Tag: leak
-
Hacker Leaks 33,000 Employee Records in Third-Party API Breach
A hacker has exposed the personal records of over 33,000 employees after discovering unrestricted endpoints belonging to a major technology service provider. The breach, first reported by cybersecurity platform CloudSEK’s BeVigil, highlights alarming gaps in API security that could have far-reaching consequences for both the affected organization and its clients. CloudSEK’s BeVigil, a platform specializing…
-
CISA warns of potential data breaches caused by legacy Oracle Cloud leak
The Cybersecurity and Infrastructure Security Agency on Wednesday said that while the scope of the reported Oracle issue remains unconfirmed, it “presents potential risk to organizations and individuals.” First seen on therecord.media Jump to article: therecord.media/cisa-warns-of-potential-data-breaches-tied-to-oracle-issue
-
UK Fines Law Firm 60,000 Pounds for Ransomware Data Breach
Firm Failed to Close Outdated User Account, Waited 43 Days to Notify Regulators. The U.K. Information Commissioner’s Office imposed a fine of 60,000 pounds against Liverpool-based law firm DDP Law for GDPR violations relating to a 2022 ransomware hack and data leak that exposed sensitive information including the details of its clients’ cases. First seen…
-
Cloud, Cryptography Flaws in Mobile Apps Leak Enterprise Data
Cloud misconfigurations and cryptography flaws plague some of the top apps used in work environments, exposing organizations to risk and intrusion. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/cloud-cryptography-flaws-mobile-apps-expose-enterprise-data
-
British law firm fined after ransomware group publishes confidential client data
A U.K. law firm specializing in crime, family fraud, sexual offenses and other sensitive matters has been fined after a hack that led to a data leak on the dark web, something the company only learned about after authorities contacted it. First seen on therecord.media Jump to article: therecord.media/uk-law-firm-fined-ico-ransomware-sensitive-data-breached
-
4Chan Outage Sparks Cyberattack Rumors and Data Leak Concerns
On April 14, 2025, 4Chan, the infamous anonymous image board, experienced downtime due to unexplained outages that left users frustrated and speculating about the cause. While the exact reason for the downtime remains uncertain, some users have suggested that a cyberattack or hacking incident could be responsible. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/4chan-down-due-to-outage/
-
Texas Pediatric Orthopedics Clinic Says Hack Affects 140,000
Ransomware Gang Qilin Claims to Have 42GB of Practice’s Stolen Data. Ransomware group Qilin posted at least 42 gigabytes of data stolen from a Texas pediatric orthopedic practice for sale on its darkweb leak site in February. In recent days, Central Texas Pediatric Orthopedics began notifying more than 140,000 people that their data was compromised…
-
Black Basta chat leaks reveal details on ransomware infrastructure
First seen on scworld.com Jump to article: www.scworld.com/news/black-basta-chat-leaks-reveal-details-on-ransomware-infrastructure
-
4chan Breached? Hacker from Rival Soyjak Forum Claims Source Code Leak
4chan is down amid claims from a rival Soyjak forum user who says they’ve breached the site and… First seen on hackread.com Jump to article: hackread.com/4chan-breached-soyjak-forum-hacker-source-code-leak/
-
Possible Russian Hackers Targeted UK Ministry of Defense
Spear-Phishing Campaign Used RomCom Malware Variant. A phishing campaign wielding malware previously associated with Russian-speaking hackers targeted the U.K. Ministry of Defense in late 2024. It is unclear if the campaign is tied to a data leak of 600 armed personnel, civil servants, and defense contractors reported late last year. First seen on govinfosecurity.com Jump…
-
The quiet data breach hiding in AI workflows
As AI becomes embedded in daily business workflows, the risk of data exposure increases. Prompt leaks are not rare exceptions. They are a natural outcome of how employees use … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/14/quiet-data-breach-ai-workflows/
-
Morocco Investigates Social Security Agency Data Leak
A threat actor has claimed responsibility for the alleged politically motivated attack and has uploaded the stolen data to a Dark Web forum. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/morocco-investigates-social-security-agency-data-leak
-
South African telecom provider serving 7.7 million confirms data leak following cyberattack
South Africa’s fourth-largest mobile network operator, Cell C, has confirmed that its data was leaked on the dark web following a cyberattack last year. First seen on therecord.media Jump to article: therecord.media/south-african-telecom-provider-discloses-data-breach-ransomware
-
From likes to leaks: How social media presence impacts corporate security
From a psychological standpoint, we all crave attention, and likes and comments fuel that need, encouraging us to share even more on social media. In the corporate world, this … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/10/social-media-cybersecurity-risk-for-companies/
-
Misconfigured NexOpt database prompts extensive vehicle data leak
