A source code repository allegedly stolen by a former employee of the Russian tech giant Yandex has been leaked online. A Yandex source code repository allegedly stolen by a former employee of the Russian IT giant has been leaked on a popular cybercrime forum. The announcement published on BreachForums includes a magnet link to the alleged […]

The list, which was discovered by a Swiss hacker, contains names and birth dates and over 1 million entries.

SweepWizard, an app that law enforcement used to coordinate raids, left sensitive information about hundreds of police operations publicly accessible.

After inadvertently finding that InfoSys leaked an AWS key on PyPi I wanted to know how many other live AWS keys may be present on Python package index. After scanning every release published to PyPi I found 57 valid access keys from organisations like:

Amazon themselves 😅
Intel
Stanford, Portland and Louisiana University
The Australian Government
General Atomics fusion department
Terradata
Delta Lake
And Top Glove, the worlds largest glove manufacturer 🧤

Confidential details including child passport scans and SEN data is published online, the BBC finds.

No passwords, but plenty of stuff for social engineering and doxxing

Music-streaming service Deezer has owned up to a data breach, after hackers managed to steal the data of over 200 million of its users.

Suite à un piratage, Adecco a lancé début novembre une enquête. La société donne de plus amples informations : « certaines de vos données personnelles présentes dans un de nos systèmes d’informations (noms, prénoms, adresses email...

InfraGard, a program run by the U.S. Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up…

Une fuite de données secoue le monde politique zurichois, à deux mois des élections cantonales. Entre 2006 et 2012, un ancien prestataire informatique du Département de la justice a omis d'effacer des données parfois sensibles sur des ordinateurs remplacés.

Someone is allegedly selling up-to-date mobile phone numbers of nearly 500 million WhatsApp users. A data sample investigated by Cybernews likely confirms this to be true.

A 500-page document reviewed by WIRED shows Corellium engaged with several controversial companies, including spyware maker NSO Group.

Microsoft Office 365 Message Encryption (OME) utilitises Electronic Codebook (ECB) mode of operation. This mode is insecure and leaks information about the structure of the messages sent and can lead to partial or full message disclosure.

Intel confirms that 6GB of proprietary BIOS source code for its Alder Lake processors was leaked to the public.

Hackers infiltrated the Mexican Defense Ministry, publishing millions of emails that detail the military’s growing influence over the civilian government.

Hackers released data from Los Angeles Unified School District on Saturday, a day after Supt. Alberto Carvalho said he would not negotiate with or pay a ransom to the criminal syndicate.

A Sydney man, 19, has been charged for allegedly attempting to misuse stolen Optus customer data in a text message blackmail scam.

The LockBit ransomware operation has suffered a breach, with an allegedly disgruntled developer leaking the builder for the gang's newest encryptor.

One of the things Apple cares about in terms of its bug bounty program is your location data. Apple rightly categorizes real-time or historical precise location data as "sensitive data" which in some cases qualifies for a significant monetary award.

Some of the largest websites in the world have exposure to sending Google and Microsoft sensitive user PII, including username, email, and passwords