500 MB di Passaporti italiani gratis online: cosa c’è dietro il leak di Anonymous

📌 Link all'articolo : www.redhotcyber.com/post/500-mb-...

A cura di Carolina Vivianti

#redhotcyber #news #cybersecurity #hacking #dataleak #phishing #sicurezzainformatica #protezionedatipersonali

Ransom! RAKS Sp. z o.o. b Leaked (APR-2026) The ransomware claim by coinbasecartel targets RAKS Sp. z o.o., alleging data exfiltration and a leaked data dump. The claim suggests the incident involves the leakage of sensitive information with potential public release, and indicates Poland as the impacted country. #Poland

Ransomware group coinbasecartel claims data exfiltration and leak from RAKS Sp. z o.o. b in Poland. Sensitive information reportedly exposed with potential public release. #RansomwareAttack #DataLeak #Poland

Anthropic's Claude source code leaked due to internal error, exposing 512,000 lines of proprietary code. Company assures no customer data compromised. #Anthropic #Claude #DataLeak #AI Link: thedailytechfeed.com/anthropic-so...

Universidad del Cauca Suffers Data Breach Exposing PII An alleged data breach has exposed an administrative database dump affecting Universidad del Cauca, reportedly extracted from the Ministry of National Education’s portal targeting the SNIES/HECAA system and containing 3,754 records. The leak includes structured CSV files with student, alumni, university leadership, and user account data—exposing personal identifiers, contact details, academic...

A data breach compromised Universidad del Cauca’s administrative database, exposing 3,754 records from the Ministry of Education’s SNIES/HECAA portal. Leaked data includes personal info, academic records, and access logs. #DataLeak #Colombia

“ChatGPT Ad Blocker” Extension Caught Harvesting Your Private Conversations Security researchers discovered a malicious Chrome extension called “ChatGPT Ad Blocker” that posed as an ad-blocking utility while systematically harvesting full ChatGPT conversation pages. The extension clones the page DOM, preserves most text content, bundles prompts and metadata into a page dump, and exfiltrates it to a private Discord channel via...

A malicious Chrome extension named “ChatGPT Ad Blocker” was found harvesting full ChatGPT conversation pages by cloning the DOM and sending data to a private Discord channel. #DataLeak #ChromeExtension #India

PaidWork Data Breach Exposes 22 Million User Records PaidWork, a popular online monetization and micro-task platform, has allegedly been breached, exposing an approximately 11GB database containing sensitive records for about 22 million users. The dataset—reported for sale on a cybercrime forum for BTC/ETH/XMR—includes personal details, hashed passwords, banking and PayPal information, cryptocurrency wallet addresses, billing addresses, IPs, and demographic...

PaidWork data breach exposes 22 million user records in an 11GB leak, revealing names, emails, hashed passwords, banking info, PayPal details, crypto wallets, IPs, and demographics for sale on cybercrime forums. #DataLeak #CryptoTheft #PaidWork

Xiamen Tungsten Co. Data Breach by Beast Ransomware The Beast ransomware group claims to have breached Xiamen Tungsten Co., Ltd. and is offering the company’s full infrastructure dump for sale for 20 Bitcoin. The actor alleges more than 150GB of SQL backups were exfiltrated, including full PII and payroll, SSO credentials and network tokens, ERP blueprints, lab chemical formulas...

Beast ransomware claims a breach of Xiamen Tungsten Co., offering 150GB+ of SQL backups for 20 BTC. Data includes PII, payroll, SSO tokens, ERP blueprints, chemical formulas, and more. #BeastRansomware #China #DataLeak

Nurture Life Data Breach Exposes Customer and Children PII Nurture Life, a subscription-based direct-to-door meal service for babies, toddlers, and kids, has allegedly been compromised and a comprehensive archive of its internal database was leaked online by an unknown party. The leak reportedly exposes sensitive customer and dependent information including full names, email addresses, children's dates of birth, dietary preferences...

Nurture Life meal service faces a data breach exposing sensitive info including customer and children’s full names, DOBs, dietary prefs, and account details. Impact spans families relying on meal subscriptions. #DataLeak #ChildPrivacy #USA

The Great Claude Code Leak of 2026: Accident, Incompetence, or the Best PR Stunt in AI History? TL;DR: On March 31, 2026, Anthropic accidentally shipped the entire source code of Claude Code to the...

