope of exposure. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/the-nx-s1ngularity-attack-inside-the-credential-leak/
-
Underground Ransomware Gang Unleashes Innovative Tactics Targeting Global Organizations
The Underground ransomware gang has been coordinating recurring attacks on enterprises throughout the globe in a worrying increase in cyber risks. They have demonstrated sophisticated malware engineering that blends cutting-edge encryption techniques with focused penetration measures. First detected in July 2023, the group resurfaced in May 2024 with a revamped Dedicated Leak Site (DLS), where…
-
AI Security Map: Linking AI vulnerabilities to real-world impact
A single prompt injection in a customer-facing chatbot can leak sensitive data, damage trust, and draw regulatory scrutiny in hours. The technical breach is only the first … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/27/ai-security-map-linking-vulnerabilities-real-world-impact/
-
How NHIs Deliver Value in Data Security?
How Do Non-Human Identities Drive Data Security? Can you imagine overseeing an extensive network without knowing who or what is accessing and modifying your data? For companies, it’s a chilling thought. Data breaches and leaks are nightmares that any organization would want to avoid. And this is where the value of Non-Human Identities (NHIs) shines……
-
Chinese APT Leverages Proxy and VPN Services to Obfuscate Infrastructure
Tags: apt, china, cyber, cybersecurity, data, group, infrastructure, korea, leak, north-korea, service, threat, vpnA significant data dump surfaced on DDoSecrets.com, purportedly extracted from a workstation belonging to a threat actor targeting organizations in South Korea and Taiwan. The leak, detailed in an accompanying article, attributes the activity to the North Korean advanced persistent threat (APT) group known as Kimsuky, a sophisticated actor previously highlighted in cybersecurity advisories for…
-
Kimsuky APT Exposed: GPKI Certificates, Rootkits, and Cobalt Strike Assets Uncovered
A comprehensive operational dump from the North Korean Kimsuky APT organization, also known as APT43, Thallium, or Velvet Chollima, appeared on a dark web forum in an uncommon instance of state-sponsored cyber espionage. This leak, comprising virtual machine images, VPS dumps, phishing kits, rootkits, and over 20,000 browser history records, provides an unparalleled glimpse into…
-
Rowhammer attack can backdoor AI models with one devastating bit flip
Servers with DDR3 memory modules (demonstrated on 16GB Samsung DDR3)Workstations with DDR4 memory (demonstrated on 8GB Hynix DDR4)AI inference servers running popular models such as ResNet, VGG, and Vision TransformersEdge computing devices with vulnerable DRAM hosting neural networksCloud platforms using DDR3/DDR4 memory for AI model deploymentResearch computing systems running full-precision (32-bit floating-point) modelsMulti-tenant GPU servers…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 59
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter Hunt.io Exposes and Analyzes ERMAC V3.0 Banking Trojan Full Source Code Leak Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824 Supply Chain Risk in Python: Termncolor and Colorinal Explained Noodlophile […]…
-
After SharePoint attacks, Microsoft stops sharing PoC exploit code with China
Microsoft halts PoC exploit sharing with Chinese firms after SharePoint zero-day leaks, giving only written bug details to curb future abuse. Microsoft has reportedly stopped giving Chinese firms proof-of-concept exploit code through its Microsoft Active Protections Program (MAPP) program after July’s mass exploitation of SharePoint flaws, believed linked to a leak of early bug disclosures.…
-
Menlo-Votiro Deal Integrates File Protection With Browsers
CEO Amir Ben-Efraim: Acquisition Adds AI-Powered File Sanitization to Browser Tools. Through its acquisition of Votiro, Menlo Security has embedded file-level sanitization and AI-powered detection directly into its enterprise browser stack. CEO Amir Ben-Efraim says the move helps prevent malware, data leaks and phishing risks at the browser level. First seen on govinfosecurity.com Jump to…
-
QUIC-LEAK Vulnerability Allows Attackers to Drain Server Memory and Cause DoS
