Tag: leak
-
Massive Openprovider leak threatens web domains
Tags: leakFirst seen on scworld.com Jump to article: www.scworld.com/brief/massive-openprovider-leak-threatens-web-domains
-
16 Billion Passwords Stolen From 320 Million+ Computers Leaked Online
Tags: apple, breach, computer, credentials, cyber, cybersecurity, data, data-breach, github, google, government, identity, Internet, leak, login, password, risk, serviceA staggering 16 billion login credentials, usernames, and passwords have been exposed in what cybersecurity experts are calling the largest data breach in internet history. The leak, which impacts major platforms including Apple, Facebook, Google, Instagram, Telegram, GitHub, and even government services, has put billions of online accounts at unprecedented risk of account takeover, identity…
-
No, the 16 billion credentials leak is not a new data breach
News broke today of a “mother of all breaches,” sparking wide media coverage filled with warnings and fear-mongering. However, it appears to be a compilation of previously leaked credentials stolen by infostealers, exposed in data breaches, and via credential stuffing attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/no-the-16-billion-credentials-leak-is-not-a-new-data-breach/
-
Foreign aircraft, domestic risks
Tags: access, attack, authentication, best-practice, blueteam, breach, computer, control, cyber, cybersecurity, data, defense, detection, encryption, firmware, framework, government, Hardware, injection, leak, malicious, malware, monitoring, network, nist, phone, risk, software, supply-chain, technology, threat, update, vulnerabilityCondensed threat matrix Legacy protocols create new attack surfaces : One of the banes of the OT world is the reliance on legacy technology that cannot easily be patched or upgraded without causing major disruptions. Similarly, the Boeing 747-8 employs a hybrid bus architecture. While it integrates modern flight management technologies like the Thales TopFlight Flight…
-
Hackers Claim Breach of Scania Financial Services, Leak Sensitive Data
A significant data breach has rocked Sweden’s Scania Financial Services, as a threat actor operating under the alias “hensi” claims to have infiltrated the subdomain insurance.scania.com, exfiltrating a trove of sensitive files and offering them for sale on underground forums. The incident, first detected in mid-June 2025, has raised concerns across the automotive and financial…
-
Operation 999: Ransomware tabletop tests cyber execs’ response
Tags: access, attack, blueteam, breach, computer, conference, cyber, cyberattack, cybersecurity, data, data-breach, extortion, group, hacker, incident, incident response, infrastructure, leak, military, network, ransom, ransomware, RedTeam, resilience, risk, service, threat, tool, trainingExtortion attempts rebuffed: As the exercise moved on, the blue team refuse to pay a ransom after consulting with the authorities, legal teams, and crisis management experts. Instead of upping the ante by threatening to sabotage the water treatment algorithms or chemical pumps, potentially tainting the supply, the attackers decide to leak customer records online…
-
Fairphone 6 deutlich verbessert: Leak enthüllt Details des nachhaltigen Smartphones
Tags: leakFirst seen on t3n.de Jump to article: t3n.de/news/fairphone-6-leak-details-1692870/
-
Copilot AI Bug Could Leak Sensitive Data via Email Prompts
Microsoft Patched Flaw Allowing Attackers to Hijack Copilot Responses. A well-phrased email was all an attacker would have needed to trick Microsoft Copilot into handing over sensitive data until the operating system giant patched the vulnerability. The zero-click prompt injection attack vulnerability received a CVSS severity score of 9.3. First seen on govinfosecurity.com Jump to…
-
âš¡ Weekly Recap: iPhone Spyware, Microsoft 0-Day, TokenBreak Hack, AI Data Leaks and More
Some of the biggest security problems start quietly. No alerts. No warnings. Just small actions that seem normal but aren’t. Attackers now know how to stay hidden by blending in, and that makes it hard to tell when something’s wrong.This week’s stories aren’t just about what was attacked”, but how easily it happened. If we’re…
-
Hackers Leak Data of 10,000 VirtualMacOSX Customers in Alleged Breach
Hackers leak data of 10,000 VirtualMacOSX customers in alleged breach, exposing names, emails, passwords, and financial details on a hacking forum. First seen on hackread.com Jump to article: hackread.com/hackers-leak-virtualmacosx-customers-data-breach/
-
Black Basta Leaks Highlight Phishing, Google Takeover Risks
Defunct Ransomware Group’s Diaspora Includes Hackers With Focus on Microsoft Teams Based on intelligence gleaned from the leak of Black Basta ransomware messages, researchers are warning organizations to beware phishing attacks launched via Microsoft partner domains and via Teams, as well as the targeting of personal Google accounts accessed via corporate devices. First seen on…
-
Ransomware Group Threatens to Dump Paraguayan Citizens’ Data
7.2 Million Individuals’ Personal Data Being Held to Ransom by Threat Actor. A data-leak group extortion is shaking down the government of Paraguay for a ransom payment worth $7.4 million, or $1 for every one of the country’s citizens. The group, calling itself Brigada Cyber PMC, claims the stolen data includes people’s personally identifiable information.…
-
Misconfiguration leaks GonnaOrder data
First seen on scworld.com Jump to article: www.scworld.com/brief/misconfiguration-leaks-gonnaorder-data
-
LockBit’s New Reality Is Out of Control Affiliates
May Database Leak Shows Ransomware Group Taking New Chances. Affiliates of beleaguered ransomware-as-a-service operation LockBit have turned toward Chinese targets, finds an analysis of a May leak of the group’s admin panel. LockBit affiliates targeted 156 organizations during that time, the majority of them located in China. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/lockbits-new-reality-out-control-affiliates-a-28666
-
LockBit panel data leak shows Chinese orgs among the most targeted
