Tag: leak
-
Dell demonstration platform breached by World Leaks extortion group
Tags: access, attack, breach, data, data-breach, defense, encryption, exploit, extortion, finance, group, insurance, international, leak, network, ransomware, risk, risk-management, strategy, threat, toolLimited impact but strategic implications: Dell emphasized that the breached platform is architecturally separated from customer-facing networks and internal production systems. “Data used in the solution center is primarily synthetic (fake) data, publicly available datasets used solely for product demonstration purposes or Dell scripts, systems data, non-sensitive information, and testing outputs,” the report added, quoting…
-
Clorox Files Lawsuit Against Cognizant Over Employee Password Leak to Hackers
The Clorox Company filed a major lawsuit against IT services provider Cognizant on July 22, 2025, seeking $380 million in damages over a devastating cyberattack that the cleaning products giant claims was enabled by Cognizant’s security failures. The lawsuit, filed in Alameda County Superior Court, alleges that Cognizant employees operating Clorox’s service desk simply handed…
-
Debug Code in ExpressVPN Windows App Caused IP Leak via RDP Port
ExpressVPN has alerted users of a security issue in its Windows application that allowed certain Remote Desktop Protocol (RDP) traffic to bypass the VPN tunnel, potentially exposing users’ IP addresses. This vulnerability primarily affected TCP traffic routed over port 3389, the standard port for RDP connections, which are often used in enterprise environments rather than…
-
Demo-Plattform eines US-Computer-Herstellers gehackt
Dell confirms breach of test lab platform by World Leaks extortion group First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dell-confirms-breach-of-test-lab-platform-by-world-leaks-extortion-group/
-
Dell Data Breach World Leaks Group Hacks Test Lab Platform
Dell Technologies has acknowledged a significant security incident involving its Customer Solution Centers platform, with the World Leaks extortion group successfully infiltrating the isolated demonstration environment used for showcasing products to commercial clients. The breach, which occurred earlier this month, represents another high-profile attack by the newly rebranded threat actor formerly known as Hunters International.…
-
UK blames Russia’s infamous ‘Fancy Bear’ group for Microsoft cloud hacks
Authentic Antics malware tool to target Microsoft cloud accounts were the handiwork of the notorious Russian Fancy Bear hacking group, the UK’s National Cyber Security Centre (NCSC) has said.Authentic Antics was discovered after a cyberattack in 2023 which prompted an NCSC technical teardown of the malware that it published in May this year. The agency…
-
World Leaks Claims Dell Data Breach, Leaks 1.3 TB of Files
Former Hunters International ransomware gang, now World Leaks, claims 1.3 TB Dell data breach, leaking over 400K files with internal tools and user data. First seen on hackread.com Jump to article: hackread.com/world-leaks-dell-data-breach-leaks-1-3-tb-of-files/
-
Dell confirms breach of test lab platform by World Leaks extortion group
A newly rebranded extortion gang known as “World Leaks” breached one of Dell’s product demonstration platforms earlier this month and is now trying to extort the company into paying a ransom. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dell-confirms-breach-of-test-lab-platform-by-world-leaks-extortion-group/
-
Building scalable secrets management in hybrid cloud environments: Lessons from enterprise adoption
Tags: access, backup, cloud, credentials, data, gitlab, group, iam, identity, infrastructure, jobs, kubernetes, leak, radius, service, supply-chain, toolLessons from integration: Identity, Kubernetes and CI/CD : Choosing a secrets management tool is the easy part. Integrating it across an enterprise is where the work begins. We started with identity. Manual user provisioning was not an option. We integrated Vault with our SSO platform using OIDC and mapped groups to Vault policies based on least privilege.…
-
Massive Data Leak at Texas Adoption Agency Exposes 1.1 Million Records
