Security News

ADT confirms data breach after customer info leaked on hacking forum
2024-08-08 13:41

ADT Inc. disclosed via a Form 8-K filing at the U.S. Securities and Exchange Commission (SEC) that hackers have gained access to its systems, which hold customer order details. [...]

Leaked GitHub Python Token
2024-08-02 11:01

Cybersecurity researchers from JFrog recently discovered a GitHub Personal Access Token in a public Docker container hosted on Docker Hub, which granted elevated access to the GitHub repositories of the Python language, Python Package Index, and the Python Software Foundation. The implications of someone finding this leaked token could be extremely severe.

Over 400,000 Life360 user phone numbers leaked via unsecured API
2024-07-17 16:32

A threat actor has leaked a database containing the personal information of 442,519 Life360 customers collected by abusing a flaw in the login API. Known only by their 'emo' handle, they said the unsecured API endpoint used to steal the data provided an easy way to verify each impacted user's email address, name, and phone number. According to the threat actor, Life360 has since fixed the API flaw, and additional requests now return a placeholder phone number.

Email addresses of 15 million Trello users leaked on hacking forum
2024-07-16 17:57

A threat actor has released over 15 million email addresses associated with Trello accounts that were collected using an unsecured API in January. Emo created a list of 500 million email addresses and fed it into the API to determine if they were linked to a Trello account.

Break-in at 'third-party cloud platform' leaked 110M customer records, says AT&T
2024-07-12 14:09

Snowflake? Snowflake AT&T has admitted that cyberattackers grabbed a load of its data for the second time this year, and if you think the first haul was big you haven't seen anything: This one...

Nearly 10 Billion Passwords Leaked in Biggest Compilation of All Time
2024-07-09 11:08

Nearly 10 billion passwords have been leaked on a popular hacking forum, according to Cybernews.

T-Mobile denies it was hacked, links leaked data to vendor breach
2024-06-20 00:43

IntelBroker describes the data they're selling as "Source code, SQL files, Images, Terraform data, t-mobile.com certifications, Siloprograms." Recently, IntelBroker has been rapidly releasing new data breaches, and if they all used this cloud provider, it could explain where all the data is coming from.

Christie's stolen data sold to highest bidder rather than leaked, RansomHub claims
2024-06-04 14:32

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

361 million account credentials leaked on Telegram: Are yours among them?
2024-06-04 12:01

A new trove of 361 million email addresses has been added to Have I Been Pwned?, the free online service through which users can check whether their account credentials and other data has been compromised in one or more data breaches. The data includes lists of credentials for accounts grouped either by service or country.

361 million stolen accounts leaked on Telegram added to HIBP
2024-06-03 19:47

A massive trove of 361 million email addresses from credentials stolen by password-stealing malware, in credential stuffing attacks, and from data breaches was added to the Have I Been Pwned data breach notification service, allowing anyone to check if their accounts have been compromised. Cybersecurity researchers collected these credentials from numerous Telegram cybercrime channels, where the stolen data is commonly leaked to the channel's users to build reputation and subscribers.