Tag: leak
-
A flaw in Catwatchful spyware exposed logins of +62,000 users
A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported. Security researcher Eric Daigle first discovered…
-
Catwatchful Android Spyware Leaks Credentials of 62,000+ Users
A major security lapse has exposed the credentials of over 62,000 users of Catwatchful, a full-featured Android spyware app that openly markets itself as a tool for covert surveillance. The breach, discovered by a security researcher, highlights the persistent risks posed by stalkerware and the dangers of storing sensitive user data without adequate safeguards. Catwatchful…
-
Leaks hint at Operator-like tool in ChatGPT ahead of GPT-5 launch
A few new code references in the ChatGPT web app and Android point to an Operator-like tool in GPT’s chain of thoughts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/artificial-intelligence/leaks-hint-at-operator-like-tool-in-chatgpt-ahead-of-gpt-5-launch/
-
Breach Roundup: Phony Chinese Sites Mimic Retail Brands
Also, Spain Arrests Hacker Behind Leaks Targeting Politicians and Journalists. This week, Chinese sites mimicked brands, Spain arrested data leak hackers, Swiss health nonprofit ransomware attack, ICC probed a cyberattack, UNFI restored systems, a flaw in smart tractors, RomCom RAT. A U.K. man sentenced for locking employer out of network. A WordPress hack installs a…
-
Hunters International shuts ransomware operations, reportedly becomes an extortion-only gang called World Leaks
The most notorious and damaging ransomware of all timeRansomware recovery: 8 steps to successfully restore from backupThe dirty dozen: 12 worst ransomware groups active todayThe state of ransomware: Faster, smarter, and meanerRansomware gangs extort victims 17 hours after intrusion on average>> First seen on csoonline.com Jump to article: www.csoonline.com/article/4016974/hunters-international-shuts-ransomware-operations-reportedly-becomes-an-extortion-only-gang-called-world-leaks.html
-
Hunters International ransomware shuts down after World Leaks rebrand
The Hunters International Ransomware-as-a-Service (RaaS) operation announced today that it has officially closed down its operations and will offer free decryptors to help victims recover their data without paying a ransom. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hunters-international-ransomware-shuts-down-after-world-leaks-rebrand/
-
Spain arrests two over data leaks targeting state officials, journalists
Spain’s Interior Ministry said the suspects were responsible for stealing and leaking personal data belonging to high-ranking political figures, including Prime Minister Pedro Sánchez, President of the Congress of Deputies Francina Armengol and Catalonia’s President Salvador Illa. First seen on therecord.media Jump to article: therecord.media/spain-arrests-two-data-leaks-targeting-gov-officials-journalists
-
More Trump aide email leaks warned by Iranian hackers
First seen on scworld.com Jump to article: www.scworld.com/brief/more-trump-aide-email-leaks-warned-by-iranian-hackers
-
Synology ABM Vulnerability Leaks Microsoft 365 Sensitive Information
A critical vulnerability inSynology’s Active Backup for Microsoft 365 (ABM)has exposed sensitive data from Microsoft 365 tenants worldwide, potentially impacting over a million organizations relying on the popular backup solution. The flaw, tracked as CVE-2025-4679, allowed attackers to access confidential Microsoft 365 content”, including Teams messages, group memberships, Outlook conversations, and calendar data”, without requiring prior…
-
Mega-Leak mit 16 Milliarden Passwörtern: So prüfst du, ob deine Daten betroffen sind
Tags: leakFirst seen on t3n.de Jump to article: t3n.de/news/mega-leak-16-milliarden-passwoerter-1693686/
-
Some Brother printers have a remote code execution vulnerability, and they can’t fix it
The centerpiece of Rapid7’s disclosure is CVE-2024-51978, a vulnerability rated critical (CVSS 9.8 out of 10) that enables attackers to derive the default administrator password from the device’s serial number.While another of the discovered flaws, a medium severity information disclosure vulnerability (CVE-2024-51977), potentially allows an attacker to leak the prerequisite unique serial number via the…
-
Researchers Warn Free VPNs Could Leak US Data to China
Tech Transparency Project warns Chinese-owned VPNs like Turbo VPN and X-VPN remain on Apple and Google app stores, raising national security concerns. First seen on hackread.com Jump to article: hackread.com/researchers-warn-free-vpns-leak-us-data-to-china/
-
‘Cyber Fattah’ Hacktivist Group Leaks Saudi Games Data
As tensions in the Middle East rise, hacktivist groups are coming out of the woodwork with their own agendas, leading to notable shifts in the hacktivist threat landscape. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/cyber-fattah-hacktivist-leaks-saudi-games-data
-
Reported colossal 16B credential leak exaggerated, experts say
First seen on scworld.com Jump to article: www.scworld.com/brief/reported-colossal-16b-credential-leak-exaggerated-experts-say
-
Hundreds of MCP Servers at Risk of RCE and Data Leaks
Misconfigured AI-linked MCP servers are exposing users to data breaches and remote code execution threats First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mcp-servers-risk-rce-data-leaks/
-
CISA Issues Alert on ControlID iDSecure Flaws Enabling Bypass Authentication