CLAUDEs SOURCE CODE JUST GOT LEAKED!
(NOT A PRANK... at least I think so.)
#claude #anthropic #leak #leaked #dataleak #sourcecode
dev.to/varshithvheg...

Alleged Breach of Smarteez Exposes Full Production Database for L'Oreal Morocco Including 296 Pharmacies, 361K Sales Records, OAuth Secrets, and Competitive Intelligence Across Four L'Oreal Brands Threat actor xNov leaked the full production database of Smarteez, the digital factory operating for L'Oreal Morocco, exposing operational data for La Roche-Posay, Vichy, CeraVe, and Dercos from mid-2023 to early 2026. The public leak includes 296 pharmacies, over 361,000 sales analytics records, OAuth2 client IDs with 128-character plaintext client secrets,...

xNov leaked Smarteez’s full production database for L’Oreal Morocco, exposing data from 296 pharmacies, 361K+ sales records, OAuth secrets, user accounts, and competitive intelligence across La Roche-Posay, Vichy, CeraVe, and Dercos. #DataLeak #LOréal

Vantage Media AI Investigates 381GB Data Breach Vantage Media AI, a provider of AI-powered predictive analytics and customer data platforms, has allegedly been compromised and a 381 GB MongoDB server dump belonging to the company has been listed for sale for $15,000. The seller claims the March 27, 2026 breach includes full access logs and consolidated files containing...

A 381 GB MongoDB dump from Vantage Media AI, containing over 628M emails and 51M phone numbers, was breached on March 27, 2026, and is listed for sale at $15,000. #DataLeak #AIAnalytics #USA

Anthropic's Claude Code source code leaked via npm registry misconfiguration, exposing proprietary TypeScript code. #CyberSecurity #DataLeak #Anthropic #ClaudeCode Link: thedailytechfeed.com/anthropics-c...

interesting slip-up. good that no user data got out, that's the big one. still, a good reminder for ops teams everywhere to double check internal configs. you can check if your info's turned up in other breaches via Lunar, it's free: https://lunarcyber.com/ #DataLeak

Cisco Systems Inc Investigating Major Data Breach by ShinyHunters The ShinyHunters extortion group claims to have breached Cisco Systems, alleging three separate intrusions affecting UNC6040, Salesforce Aura, and Cisco AWS accounts, with screenshots showing unauthorized access to an AWS Management Console for the Cisco Crosswork Network Controller and hundreds of internal storage volumes. The actor demands Cisco contact them by...

ShinyHunters claims three breaches at Cisco, targeting UNC6040, Salesforce Aura, and AWS accounts. Threatens to leak 3M+ Salesforce records and disrupt further if not contacted by April 3, 2026. #DataLeak #CloudBreach #USA

AVC-Livestock Data Breach Exposes Afghan Supply Chain Users AVC-Livestock (avc-livestock.com), an Afghan agricultural platform, allegedly suffered a data breach exposing records on specialized farmers, agribusiness contacts, and personnel across provinces including Kabul, Kandahar, Balkh, and Bamyan. The compromised database of about 284,000 unique users — containing full names, email addresses, phone numbers, location details, and Tazkira numbers — is...

AVC-Livestock, an Afghan agricultural platform, experienced a data breach exposing 284,000 users’ full names, emails, phone numbers, locations, and Tazkira numbers. The data is for sale at $300. #DataLeak #Afghanistan #Agriculture

Anthropic's Mythos Model Exposed by CMS Misconfiguration A default-public setting in Anthropic's CMS accidentally exposed 3,000 unpublished assets, including a draft blog post revealing Claude Mythos - a new flagship model the company says poses serious cybersecurity risks.

Anthropic's Mythos Model Exposed by CMS Misconfiguration

awesomeagents.ai/news/anthropic-mythos-ca...

#Anthropic #Claude #DataLeak

Alleged Dataset Leak of Canva Exposes 900,000 User Records With Bcrypt Passwords, OAuth Providers, and Design Platform Usage Data A threat actor known as xorcat has posted an alleged Canva dataset containing 900,000 user records as a free download on an online forum, accompanied by a 20-record sample to demonstrate authenticity. The dump includes bcrypt ($2y$10$) hashed passwords, OAuth provider links (Google/Facebook/Email), account identifiers, and platform usage metadata that could...