The LockBit ransomware-as-a-service (RaaS) operation has netted around $2.3 million USD within 5 months, the data leak stemming from the May 2025 hack of a LockBit affiliate … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/12/lockbit-data-leak-targets-ransoms/
-
137,000 SoftBank Customers Affected by Data Leak from Third-Party Vendor
SoftBank has previously experienced significant data breaches. In 2004, the company confirmed that personal information on 4,517,039 customers had been leaked through two separate cases involving suspects Yuasa and Kimata. This historical incident demonstrates the scale of data security challenges telecommunications companies face. Current Data Protection Framework SoftBank has established comprehensive data protection policies following…
-
Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot
A new attack dubbed ‘EchoLeak’ is the first known zero-click AI vulnerability that enables attackers to exfiltrate sensitive data from Microsoft 365 Copilot from a user’s context without interaction. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/zero-click-ai-data-leak-flaw-uncovered-in-microsoft-365-copilot/
-
Unsecured My Jedai AI chatbot database leaks certain Canva creator info
First seen on scworld.com Jump to article: www.scworld.com/brief/unsecured-my-jedai-ai-chatbot-database-leaks-certain-canva-creator-info
-
Vulnerability in DanaBot Malware C2 Server Leaks Threat Actor Usernames and Crypto Keys
Tags: breach, control, crypto, cyber, cybersecurity, data, infrastructure, leak, malicious, malware, threat, vulnerabilityA severe vulnerability in the command-and-control (C2) infrastructure of the notorious DanaBot malware has been uncovered, potentially exposing critical data belonging to threat actors. Researchers have identified a misconfiguration in the server setup that inadvertently leaks usernames and cryptographic keys used by malicious operators to manage their campaigns. This breach could provide cybersecurity defenders with…
-
Security Affairs newsletter Round 527 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts found 4 billion user records online, the largest known leak of Chinese personal data from…
-
IT Security: Sorge im Weißen Haus wegen Starlink-Zugang
Tags: leakEine ungesicherte Internetverbindung, über die Leaks und Spionage möglich sind, sollte nicht existieren. Elon Musk ließ sie trotzdem installieren. First seen on golem.de Jump to article: www.golem.de/news/it-security-sorge-im-weissen-haus-wegen-starlink-zugang-2506-196945.html
-
Scalable Solutions for NHI Management
Is Your Organization Implementing Scalable Solutions for NHI Management? Is your business laying a solid groundwork for efficient Non-Human Identity (NHI) management? If not, you’re likely exposing your organization to unnecessary risks. Data leaks and breaches could be lurking around the corner, jeopardizing your company’s reputation and bottom line. Understanding Non-Human Identities (NHIs) Non-Human Identities,……
-
Experts found 4 billion user records online, the largest known leak of Chinese personal data from a single source
Over 4 billion user records were found exposed online in a massive breach, possibly linked to the surveillance of Chinese citizens. Cybersecurity researcher Bob Dyachenko and the Cybernews team discovered a massive data leak in China that exposed billions of documents, including financial, WeChat, and Alipay data, likely affecting hundreds of millions. Researchers speculate data…
-
More than 4B user records compromised in largest Chinese data leak yet
First seen on scworld.com Jump to article: www.scworld.com/brief/more-than-4b-user-records-compromised-in-largest-chinese-data-leak-yet
-
DragonForce Ransomware Reportedly Compromised Over 120 Victims in the Past Year
DragonForce, a ransomware group first identified in fall 2023, has claimed over 120 victims in the past year, marking its rapid ascent as a formidable player in the ransomware ecosystem. Initially operating under a Ransomware-as-a-Service (RaaS) model, DragonForce has since pivoted to a ransomware cartel structure, as announced in March 2025 on its data leak…
-
Colossal breach exposes 4B Chinese user records in surveillance-grade database
Tags: breach, china, cybercrime, cybersecurity, data, data-breach, disinformation, exploit, finance, fraud, group, identity, infrastructure, insurance, intelligence, iphone, leak, mobile, organized, phishing, phone, threataccording to cybersecurity firm Cybernews, which reported its findings based on its own research.What makes this breach particularly alarming isn’t just its size, though at four billion records, it’s believed to be the largest single-source leak of Chinese personal data ever found, it’s the breadth and depth of information that was exposed.According to the report, the researchers stumbled…
-
Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hard-Coded Credentials
Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks.”Several widely used extensions […] unintentionally transmit sensitive data over simple HTTP,” Yuanjing Guo, a security researcher in the Symantec’s Security Technology and Response First…
-
PoC Exploit Released for Apache Tomcat DoS Vulnerability
A critical memory leak vulnerability in Apache Tomcat’s HTTP/2 implementation (CVE-2025-31650) has been weaponized, enabling unauthenticated denial-of-service attacks through malformed priority headers. The flaw affects Tomcat versions 9.0.769.0.102, 10.1.1010.1.39, and 11.0.0-M211.0.5, with public exploits already circulating 12. Vulnerability Mechanics and Attack Vector According to the report, the vulnerability stems from the improper cleanup of failed…
-
AT&T Hit by Massive Reported Identity Data Leak – Again
Leaked Records Include Names, Decrypted Social Security Numbers and Addresses. Hackers have seemingly re-released a refined trove of 86 million AT&T records, including decrypted Social Security numbers and full identity data, heightening the risk of fraud and impersonation for tens of millions of users as researchers cite structural improvements in the dataset. First seen on…