Meta, yandex caught spying on android users web activity using Covert Web-to-App Tracking via unprotected Localhost since 2017

https://localmess.github.io/ We disclose a novel tracking method by Meta and Yandex potentially affecting billions of Android users. We found that native Android apps—including Facebook, Instagram, and several Yandex apps including Maps and Browser—silently listen on fixed local ports for tracking purposes. These native Android apps receive browsers’ metadata, cookies and commands from the Meta Pixel Read more about Meta, yandex caught spying on android users web activity using Covert Web-to-App Tracking via unprotected Localhost since 2017[…]

Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump

A mystery whistleblower calling himself GangExposed has exposed key figures behind the Conti and Trickbot ransomware crews, publishing a trove of internal files and naming names. The leaks include thousands of chat logs, personal videos, and ransom negotiations tied to some of the most notorious cyber-extortion gangs —believed to have raked in billions from companies, Read more about Mysterious leaker GangExposed outs Conti kingpins in massive ransomware data dump[…]

Someone Found Over 180 Million User Records for all kinds of platforms in an Unprotected Online Database

If you use the internet, you’ve probably had at least some personal information go missing. It’s just the nature of the web. But this latest discovery, as reported by Wired, is something different. Security researcher Jeremiah Fowler found a public online database housing over 180 million records (184,162,718 to be exact) which amounted to more Read more about Someone Found Over 180 Million User Records for all kinds of platforms in an Unprotected Online Database[…]

UK Legal Aid Agency attack involved ‘significant’ data theft

A “significant amount of personal data” belonging to legal aid applicants dating back to 2010 in the UK was stolen by cybercriminals, the Ministry of Justice (MoJ) confirmed today. The announcement follows the initial news from May 6 of an attack on the UK’s Legal Aid Agency (LAA), an MoJ-sponsored organization that allows legal aid Read more about UK Legal Aid Agency attack involved ‘significant’ data theft[…]

M&S warns of £300M dent in profits from cyberattack

Marks & Spencer says the disruption related to its ongoing cyberattack is likely to knock around £300 million ($402 million) off its operating profits for the next financial year (2025/26). The beleaguered high street retailer made the admission in its fiscal 2025 profit and loss accounts for the year ended March 29, published on Wednesday, Read more about M&S warns of £300M dent in profits from cyberattack[…]

Three Steps Coinbase Users Should Take After a Hack (bribe of support agents) Compromised One Million Accounts

Data breaches are most often the work of external bad actors, but sometimes the call comes from inside the house. Cryptocurrency exchange Coinbase has disclosed that hackers paid off support agents—both employees and contractors located outside the U.S.—who had access to company systems to provide customer data and then demanded a $20 million ransom not Read more about Three Steps Coinbase Users Should Take After a Hack (bribe of support agents) Compromised One Million Accounts[…]

Charter airline helping Trump’s deportation campaign pwned

GlobalX, a charter airline used for deportations by the US government, has admitted someone broke into its network infrastructure. “On May 5, 2025, Global Crossing Airlines Group learned of unauthorized activity within its computer networks and systems supporting portions of its business applications, which the company determined to be the result of a cybersecurity incident,” Read more about Charter airline helping Trump’s deportation campaign pwned[…]

Hackers Manage To Take Control of Nissan Leaf’s Steering Remotely

Connected cars are great, as they let you communicate with other systems and devices via the internet, but connectivity opens the door to hacking. As it turns out, hacking a Nissan Leaf isn’t nearly as difficult as it might sound if you’ve got the right tools and the right knowledge. Researchers from Budapest-based PCAutomotive traveled Read more about Hackers Manage To Take Control of Nissan Leaf’s Steering Remotely[…]

Messaging App Used by Mike Waltz, Trump Deportation Airline GlobalX Both Hacked in Separate Breaches

TeleMessage, a communications app used by former Trump national security adviser Mike Waltz, has suspended services after a reported hack exposed some user messages. The breach follows controversy over Waltz’s use of the app to coordinate military updates, including accidentally adding a journalist to a sensitive Signal group chat. From the report: In an email, Read more about Messaging App Used by Mike Waltz, Trump Deportation Airline GlobalX Both Hacked in Separate Breaches[…]

1 Million customers from French Boulanger’s Customers Exposed Online for free

In a recent discovery, SafetyDetectives’ Cybersecurity Team stumbled upon a clear web forum post where a threat actor publicized a database allegedly belonging to Boulanger Electroménager & Multimédia purportedly exposing 5 Million of their customers. What is Boulanger Electroménager & Multimédia? Boulanger Electroménager & Multimédia is a French company that specializes in the sale of Read more about 1 Million customers from French Boulanger’s Customers Exposed Online for free[…]

NSA warns about “fast flux” – cycling IP addresses quickly lets attackers keep attacking

[…] fast flux. It allows decentralized networks operated by threat actors to hide their infrastructure and survive takedown attempts that would otherwise succeed. Fast flux works by cycling through a range of IP addresses and domain names that these botnets use to connect to the Internet. In some cases, IPs and domain names change every Read more about NSA warns about “fast flux” – cycling IP addresses quickly lets attackers keep attacking[…]

Personal info feared stolen from sperm bank California Crybank

[…]The IT break-in occurred between April 20 and April 22, last year, according to a notification filed this month with the US state’s attorney general’s office. California Cryobank spotted unauthorized activity on certain computers on April 21, isolated the affected machines, and launched an investigation. The sperm bank hasn’t disclosed how many individuals were affected, Read more about Personal info feared stolen from sperm bank California Crybank[…]

