Tag: leak
-
Unsecured My Jedai AI chatbot database leaks certain Canva creator info
First seen on scworld.com Jump to article: www.scworld.com/brief/unsecured-my-jedai-ai-chatbot-database-leaks-certain-canva-creator-info
-
Vulnerability in DanaBot Malware C2 Server Leaks Threat Actor Usernames and Crypto Keys
Tags: breach, control, crypto, cyber, cybersecurity, data, infrastructure, leak, malicious, malware, threat, vulnerabilityA severe vulnerability in the command-and-control (C2) infrastructure of the notorious DanaBot malware has been uncovered, potentially exposing critical data belonging to threat actors. Researchers have identified a misconfiguration in the server setup that inadvertently leaks usernames and cryptographic keys used by malicious operators to manage their campaigns. This breach could provide cybersecurity defenders with…
-
Security Affairs newsletter Round 527 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Experts found 4 billion user records online, the largest known leak of Chinese personal data from…
-
IT Security: Sorge im Weißen Haus wegen Starlink-Zugang
Tags: leakEine ungesicherte Internetverbindung, über die Leaks und Spionage möglich sind, sollte nicht existieren. Elon Musk ließ sie trotzdem installieren. First seen on golem.de Jump to article: www.golem.de/news/it-security-sorge-im-weissen-haus-wegen-starlink-zugang-2506-196945.html
-
Scalable Solutions for NHI Management
Is Your Organization Implementing Scalable Solutions for NHI Management? Is your business laying a solid groundwork for efficient Non-Human Identity (NHI) management? If not, you’re likely exposing your organization to unnecessary risks. Data leaks and breaches could be lurking around the corner, jeopardizing your company’s reputation and bottom line. Understanding Non-Human Identities (NHIs) Non-Human Identities,……
-
Experts found 4 billion user records online, the largest known leak of Chinese personal data from a single source
Over 4 billion user records were found exposed online in a massive breach, possibly linked to the surveillance of Chinese citizens. Cybersecurity researcher Bob Dyachenko and the Cybernews team discovered a massive data leak in China that exposed billions of documents, including financial, WeChat, and Alipay data, likely affecting hundreds of millions. Researchers speculate data…
-
More than 4B user records compromised in largest Chinese data leak yet
First seen on scworld.com Jump to article: www.scworld.com/brief/more-than-4b-user-records-compromised-in-largest-chinese-data-leak-yet
-
DragonForce Ransomware Reportedly Compromised Over 120 Victims in the Past Year
DragonForce, a ransomware group first identified in fall 2023, has claimed over 120 victims in the past year, marking its rapid ascent as a formidable player in the ransomware ecosystem. Initially operating under a Ransomware-as-a-Service (RaaS) model, DragonForce has since pivoted to a ransomware cartel structure, as announced in March 2025 on its data leak…
-
Colossal breach exposes 4B Chinese user records in surveillance-grade database
Tags: breach, china, cybercrime, cybersecurity, data, data-breach, disinformation, exploit, finance, fraud, group, identity, infrastructure, insurance, intelligence, iphone, leak, mobile, organized, phishing, phone, threataccording to cybersecurity firm Cybernews, which reported its findings based on its own research.What makes this breach particularly alarming isn’t just its size, though at four billion records, it’s believed to be the largest single-source leak of Chinese personal data ever found, it’s the breadth and depth of information that was exposed.According to the report, the researchers stumbled…
-
Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hard-Coded Credentials
Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks.”Several widely used extensions […] unintentionally transmit sensitive data over simple HTTP,” Yuanjing Guo, a security researcher in the Symantec’s Security Technology and Response First…
-
PoC Exploit Released for Apache Tomcat DoS Vulnerability
A critical memory leak vulnerability in Apache Tomcat’s HTTP/2 implementation (CVE-2025-31650) has been weaponized, enabling unauthenticated denial-of-service attacks through malformed priority headers. The flaw affects Tomcat versions 9.0.769.0.102, 10.1.1010.1.39, and 11.0.0-M211.0.5, with public exploits already circulating 12. Vulnerability Mechanics and Attack Vector According to the report, the vulnerability stems from the improper cleanup of failed…
-
AT&T Hit by Massive Reported Identity Data Leak – Again
Leaked Records Include Names, Decrypted Social Security Numbers and Addresses. Hackers have seemingly re-released a refined trove of 86 million AT&T records, including decrypted Social Security numbers and full identity data, heightening the risk of fraud and impersonation for tens of millions of users as researchers cite structural improvements in the dataset. First seen on…
-
Unsecured Database Exposes Data of 3.6 Million Passion.io Creators
A massive data leak has put the personal information of over 3.6 million app creators, influencers, and entrepreneurs… First seen on hackread.com Jump to article: hackread.com/unsecured-database-exposes-passion-io-creators-data/
-
Old AT&T data leak repackaged to link SSNs, DOBs to 49M phone numbers
