Data Breach

Europol flow chat

FBI and Europol Shut Down LeakBase Forum Used for Trading Stolen Credentials

International law enforcement agencies have successfully dismantled LeakBase, a notorious online marketplace widely used by cybercriminals to trade stolen credentials and hacking resources. The coordinated crackdown was led by the Federal Bureau of Investigation and Europol as part of a multinational cybercrime investigation. Authorities confirmed that the website leakbase[.]la has been seized. Visitors attempting to access the platform now encounter an official […]

FBI and Europol Shut Down LeakBase Forum Used for Trading Stolen Credentials Read More »

Thousands of Google Cloud API Keys Exposed After Gemini Access Enabled

A new security analysis has revealed that thousands of publicly exposed Google Cloud API keys could be misused to access sensitive Gemini AI endpoints once the Generative Language API is activated within a project. Researchers at Truffle Security identified nearly 3,000 Google API keys, recognizable by the prefix AIza, embedded in client side JavaScript code across websites.

Thousands of Google Cloud API Keys Exposed After Gemini Access Enabled Read More »

Malicious NuGet Packages Stole ASP.NET Data While npm Package Delivered Malware

Cybersecurity analysts have uncovered four harmful NuGet packages designed to infiltrate ASP.NET development environments and secretly extract sensitive application data. The campaign, identified by Socket, focused on compromising applications during development rather than directly attacking developers’ machines. The rogue packages were uploaded to the official NuGet repository between August 12 and 21, 2024, by a user

Malicious NuGet Packages Stole ASP.NET Data While npm Package Delivered Malware Read More »

PayPal Reveals Six Month Data Breach Exposing User Information

Digital payments giant PayPal has disclosed a data security incident that exposed sensitive customer information for nearly six months. The issue stemmed from a software error within its small business lending platform, raising renewed concerns about data governance, financial technology security, and regulatory compliance. Software Error Behind Prolonged Data Exposure According to PayPal, the incident

PayPal Reveals Six Month Data Breach Exposing User Information Read More »

Data Breach at French Bank Registry Affects 1.2 Million Accounts

France’s financial authorities have revealed a major cybersecurity breach affecting approximately 1.2 million bank account records. The incident targeted the country’s centralized bank account registry, raising serious concerns about data protection, identity theft, and financial fraud. Officials have launched a full investigation while strengthening national cybersecurity defenses. Unauthorized Access to National Bank Registry The French

Data Breach at French Bank Registry Affects 1.2 Million Accounts Read More »

Mississippi Medical Center Shuts Down All Clinics Following Ransomware Attack

A major healthcare provider in the United States has temporarily closed all its clinic locations following a disruptive cyberattack. The University of Mississippi Medical Center (UMMC) confirmed that a ransomware incident forced it to shut down multiple IT systems while emergency protocols were activated to maintain patient care. Authorities at the federal level are now

Mississippi Medical Center Shuts Down All Clinics Following Ransomware Attack Read More »

Former Google Engineers Indicted for Transferring Trade Secrets to Iran

Two former engineers from Google and the husband of one of them have been indicted in the United States for allegedly stealing sensitive trade secrets from major technology firms and transferring the information to unauthorized destinations, including Iran. The defendants, Samaneh Ghandali, 41, her husband Mohammadjavad Khosravi, also known as Mohammad Khosravi, 40, and her sister Soroor

Former Google Engineers Indicted for Transferring Trade Secrets to Iran Read More »

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens

Cybersecurity researchers have identified a case in which an information-stealing malware successfully extracted sensitive configuration files linked to OpenClaw, the open-source AI agent platform previously known as Clawdbot and Moltbot. According to researchers at Hudson Rock, the incident represents a turning point in infostealer evolution. Instead of focusing solely on browser credentials, threat actors are now harvesting

Infostealer Steals OpenClaw AI Agent Configuration Files and Gateway Tokens Read More »

Malicious Chrome Extensions Exposed for Stealing Business Data, Emails, and Browsing History

Browser extensions are once again under scrutiny after multiple investigations revealed coordinated campaigns abusing Google Chrome add ons to steal business intelligence, authentication codes, emails, and browsing history. Security researchers have identified several malicious extensions impersonating productivity tools, AI assistants, and social media customization plugins. These threats specifically target platforms such as Meta Business Suite, Facebook Business Manager, Google Chrome,

Malicious Chrome Extensions Exposed for Stealing Business Data, Emails, and Browsing History Read More »

First Malicious Outlook Add-In Discovered Stealing Over 4,000 Microsoft Credentials

Cybersecurity researchers have uncovered what is believed to be the first malicious Microsoft Outlook add-in observed in active attacks. The discovery highlights a new evolution in supply chain threats targeting trusted software marketplaces. According to security firm Koi Security, an unidentified attacker hijacked a previously legitimate but abandoned Outlook add-in domain to host a fraudulent

First Malicious Outlook Add-In Discovered Stealing Over 4,000 Microsoft Credentials Read More »