Texas adoption agency suffers major data leak, exposing over 1.1M sensitive records including case notes, contact info, and internal communications to public without any security authentication or password. First seen on hackread.com Jump to article: hackread.com/massive-data-leak-texas-adoption-agency-million-records/
-
Meta fixes bug that could leak users’ AI prompts and generated content
The tech giant fixed the security flaw, netting a security researcher $10,000 for privately disclosing the bug. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/15/meta-fixes-bug-that-could-leak-users-ai-prompts-and-generated-content/
-
How defenders use the dark web
Tags: access, antivirus, attack, breach, corporate, credit-card, crypto, cyber, cybercrime, dark-web, data, data-breach, email, extortion, finance, fraud, government, group, hacker, healthcare, identity, incident, insurance, intelligence, Internet, interpol, law, leak, lockbit, mail, malware, monitoring, network, phishing, ransom, ransomware, service, software, theft, threat, tool, usa, vpnAttributing attacks to threat actors: When organizations suffer from data breaches and cyber incidents, the dark web becomes a crucial tool for defenders, including the impacted businesses, their legal teams, and negotiators.Threat actors such as ransomware groups often attack organizations to encrypt and steal their data so they can extort them for money, in exchange…
-
AMD Warns of Transient Scheduler Attacks Impacting Broad Range of Chipsets
AMD has issued a security bulletin, AMD-SB-7029, highlighting several transient scheduler attacks that exploit speculative execution timing in its processors, potentially leading to loss of confidentiality. These vulnerabilities stem from investigations into a Microsoft report on microarchitectural leaks, revealing side-channel attacks where attackers could infer sensitive data through execution timing under specific conditions. Rated at…
-
AMD discloses new CPU flaws that can enable data leaks via timing attacks
Tags: access, attack, crowdstrike, cve, cvss, data, exploit, firmware, flaw, guide, leak, malware, microsoft, mitigation, risk, side-channel, strategy, supply-chain, threat, update, vulnerability, windowsCrowdStrike elevates threat classification despite CVSS scores: While AMD rates the vulnerabilities as medium and low severity based on attack complexity requirements, CrowdStrike has independently classified them as critical enterprise threats. The security firm specifically flagged CVE-2025-36350 and CVE-2025-36357 as “Critical information disclosure vulnerabilities in AMD processors,” despite both carrying CVSS scores of just 5.6.According…
-
Exploit details released for Citrix Bleed 2 flaw affecting NetScaler
Tags: access, advisory, authentication, backdoor, backup, citrix, credentials, cve, data-breach, endpoint, exploit, flaw, leak, mitigation, password, theft, tool, vulnerability, zero-daySimilarities to the original Citrix Bleed: CVE-2025-5777 has been dubbed Citrix Bleed 2 due to its similarities to a zero-day information disclosure vulnerability fixed in October 2023 (CVE-2023-4966) that received the Citrix Bleed moniker because it enabled attackers to leak session tokens from memory, allowing for session takeover with multifactor authentication bypass.Similarly, CVE-2025-5777 can lead…
-
Chinese Data Leak Reveals Salt Typhoon Contractors
China’s Hack-For-Hire Scene Disgorges Another Leak. The Chinese nation-state threat actor tracked as Salt Typhoon is operated by a clutch of private firms whose clients include multiple Chinese government agencies, finds analysis of leaked data by Spy Cloud. Researchers found a spreadsheet listing buyers, sellers and financial transaction details. First seen on govinfosecurity.com Jump to…
-
AiLock ransomware: What you need to know
The AiLock ransomware gang gives its victims just 72 hours to respond and five days to pay up… or else. If you don’t comply? They will grass you up to regulators, email your competitors, and leak your data for good measure. First seen on fortra.com Jump to article: www.fortra.com/blog/ailock-ransomware
-
Chinese Data Leak Reveals Salt Typhoon Contractors
China’s Hack-For-Hire Scene Disgorges Another Leak. The Chinese nation-state threat actor tracked as Salt Typhoon is operated by a clutch of private firms whose clients include multiple Chinese government agencies, finds analysis of leaked data by Spy Cloud. Researchers found a spreadsheet listing buyers, sellers and financial transaction details. First seen on govinfosecurity.com Jump to…