Security researchers at Imperva have disclosed a critical pre-handshake memory exhaustion vulnerability in the widely-used LSQUIC QUIC implementation that enables remote attackers to crash servers through denial-of-service attacks. The flaw, designated CVE-2025-54939 and dubbed >>QUIC-LEAK,
-
Enterprise passwords becoming even easier to steal and abuse
Tags: access, attack, authentication, breach, ceo, ciso, compliance, control, credentials, cyber, cybersecurity, data, detection, encryption, exploit, extortion, group, identity, leak, mfa, monitoring, passkey, password, phishing, ransomware, risk, strategy, threat, tool, zero-trustGrowing threat from stolen credentials: Attackers actively target user credentials because they offer the most direct route or foothold into a targeted organization’s network. Once inside, attackers can move laterally across systems, searching for other user accounts to compromise, or they attempt to escalate their privileges and gain administrative control.This hunt for credentials extends beyond…
-
‘Limited’ data leak at Aussie telco turns out to be 280K customer details
iiNet breach blamed on single stolen login, with emails, phone numbers, and addresses exposed First seen on theregister.com Jump to article: www.theregister.com/2025/08/20/tpg_telecom_iinet_breach/
-
Warlock claims more victims as cyber attacks hit Colt and Orange
Ransomware gang Warlock is adding more victims to its data leak site as the impact of a spreading wave of cyber attacks continues to be felt First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629873/Warlock-claims-more-victims-as-cyber-attacks-hit-Colt-and-Orange
-
Warlock claims more victims as cyber attacks hit Colt and Orange
Ransomware gang Warlock is adding more victims to its data leak site as the impact of a spreading wave of cyber attacks continues to be felt First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366629873/Warlock-claims-more-victims-as-cyber-attacks-hit-Colt-and-Orange
-
Major password managers can leak logins in clickjacking attacks
Six major password managers with tens of millions of users are currently vulnerable to unpatched clickjacking flaws that could allow attackers to steal account credentials, 2FA codes, and credit card details. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/major-password-managers-can-leak-logins-in-clickjacking-attacks/
-
Singapore issues critical alert on Dire Wolf ransomware targeting global tech and manufacturing firms
Tags: attack, authentication, backup, business, compliance, control, credentials, cyber, data, defense, email, endpoint, extortion, insurance, intelligence, leak, malicious, mfa, msp, network, phishing, ransom, ransomware, resilience, risk, supply-chain, threat, updateRipple effects on global enterprises: The global business fallout of Dire Wolf ransomware attacks is significant and poses a multi-layered, high-impact threat to global enterprises.”Its attacks directly disrupt operations and supply chains, particularly in manufacturing and tech, leading to production delays, revenue loss, and downstream customer impact,” said Manish Rawat, analyst at TechInsights. “Financial impact…
-
Operation Secure Saint Paul: Interlock Ransomware Hits City with 43GB Data Leak
Have you heard about Operation Secure Saint Paul? The city of St. Paul, Minnesota, has confirmed the July 25 cyberattack was a ransomware assault carried out by the group Interlock. The hackers claim they posted 43 gigabytes of stolen city data online”, including HR files and even personal items. The city refused to pay ransom…
-
QUIC-LEAK (CVE-2025-54939): New High-Risk Pre-Handshake Remote Denial of Service in LSQUIC QUIC Implementation
Imperva Offensive team discovered that threat actors could smuggle malformed packets to exhaust memory and crash QUIC servers even before a connection handshake is established, therefore, bypassing QUIC connection-level safeguards. Executive Summary QUIC-LEAK (CVE-2025-54939) is a newly discovered pre-handshake memory exhaustion vulnerability in the LSQUIC QUIC implementation, the second most widely used implementation after Quiche….…
-
ERMAC Android malware source code leak exposes banking trojan infrastructure
