Millions of mSpy Customer Records Compromised in Data Leak

 



A major data leak exposed over 310 gigabytes of information from spyware developer mSpy, including 2.4 million unique email addresses. This data was obtained by the breach notification site Have I Been Pwned.

The leak, reportedly carried out by hacktivists, included 142 GB of user data such as email addresses, IP addresses, and names, collected from support tickets submitted by individuals seeking help with the application.

Unveiling the Risks: The AT&T Phone Records Breach

 



From focused wiretaps to bulk surveillance dragnets, cellphone corporations have been at the center of privacy concerns for decades—and their time in the spotlight is not over yet. On Friday, telecom giant AT&T announced that it recently suffered a data breach impacting call and text messaging information of “nearly all” its customers. The company is in the process of notifying about 110 million people that they were affected.

Data Nightmare : Billions of Passwords Leaked in Historic Breach

 





A hacker, known as "ObamaCare," has reportedly leaked 995 crore passwords, marking what researchers consider the largest password data breach ever. The dataset, named RockYou2024, was made public on Thursday, according to Forbes. This breach poses a significant risk as it compiles real-world passwords from users worldwide, making credential stuffing attacks much more feasible for cybercriminals.

Dark Web's Deadly Offer: Botnets at an Unbeatable Price

The Dark Web marketplace provides various options, including one-time purchases, subscriptions, and rentals, enabling hackers to easily acquire tools for cyberattacks.
   _______
  / \
 / \
| Dark Web |
 \ /
  _______/
   | |
   | $99 |
   | Botnets |
   | (Cyberattacks')

"Botnets can be controlled remotely to perform various types of cyberattacks," she said.

Hacker Alleges Airtel India Data Breach, Putting 375 Million Users at Risk || Airtel Denies the Breach

Highlights
• A hacker on the dark web claimed a massive Airtel data leak involving 375 million users.
• Airtel India has strongly denied the allegations.
• The hacker claims to be behind the Indian Ministry of External Affairs data leak as well.

Airtel India has vehemently denied claims of a massive data breach, which alleged that the data of 375 million Indian users was up for sale on the dark web. Airtel has reiterated that its users’ private information is safe and all such claims are fake.

Google Announces $250,000 Reward for Full VM Escape in New KVM Bug Bounty Program


 Google's new bug bounty program, kvmCTF, aims to identify and address vulnerabilities in the KVM hypervisor. The program functions like a Capture The Flag (CTF) event, where participants reserve time slots to access a guest VM in a lab environment and attempt guest-to-host attacks.

Understanding the Rise of FakeBat and Its Role in Drive-by Download Attacks


Over the past few years, cybercriminals have increasingly exploited the drive-by download technique to distribute malware via user web browsing. This technique often involves SEO-poisoning, malvertising, and code injection into compromised websites to deceive users into downloading fake software installers or browser updates.

The drive-by download technique is favored by multiple intrusion sets to distribute various types of malware, including loaders like FakeBat and BatLoader, botnets such as IcedID and PikaBot, infostealers like Vidar, Lumma, and Redline, post-exploitation frameworks like CobaltStrike and Sliver, and remote access trojans (RATs) such as NetSupport. Some of these attacks are orchestrated by Initial Access Brokers (IABs) and have facilitated the deployment of ransomware variants like BlackCat and Royal.

Millions of mSpy Customer Records Compromised in Data Leak

  A major data leak exposed over 310 gigabytes of information from spyware developer mSpy, including 2.4 million unique email addresses. Thi...