A threat actor has re-released data from a 2021 AT&T breach affecting 70 million customers, this time combining previously separate files to directly link Social Security numbers and birth dates to individual users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/old-atandt-data-leak-repackaged-to-link-ssns-dobs-to-49m-phone-numbers/
-
Popular Chrome Extensions Leak API Keys, User Data via HTTP and Hardcoded Credentials
Cybersecurity researchers have flagged several popular Google Chrome extensions that have been found to transmit data in HTTP and hard-code secrets in their code, exposing users to privacy and security risks.”Several widely used extensions […] unintentionally transmit sensitive data over simple HTTP,” Yuanjing Guo, a security researcher in the Symantec’s Security Technology and Response First…
-
Interlock ransomware claims Kettering Health breach, leaks stolen data
The Interlock ransomware gang has claimed a recent cyberattack on the Kettering Health healthcare network and leaked data allegedly stolen from breached systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/interlock-ransomware-claims-kettering-health-breach-leaks-stolen-data/
-
When AI Turns Against Us FireTail Blog
Jun 04, 2025 – Lina Romero – Artificial Intelligence is the biggest development in tech of the 21st century. But although AI is continuing to develop at a breakneck pace, many of us still don’t understand all the risks and implications for cybersecurity. And this issue is only growing more complicated and critical. Now more…
-
Ransomware scum leak patient data after disrupting chemo treatments at Kettering
Literally adding insult to injury First seen on theregister.com Jump to article: www.theregister.com/2025/06/04/ransomware_scum_leak_kettering_patient_data/
-
Exclusive: Hackers Leak 86 Million ATT Records with Decrypted SSNs
Hackers leak data of 88 million ATT customers with decrypted SSNs; latest breach raises questions about links to earlier Snowflake-related attack. First seen on hackread.com Jump to article: hackread.com/hackers-leak-86m-att-records-with-decrypted-ssns/
-
HPE fixed multiple flaws in its StoreOnce software
Hewlett Packard Enterprise (HPE) addressed multiple flaws in its StoreOnce data backup and deduplication solution. HPE has released security patches for eight vulnerabilities in its StoreOnce backup solution. These issues could allow remote code execution, authentication bypass, data leaks, and more. >>Potential security vulnerabilities have been identified in HPE StoreOnce Software.>These […] First seen on…
-
Vulnerability leaks Vanta customer info
First seen on scworld.com Jump to article: www.scworld.com/brief/vulnerability-leaks-vanta-customer-info
-
Code Bug at Compliance Firm Vanta Leaks Customer Data to Other Clients
Compliance automation provider Vanta confirms a software bug exposed private customer data to other users, impacting hundreds of… First seen on hackread.com Jump to article: hackread.com/code-bug-compliance-vanta-data-leak-customer-clients/
-
Trickbot, Conti Ransomware Operator Unmasked Amid Huge Ops Leak
An anonymous whistleblower has leaked large amounts of data tied to the alleged operator behind Trickbot and Conti ransomware. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/trickbot-conti-ransomware-operator-unmasked
-
BKA enthüllt Identität von Trickbot-Anführer
Tags: cybercrime, germany, hacker, infrastructure, intelligence, international, leak, malware, ransomware, tool, ukraine, usaInternational gesucht: Hacker-Boss soll sich in Russland verstecken Hinweise erbeten.Der Anführer der berüchtigten russischen Cybercrime-Gruppe Trickbot, die seit mindestens 2016 weltweit massive Schäden anrichtet, wurde enttarnt: Vitalii Nikolaevich Kovalev, auch bekannt unter dem Pseudonym ‘Stern”, soll der Kopf der Bande sein, die auch unter dem Namen Wizard Spider bekannt ist.Verantwortlich für die Enthüllung ist das…
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 47
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape 60 Malicious npm Packages Leak Network and Host Data in Active Malware Campaign Russia-Aligned TAG-110 Targets Tajikistan with Macro-Enabled Word Documents Inside a VenomRAT Malware Campaign Fake Google Meet Page Tricks Users into Running PowerShell Malware…
-
Linux Crash Dump Flaws Expose Passwords, Encryption Keys
Race-Condition Bugs in Ubuntu and Red Hat Tools Could Leak Sensitive Memory Data. Hackers could exploit a tool that stores crashed system data in older Linux operating systems to obtain passwords and encryption keys, warn researchers. The flaw lies in the way certain Linux distributions, including Ubuntu, Red Hat, and Fedora, handle application crashes. First…
-
US military IT specialist arrested for allegedly trying to leak secrets to foreign government
A 28-year-old civilian IT worker at the Defense Intelligence Agency has been arrested in Northern Virginia on suspicion that he leaked secrets to a foreign government. First seen on therecord.media Jump to article: therecord.media/defense-intelligence-agency-it-specialist-suspected-leak-foreign-government
-
Mit diesem neuen Playstation-Handheld will Sony der Switch 2 Konkurrenz machen laut Leak
First seen on t3n.de Jump to article: t3n.de/news/playstation-handheld-switch-2-konkurrenz-1689985/