Tags: access, authentication, cisa, control, cyber, cybersecurity, data, flaw, infrastructure, leak, software, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding critical vulnerabilities in ControlID’s iDSecure On-premises software, a widely used vehicle control and access management platform. The alert, designated ICSA-25-175-05 and released on June 24, 2025, highlights multiple security flaws that could allow attackers to bypass authentication, leak sensitive data, and perform…
-
Misconfigured MCP servers expose AI agent systems to compromise
Tags: access, ai, api, attack, authentication, control, credentials, data, data-breach, exploit, firewall, injection, Internet, leak, LLM, login, malicious, network, openai, risk, risk-assessment, service, tool, vulnerability‘NeighborJack’: Opening MCP servers to the internet: Many MCP servers lack strong authentication by default. Deployed locally on a system, anyone with access to their communication interface can potentially issue commands through the protocol to access their functionality. This is not necessarily a problem when the MCP server listens only to the local address 127.0.0.1,…
-
BreachForums hacking forum operators reportedly arrested in France
The French police have reportedly arrested five operators of the BreachForum cybercrime forum, a website used by cybercriminals to leak and sell stolen data that exposed the sensitive information of millions. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/breachforums-hacking-forum-operators-reportedly-arrested-in-france/
-
Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games
Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah.Cybersecurity company Resecurity said the breach was announced on Telegram on June 22, 2025, in the form of SQL database dumps, characterizing it as an information operation “carried out by…
-
Leak of data belonging to 7.4 million Paraguayans traced back to infostealers
The leaks to the dark web contain information “about the entire population” of Paraguay, researchers said, and likely originated with malware that infected a government employee device. First seen on therecord.media Jump to article: therecord.media/data-leak-paraguayan-millions-infostealer
-
Leak of data belonging to 7.4 million Paraguays traced back to infostealers
The leaks to the dark web contain information “about the entire population” of Paraguay, researchers said, and likely originated with malware that infected a government employee device. First seen on therecord.media Jump to article: therecord.media/data-leak-paraguayan-millions-infostealer
-
OPPO Clone Phone Vulnerability Leaks Sensitive Data via Weak WiFi Hotspot
A newly disclosed security vulnerability in OPPO’s widely used Clone Phone app has raised significant concerns over user privacy, as it exposes sensitive data through a weakly secured WiFi hotspot. The flaw, cataloged as CVE-2025-27387, has been rated as high severity and was published in the National Vulnerability Database and GitHub Advisory Database within the…
-
Cyber Fattah Leaks Data from Saudi Games in Alleged Iranian Operation
A cyber-attack by pro-Iranian group Cyber Fattah has leaked personal information from the Saudi Games online First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cyber-fattah-leaks-data-saudi-games/
-
Iran-Linked Threat Actors Cyber Fattah Leak Visitors and Athletes’ Data from Saudi Games
Cyber Fattah leaked thousands of records on athletes and visitors from past Saudi Games, per U.S.-based cybersecurity firm Resecurity. Resecurity (USA) identified the threat actors associated with the >>Cyber Fattah
-
Former JBLM Soldier Admits Attempting to Leak U.S. Military Network Details to China
A former U.S. Army sergeant who served at Joint Base Lewis-McChord (JBLM) in Washington has pleaded guilty to federal charges after admitting he tried to deliver sensitive military secrets to Chinese authorities. Joseph Daniel Schmidt, 31, entered his plea in U.S. District Court in Seattle, acknowledging two felonies: attempting to deliver national defense information and…
-
Iran-Linked Threat Actors Leak Visitors and Athletes’ Data from Saudi Games
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/iran-linked-threat-actors-leak-visitors-and-athletes-data-from-saudi-games
-
Your passwords are everywhere: What the massive 16 billion login leak means for you
Security researchers discovered 16 billion stolen passwords from Apple, Google, Facebook and more. Unlike traditional hacks, malicious software infected millions of personal devices, secretly stealing every login. Here’s what this means for your accounts and how to protect yourself immediately. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/your-passwords-are-everywhere-what-the-massive-16-billion-login-leak-means-for-you/
-
Massive Openprovider leak threatens web domains
Tags: leakFirst seen on scworld.com Jump to article: www.scworld.com/brief/massive-openprovider-leak-threatens-web-domains
-
16 Billion Passwords Stolen From 320 Million+ Computers Leaked Online
Tags: apple, breach, computer, credentials, cyber, cybersecurity, data, data-breach, github, google, government, identity, Internet, leak, login, password, risk, serviceA staggering 16 billion login credentials, usernames, and passwords have been exposed in what cybersecurity experts are calling the largest data breach in internet history. The leak, which impacts major platforms including Apple, Facebook, Google, Instagram, Telegram, GitHub, and even government services, has put billions of online accounts at unprecedented risk of account takeover, identity…