The source code for version 3 of the ERMAC Android banking trojan has been leaked online, exposing the internals of the malware-as-a-service platform and the operator’s infrastructure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ermac-android-malware-source-code-leak-exposes-banking-trojan-infrastructure/
-
North Korean Hackers’ Secret Linux Malware Surfaces Online
Phrack Magazine’s latest issue #72 has unveiled a significant data leak from a suspected North Korean hacking operation, including exploit tactics, compromised system details, and a sophisticated Linux rootkit. The dump, linked to a Chinese threat actor targeting South Korean and Taiwanese government and private sectors, shows overlaps with the North Korean Kimsuky APT group.…
-
What the LockBit 4.0 Leak Reveals About RaaS Groups
The leak serves as a wake-up call: Being prepared is the cornerstone of a successful defense, and those who don’t prepare are going to face uncertainty caused by the lack of attackers’ accountability. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/what-lockbit-leak-reveals-raas-groups
-
A New Security Threat to Public Clouds From Old Vulnerabilities
Researchers at the WHY2025 hacker forum said they were able to combine the Spectre and L1TF processor vulnerabilities discovered in 2018 to create a new transient execution attack called L1TF Reloaded that allowed them to leak data from AWS and Google Cloud instances. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/a-new-security-threat-to-public-clouds-from-old-vulnerabilities/
-
Interlock Ransomware Group Leaks 43GB of Data in City of St. Paul Cyberattack
St. Paul hit by Interlock ransomware attack, 43GB of sensitive data leaked, city refuses ransom, launches Operation Secure… First seen on hackread.com Jump to article: hackread.com/interlock-ransomware-leaks-st-paul-city-cyberattack-data/
-
Scattered Spider’s New Telegram Channel Names Targeted Organizations
A new Telegram channel that combined the names of well-known threat actor organizations Shiny Hunters, Scattered Spider, and Lapsus$ emerged on Friday afternoon in a daring uptick in cyberthreat activity. This platform, potentially short-lived due to Telegram’s moderation policies, has rapidly disseminated evidence of multiple data breaches, partial data leaks, and extortion demands within its…
-
Scattered Spider’s New Telegram Channel Names Targeted Organizations
A new Telegram channel that combined the names of well-known threat actor organizations Shiny Hunters, Scattered Spider, and Lapsus$ emerged on Friday afternoon in a daring uptick in cyberthreat activity. This platform, potentially short-lived due to Telegram’s moderation policies, has rapidly disseminated evidence of multiple data breaches, partial data leaks, and extortion demands within its…
-
9 things CISOs need know about the dark web
Tags: 2fa, access, ai, attack, automation, backup, blockchain, botnet, breach, captcha, ceo, ciso, communications, corporate, credentials, crypto, cyber, cybercrime, cybersecurity, dark-web, data, data-breach, ddos, deep-fake, defense, detection, dns, exploit, extortion, finance, fraud, group, guide, hacking, identity, incident, incident response, infrastructure, intelligence, international, jobs, law, leak, lockbit, malicious, malware, marketplace, mfa, monitoring, network, open-source, phishing, privacy, ransomware, resilience, risk, russia, saas, scam, service, strategy, tactics, technology, threat, tool, training, vpn, vulnerability, zero-dayNew groups form after major marketplaces are disrupted: International takedown efforts damage infrastructure and curb cybercrime operations by disrupting larger operations, removing major players from the ecosystem and scattering user bases.However, the dark web is highly adaptive and sophisticated actors often maintain contingency plans, including mirrors, backups, and alternative forums, according to Edward Currie, associate…
-
North Korean Kimsuky Hackers Suffer Data Breach as Insiders Leak Information Online
A member of North Korea’s notorious Kimsuky espionage group has experienced a significant data breach after insiders leaked hundreds of gigabytes of internal files and tools to the public. The breach, which emerged in early June 2025, exposed the group’s sophisticated backdoors, phishing frameworks, and reconnaissance operations, marking a rare setback for the state-sponsored threat…