-
Mental Health Provider Fined $225K for Lack of Risk Analysis
Settlement Follows Federal Investigation Into Data Leak and Ransomware Attack. A Texas mental healthcare provider’s failure to conduct a comprehensive risk analysis resulted in a $225,000 federal fine after regulators investigated a data leak followed by a ransomware attack in 2023. Deer Oaks Behavioral Health also must implement a corrective action plan. First seen on…
-
‘Hunters International’ RaaS Group Closes Its Doors
The announcement comes just months after security researchers observed that the group was making the transition to rebrand to World Leaks, a data theft outfit. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/hunters-international-raas-group-closes-doors
-
AiLock Ransomware Emerges with Hybrid Encryption Tactics: ChaCha20 Meets NTRUEncrypt
The AiLock ransomware organization, which Zscaler first discovered in March 2025, has become a powerful force in the ransomware-as-a-service (RaaS) market, which is a frightening trend for cybersecurity professionals. This malicious entity operates with a sophisticated structure, leveraging both a negotiation site to extract ransoms from victims and a Data Leak Site (DLS) to threaten…
-
VenusTech and Salt Typhoon Breach Sheds Light on China’s Covert Cyber Mercenary Networks
The dark web forum DarkForums, which has been a site for data breaches and leaks since BreachForums was shut down in mid-April, was the scene of two major leaks in late May involving Chinese cybersecurity organizations: VenusTech, a well-known IT security vendor, and Salt Typhoon, a state-sponsored advanced persistent threat (APT) organization affiliated with the…
-
SatanLock Ransomware Ends Operations, Says Stolen Data Will Be Leaked
SatanLock ransomware gang shuts down after weeks of attacks and plans to leak stolen victim data. Group linked to Babuk-Bjorka and GD Lockersec families. First seen on hackread.com Jump to article: hackread.com/satanlock-ransomware-ends-operations-stolen-data-leak/
-
Yet More Stalkerware Leaks Secret Data: ‘Catwatchful’ is Latest Nasty App
Content warning: Domestic abuse, stalking, controlling behavior, Schadenfreude, irony. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/catwatchful-stalkerware-data-breach-richixbw/
-
Editors’ Panel: Pro-Iran Hackers Threaten to Leak Trump Data
Also: Medicare Data Breach; Gartner Security & Risk Management Summit Takeaways. In this week’s update, ISMG editors discussed Iran-linked hackers claiming to steal emails from Trump’s inner circle, how to refine application development in the age of AI, and a U.S. Medicare data breach amplifying concerns over the safety, security and privacy of federal health…
-
Hacker leaks Telefónica data allegedly stolen in a new breach
A hacker is threatening to leak 106GB of data allegedly stolen from Spanish telecommunications company Telefónica in a breach that the company did not acknowledge. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hacker-leaks-telef-nica-data-allegedly-stolen-in-a-new-breach/
-
Hunters International Is Not Shutting Down, It’s Rebranding
Some admins of Hunters International are now part of the encryption-less cyber extortion group World Leaks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ransomware-hunters-international/
-
Hunters International ransomware group shuts down but will it regroup under a new guise?
The notorious Hunters International ransomware-as-a-service operation has announced that it has shut down, in a message posted on its dark web leak site. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/hunters-international-ransomware-group-shuts-down-but-will-it-regroup-under-a-new-guise
-
Hunters International Ransomware Gang Rebrands as World Leaks
Hunters International ransomware gang closes after 55 confirmed and 199 unconfirmed cyberattacks. Read about its rebrand to World… First seen on hackread.com Jump to article: hackread.com/hunters-international-ransomware-rebrands-world-leaks/
-
A flaw in Catwatchful spyware exposed logins of +62,000 users
A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported. Security researcher Eric Daigle first discovered…