More results...
A flaw in Catwatchful spyware exposed logins of 62,000 users, turning the spy tool into a data leak, security researcher Eric Daigle revealed. A flaw in the Catwatchful Android spyware exposed its full user database, leaking email addresses and plaintext passwords of both customers and its admin, TechCrunch first reported. Security researcher Eric Daigle first discovered […]
submitted by /u/alexlash [link] [comments]
submitted by /u/EverythingIsFnTaken [link] [comments]
China-linked group Houken hit French govt, telecom, media, finance and transport sectors using Ivanti CSA zero-days, says France’s ANSSI. France’s cyber agency ANSSI revealed that a Chinese hacking group used Ivanti CSA zero-days to target government, telecom, media, finance, and transport sectors. The campaign, active since September 2024, is linked to the Houken intrusion set, […]
Resecurity found a breach in Brazil’s CIEE One platform, exposing PII and documents, later sold by data broker “888” on the dark web. Resecurity identified a data breach of one of the major platforms in Brazil connecting businesses and trainees called CIEE One – leading to the compromise of sensitive PII, including ID records, contact […]
Europol shuts down Archetyp Market, longest-running dark web drug site, the police arrested the admin in Spain, top vendors hit in Sweden. An international law enforcement operation led by German authorities has shut down Archetyp Market, the longest-running dark web drug marketplace, in a coordinated operation across six countries with support from Europol and Eurojust. […]
A data breach at Kelly Benefits has impacted 550,000 people, with the number of affected individuals growing as the investigation continues. Benefits and payroll solutions firm Kelly Benefits has confirmed that a recent data breach has affected 550,000 individuals. As the investigation continued, the scale of the impact expanded, revealing that more people were affected […]
Digital communications technology giant Cisco addressed a static SSH credentials vulnerability in its Unified Communications Manager (Unified CM). A flaw, tracked as CVE-2025-20309 (CVSS score of 10), in Cisco Unified Communications Manager and its Session Management Edition lets remote attackers log in using hardcoded root credentials set during development. Cisco Unified Communications Manager (CUCM) is a call […]
U.S. Treasury sanctions Russia-based Aeza Group and affiliates for aiding cybercriminals via bulletproof hosting services. The U.S. Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Russia-based Aeza Group for aiding global cybercriminals via bulletproof hosting services. A bulletproof hosting service is a type of internet hosting provider that knowingly allows cybercriminals to host malicious content […]
Qantas reports a cyberattack after hackers accessed customer data via a third-party platform, amid ongoing Scattered Spider aviation breaches. Qantas, Australia’s largest airline, disclosed a cyberattack after hackers accessed a third-party platform used by a call centre, stealing significant customer data. The breach, linked to ongoing Scattered Spider activity, was detected and contained on Monday. […]