First seen on scworld.com Jump to article: www.scworld.com/brief/misconfigured-nexopt-database-prompts-extensive-vehicle-data-leak
-
Rights group calls on Thai government to end alleged cyberattacks against civil society
Human rights non-profit Amnesty International urged Thai authorities this week to investigate claims of state-sponsored cyberattacks against human rights organizations and pro-democracy activists following the leak of internal government documents that detailed such an operation. First seen on therecord.media Jump to article: therecord.media/rights-group-calls-on-thai-government-to-stop-alleged-cyberattacks-on-civil-society
-
Hackers Claim Magento Breach via Third-Party, Leak CRM Data of 700K Users
Another day, another data breach claim involving a high-profile company! First seen on hackread.com Jump to article: hackread.com/hackers-magento-breach-3rd-party-crm-data-leak/
-
Ransomware Groups Target Organizations to Exfiltrate Data and Blackmail via Leak Site Posts
Ransomware attacks have continued their relentless assault on organizations worldwide, with a focus on data exfiltration and subsequent blackmail through leak site posts. Rapid7 Labs’ analysis of internal and public data provides insights into the evolving landscape of ransomware threats. Evolving Tactics in Ransomware Operations The ransomware ecosystem has seen a shift where established and…
-
New Adobe Security Update Fixes Critical Exploits, Don’t Delay Your Update
Adobe has released a new security update addressing 30 vulnerabilities across various products, including multiple critical-severity bugs in ColdFusion versions”¯2025, 2023 and 2021 that could result in arbitrary file read and code execution. This Adobe security update includes patches for critical issues that could lead to code execution, arbitrary file system access, memory leaks, and…
-
“The girl should be calling men.” Leak exposes Black Basta’s influence tactics.
Disclosure of tactics, techniques, and procedures provides rare glimpse into secretive group. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/04/leaked-messages-expose-trade-secrets-of-prolific-black-basta-ransomware-group/
-
Medusa Ransomware Claims NASCAR Breach in Latest Attack
Medusa ransomware hits NASCAR, demands $4M ransom, leaks internal files. Group also claims Bridgebank, McFarland, and Pulse Urgent Care. First seen on hackread.com Jump to article: hackread.com/medusa-ransomware-claims-nascar-breach-latest-attack/
-
Cyberattack takes down Everest ransomware leak site
First seen on scworld.com Jump to article: www.scworld.com/brief/cyberattack-takes-down-everest-ransomware-leak-site
-
How Credential Leaks Fuel Cyberattacks
Credential leaks are fueling cyberattacks. Learn how credential stuffing works”, and how to stop account takeovers before they start. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/how-credential-leaks-fuel-cyberattacks/
-
Everest ransomware group’s Tor leak site offline after a defacement
The Tor leak site of the Everest ransomware group went offline after being hacked and defaced over the weekend. The Everest ransomware gang’s darknet site went offline after being hacked and defaced, with victim listings replaced by the following message. “Don’t do crime CRIME IS BAD xoxo from Prague” read the message published on the…
-
Threat Actor Leaks Data from Major Bulletproof Hosting Provider Medialand
Tags: breach, control, cyber, cybercrime, data, data-breach, infrastructure, leak, malware, phishing, ransomware, threatA threat actor disclosed internal data from Medialand, a prominent bulletproof hosting (BPH) provider long associated with Yalishanda, a cybercriminal organization tracked as LARVA-34. The breach has exposed the backend systems and operational infrastructure of Medialand, which has historically facilitated a wide array of illicit cyber activities, including ransomware operations, malware control-and-command systems, phishing campaigns,…
-
Everest Ransomware Gang’s Leak Site Hacked and Defaced
TechCrunch has uncovered a concerning development in consumer-grade spyware: a stealthy Android monitoring app that employs password-protected uninstallation to prevent removal. This app, which abuses built-in Android features like overlay permissions and device admin access, exemplifies the escalating technical sophistication of stalkerware tools designed for covert surveillance. While rebooting into >>safe mode
-
Everest ransomware’s dark web leak site defaced, now offline
The dark web leak site of the Everest ransomware gang has apparently been hacked over the weekend by an unknown attacker and is now offline. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/everest-ransomwares-dark-web-leak-site-defaced-now-offline/
-
Everest ransomware group’s darknet site offline following defacement
The darknet leak site used by the ransomware gang Everest went offline Monday after being apparently hacked and defaced over the weekend. First seen on therecord.media Jump to article: therecord.media/everest-ransomware-site-offline-following-defacement
-
iOS 19.4 Leak: Apple arbeitet an einer KI-gestützten Health-App
First seen on t3n.de Jump to article: t3n.de/news/ios-19-4-leak-apple-health-app-1680745/