Tag: MONITOR

Massive Database Leak Available Online
Victim: Unknown | unknown Price: Free Exfiltrated Data Type: Potentially personal, financial, or corporate information

Key Points :

Leaked database made available in an online thread titled “FREE take it or go away lol.” Exact contents and extent of the data remain unclear. Raises concerns about unauthorized data sharing and risks to privacy and cybersecurity.…
Read More
AudioPrints.com Database Reportedly Exposed
Victim: AudioPrints.com | AudioPrints.com Price: Not disclosed Exfiltrated Data Type: Sensitive user information (email addresses, usernames, account details)

Key Points :

Reported data breach involving AudioPrints.com, an online audio solutions platform. Entire database allegedly exposed, raising concerns about user privacy and data security. Leaked data includes sensitive information such as email addresses, usernames, and account details.…
Read More
Data Breach at DuxHumanHealth.com in the United States
Victim: DuxHumanHealth.com | DuxHumanHealth.com Price: Not disclosed Exfiltrated Data Type: Personal details, medical records, healthcare-related information

Key Points :

Data breach involving the database of DuxHumanHealth.com. Leaked data includes sensitive user information and medical records. Significant privacy risks due to exposure of personal identifiers. Potential for identity theft and fraudulent activities.…
Read More
Magic Trick Shop Database Reportedly Leaked
Victim: Happy Magic | Happy Magic Price: Not disclosed Exfiltrated Data Type: Customer information (names, email addresses, payment information)

Key Points :

Data breach reported at Happy Magic, a Russian magic tricks shop. Exposed sensitive customer information raises concerns about data privacy. Compromised database includes names, email addresses, and potentially payment information.…
Read More
The Most Active Threat Actors of Q1 2025: An In-Depth Analysis
In Q1 2025, various cyber threat actors, including state-sponsored groups and ransomware operators, have intensified their activities, targeting critical infrastructure and private entities globally. Notable groups include Volt Typhoon, Salt Typhoon, RansomHub, Andariel, and emerging hacktivist collectives. Organizations are urged to adopt robust defense strategies to mitigate these threats.…
Read More
PEAKLIGHT: Illuminating the Shadows
PEAKLIGHT is an obfuscated PowerShell downloader identified by Mandiant that delivers malware-as-a-service infostealers through Microsoft Shortcut Files. It utilizes a JavaScript dropper hosted on a CDN to execute malicious payloads, including LummaC2, HijackLoader, and CryptBot. The campaign highlights the use of legitimate tools for malware delivery while evading detection.…
Read More
Analysis of Malicious WebDav Activity on Namecheap
Recent investigations highlight the misuse of legitimate hosting platforms like Namecheap for cybercrime activities, specifically involving a malware loader called MetaStealer. The incident showcases how threat actors exploit services like WebDav Opendir to conduct malicious operations. Affected: Namecheap, WebDav Opendir

Keypoints :

Malicious activities leveraging WebDav Opendir hosted on Namecheap.…
Read More
Chinas UNC5337 Exploits a Critical Ivanti RCE Bug, Again
Summary: A Chinese threat actor, UNC5337, is exploiting critical vulnerabilities in Ivanti remote access devices, particularly targeting the Connect Secure and Policy Secure gateways. Despite Ivanti’s efforts to enhance security, the group has successfully deployed sophisticated malware to compromise affected systems.

Threat Actor: UNC5337 | UNC5337 Victim: Ivanti | Ivanti

Key Point :

UNC5337 has exploited CVE-2025-0282, a critical vulnerability allowing code execution without authentication.…
Read More
On the CaseDetecting and mitigating adversary-in-the-middle phishing attacks with Darktrace ServicesbyJustin Torres
Adversary-in-the-Middle (AiTM) phishing kits, particularly the Mamba 2FA, represent a significant evolution in phishing tactics, enabling attackers to intercept and manipulate communications in real-time. These kits create convincing decoy pages that mimic legitimate services, allowing for the harvesting of sensitive information, including multi-factor authentication tokens. The rise of Phishing-as-a-Service (PhaaS) platforms has made these sophisticated attacks more accessible to cybercriminals.…
Read More
Colombia: Data Breach at lecoqsportif.com.co
Victim: lecoqsportif.com.co | lecoqsportif.com.co Price: Not disclosed Exfiltrated Data Type: Personal Identifiers, Email Addresses, Financial Details

Key Points :

Significant data breach affecting lecoqsportif.com.co. Potential exposure of the entire database, including sensitive user information. Compromised data includes names, email addresses, and possibly financial details. Highlights the growing risks faced by e-commerce platforms.…
Read More
Chile: Data Breach at Informaticarecoleta.cl
Victim: Informaticarecoleta.cl | Informaticarecoleta.cl Price: Not disclosed Exfiltrated Data Type: Sensitive user information

Key Points :

Data breach involving the website informaticarecoleta.cl. Full database allegedly exposed, including sensitive user information. Leaked data includes names, contact details, and other personal records. Concerns raised about data privacy and security practices.…
Read More
STIIIZY data breach exposes cannabis buyers’ IDs and purchases
Summary: STIIIZY, a popular cannabis brand, disclosed a data breach involving the theft of sensitive customer information through a compromised point-of-sale vendor. The breach affected numerous customers, exposing personal details such as government IDs and transaction histories.

Threat Actor: Everest Ransomware Gang | Everest Victim: STIIIZY | STIIIZY

Key Point :

Data breach occurred after hackers compromised STIIIZY’s point-of-sale vendor.…
Read More
Tails 6.11 Fixes Exploitable Vulnerabilities with Critical Security Patches
Summary: The Amnesic Incognito Live System (Tails) has released version 6.11 to address critical security vulnerabilities identified during an external audit. These vulnerabilities, while requiring prior exploitation, could have led to significant privacy breaches, prompting the Tails team to recommend an immediate upgrade for users.

Threat Actor: Unknown | unknown Victim: Tails Users | Tails Users

Key Point :

Critical vulnerabilities in Tails 6.10 and earlier versions could allow persistent malware installation via Tails Upgrader.…
Read More