Experts found an unsecured 16TB database containing 4.3B professional records
Security researchers discovered a publicly accessible 16TB database that contained about 4.3 billion professional records, including names, emails, phone numbers, job histories, and other personal data. The database was secured only after being reported, but it had been exposed for weeks, creating risks for large‑scale social‑engineering and credential‑stuffing attacks.
[Askul says 740,000 sets of data breached in cyberattack…
Experts found an unsecured 16TB database containing 4.3B professional records
Security researchers discovered a publicly accessible 16TB database that contained about 4.3 billion professional records, including names, emails, phone numbers, job histories, and other personal data. The database was secured only after being reported, but it had been exposed for weeks, creating risks for large‑scale social‑engineering and credential‑stuffing attacks.
Askul says 740,000 sets of data breached in cyberattack
Japanese office supplies retailer Askul confirmed that a ransomware incident led to the leakage of about 740,000 records belonging to customers, corporate clients, and employees. Although no credit card data was reported compromised, the information posted on a ransomware site raises concerns about identity misuse and follow‑on fraud.
New Advanced Phishing Kits Use AI and MFA Bypass Tactics to Steal Credentials at Scale
Security researchers have documented four new phishing kits—BlackForce, GhostFrame, InboxPrime AI, and Spiderman, that leverage AI techniques and multi‑factor authentication bypass capabilities for large‑scale credential harvesting. These kits represent an escalation in phishing sophistication and automation, potentially increasing the success rate of targeted campaigns.
National cybercrime network operating for 14 years dismantled in Indonesia
Malanta.ai researchers took down a massive cybercrime network in Indonesia that had operated for over 14 years, controlling hundreds of thousands of compromised domains and Android malware dropper/backdoor apps. The infrastructure was used for illicit activities including credential theft and redirecting traffic, showing the longevity and scale sophisticated threat ecosystems can achieve.
CISA Reports PRC Hackers Using BRICKSTORM for Long‑Term Access in U.S. Systems
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) published findings on a sophisticated backdoor called BRICKSTORM, used by China‑linked actors to maintain stealthy persistence in VMware and Windows environments. The malware can provide interactive access and blend malicious traffic into normal network activity.