Cyberattack on nonprofit affects over 500k PA school workers

The Pennsylvania State Education Association (PSEA) says a July 2024 “security incident” exposed sensitive personal data on more than half a million individuals, including financial and health info. The nonprofit, which represents more than 178,000 education professionals in the US state of Pennsylvania, confirmed data was stolen during a July 6 attack. According to The Read more about Cyberattack on nonprofit affects over 500k PA school workers[…]

Thousands of TP-Link routers have been infected by a botnet to spread malware

According to a new report from the Cato CTRL team, the Ballista botnet exploits a remote code execution vulnerability that directly impacts the TP-Link Archer AX-21 router. The botnet can lead to command injection which then makes remote code execution (RCE) possible so that the malware can spread itself across the internet automatically. This high Read more about Thousands of TP-Link routers have been infected by a botnet to spread malware[…]

MINJA sneak attack poisons AI models for other chatbot users

[…] They call their technique MINJA, which stands for Memory INJection Attack. “Nowadays, AI agents typically incorporate a memory bank which stores task queries and executions based on human feedback for future reference,” Zhen Xiang, assistant professor in the school of computing at the University of Georgia, told The Register. “For example, after each session Read more about MINJA sneak attack poisons AI models for other chatbot users[…]

A well-funded Moscow-based global ‘news’ network has infected Western artificial intelligence tools worldwide with Russian propaganda

A Moscow-based disinformation network named “Pravda” — the Russian word for “truth” — is pursuing an ambitious strategy by deliberately infiltrating the retrieved data of artificial intelligence chatbots, publishing false claims and propaganda for the purpose of affecting the responses of AI models on topics in the news rather than by targeting human readers, NewsGuard Read more about A well-funded Moscow-based global ‘news’ network has infected Western artificial intelligence tools worldwide with Russian propaganda[…]

Undocumented commands (backdoor) found in ESP32 Bluetooth chip used by a billion devices

Update 3/9/25: After receiving concerns about the use of the term ‘backdoor’ to refer to these undocumented commands, we have updated our title and story. Our original story can be found here. The ubiquitous ESP32 microchip made by Chinese manufacturer Espressif and used by over 1 billion units as of 2023 contains undocumented commands that could Read more about Undocumented commands (backdoor) found in ESP32 Bluetooth chip used by a billion devices[…]

Apple’s Find My exploit lets hackers track any Bluetooth device

As explained by the researchers in a blog post, they have essentially found a way to turn any device such as a phone or laptop into an AirTag “without the owner ever realizing it.” After that, hackers could remotely track the location of that device. […] Although AirTag was designed to change its Bluetooth address Read more about Apple’s Find My exploit lets hackers track any Bluetooth device[…]

Bybit Loses $1.5B in Hack of single cold wallet

Cryptocurrency exchange Bybit has experienced $1.46 billion worth of “suspicious outflows,” according to blockchain sleuth ZachXBT. The wallet in question appears to have sent 401,346 ETH ($1.1 billion) as well as several other iterations of staked ether (stETH) to a fresh wallet, which is now liquidating mETH and stETH on decentralized exchanges, etherscan shows. The Read more about Bybit Loses $1.5B in Hack of single cold wallet[…]

Gravy Analytics sued for data breach containing location data of millions of smartphones

Gravy Analytics has been sued yet again for allegedly failing to safeguard its vast stores of personal data, which are now feared stolen. And by personal data we mean information including the locations of tens of millions of smartphones, coordinates of which were ultimately harvested from installed apps. A complaint [PDF], filed in federal court Read more about Gravy Analytics sued for data breach containing location data of millions of smartphones[…]

Apple chips can be hacked to leak secrets from Gmail, iCloud, and more in a browser

Apple-designed chips powering Macs, iPhones, and iPads contain two newly discovered vulnerabilities that leak credit card information, locations, and other sensitive data from the Chrome and Safari browsers as they visit sites such as iCloud Calendar, Google Maps, and Proton Mail. The vulnerabilities, affecting the CPUs in later generations of Apple A- and M-series chip Read more about Apple chips can be hacked to leak secrets from Gmail, iCloud, and more in a browser[…]

WhatsApp says journalists and civil society members were targets of Israeli spyware

Nearly 100 journalists and other members of civil society using WhatsApp, the popular messaging app owned by Meta, were targeted by spyware owned by Paragon Solutions, an Israeli maker of hacking software, the company alleged on Friday. The journalists and other civil society members were being alerted of a possible breach of their devices, with Read more about WhatsApp says journalists and civil society members were targets of Israeli spyware[…]

US healthcare provider data breach impacts 1 million patients

Community Health Center (CHC), a leading Connecticut healthcare provider, is notifying over 1 million patients of a data breach that impacted their personal and health data. The non-profit organization provides primary medical, dental, and mental health services to more than 145,000 active patients. CHC said in a Thursday filing with Maine’s attorney general that unknown Read more about US healthcare provider data breach impacts 1 million patients[…]

Trump Disbands Cybersecurity Board Investigating Worst Hack in US History: Massive Chinese Phone System Invasion

[…] We’re still nowhere near understanding just how bad the Chinese hack of our phone system was. The incident that was only discovered last fall involved the Chinese hacking group Salt Typhoon, which used the US’s CALEA phone wiretapping system as a backdoor to gain incredible, unprecedented access to much of the US’s phone system Read more about Trump Disbands Cybersecurity Board Investigating Worst Hack in US History: Massive Chinese Phone System Invasion[…]

Subaru Security Flaws Exposed Its System for Tracking, remote controlling Millions of Cars

About a year ago, security researcher Sam Curry bought his mother a Subaru, on the condition that, at some point in the near future, she let him hack it. It took Curry until last November, when he was home for Thanksgiving, to begin examining the 2023 Impreza’s internet-connected features and start looking for ways to Read more about Subaru Security Flaws Exposed Its System for Tracking, remote controlling Millions of Cars[…]