A threat actor named xorcat leaked an alleged Canva dataset with 900,000 user records, including bcrypt hashed passwords, OAuth links, account IDs, and platform usage data exposing enterprise and third-party accounts. #DataLeak #OAuth #Australia

Threat Actor Selling Email Credentials for Israeli Government Agencies, Organizations, and International Targets Including Israel Police, Ministry of Justice, and Quebec Education Board A threat actor known as swag is advertising stolen email credentials from multiple Israeli government agencies, Israeli organizations, and international targets on the open web. Compromised accounts include Israel Police, the Ministry of Justice, and the Quebec Central Board of Education, posing high-severity risks like spear-phishing and unauthorized access to sensitive...

Threat actor “swag” is selling stolen email credentials from Israeli government bodies including Israel Police, Ministry of Justice, and Quebec Education Board, risking sensitive data exposure and targeted attacks. #Israel #DataLeak

Anthropic Leaks Claude Source Code Anthropic's Claude code leak reported Mar 31, 2026; dozens of mirrors remained within 24 hours, forcing customers to demand audits and tighter SLAs.

Anthropic Leaks Claude Source Code: Anthropic's Claude code leak reported Mar 31, 2026; dozens of mirrors remained within 24 hours, forcing customers to demand audits and tighter SLAs. 👈 Read full analysis #Anthropic #Claude #SourceCode #DataLeak #CyberSecurity

Ransom! Dean Supply (MAR-2026) Dean Supply, a US-based provider of restaurant supplies and equipment, reports a ransomware claim by threat actor akira, with a threat to release 15 GB of corporate data. The alleged data includes employee information, NDAs, financials, contracts, and project documents #UnitedStates

Dean Supply, a US restaurant supply provider, hit by ransomware actor akira threatening to release 15 GB of sensitive data including employee info, contracts, and financials. Incident uncovered March 31, 2026. #RansomwareAttack #DataLeak

Anthropic's Mythos Model Exposed by CMS Misconfiguration A default-public setting in Anthropic's CMS accidentally exposed 3,000 unpublished assets, including a draft blog post revealing Claude Mythos - a new flagship model the company says poses serious cybersecurity risks.

Anthropic's Mythos Model Exposed by CMS Misconfiguration

awesomeagents.ai/news/anthropic-mythos-ca...

#Anthropic #Claude #DataLeak

Yksi prompt riitti: ChatGPT saattoi vuotaa dataa ilman varoituksia

Yksi prompt riitti: Chat GPT saattoi vuotaa dataa ilman varoituksia

etn.fi/index.php/13...

#Kyberturvallisuus #AI #DataLeak

Ransom! Efficy - 43gb leaked (MAR-2026) Efficy, a Belgian CRM software provider, is the claimed victim in a ransomware incident involving the actor 'coinbasecartel' that allegedly leaked 43 GB of data. The claim, described as [AI generated], ties the breach to Belgium and cites data exfiltration as the motive behind the leak. #Belgium

Belgian CRM provider Efficy suffers a ransomware attack by actor coinbasecartel, resulting in a 43 GB data leak. Incident highlights data exfiltration motives targeting tech firms. #Belgium #DataLeak #Ransomware

ChatGPT Data Leakage via a Hidden Outbound Channel in the Code Execution Runtime Check Point Research discovered a hidden DNS-based outbound channel from ChatGPT’s isolated code-execution runtime that could silently exfiltrate user messages, uploaded files, and model-generated outputs. A single malicious prompt or a backdoored custom GPT could exploit this channel to leak sensitive data and even establish a remote shell inside the Linux runtime. #ChatGPT #CheckPointResearch

Check Point Research uncovered a hidden DNS-based outbound channel in ChatGPT’s code execution runtime that can silently leak messages, files, and outputs via a single malicious prompt, risking data exposure. #DataLeak #AIExploitation #Israel

ChatGPT Runtime Data Leakage

~Checkpoint~
A DNS tunneling flaw in ChatGPT's code execution runtime allowed silent data exfiltration and remote shell access via malicious prompts.
-
IOCs: (None identified)
-
#ChatGPT #DataLeak #ThreatIntel

Clickrent.es Suffers Alleged 2.5 Million Record Data Breach Clickrent.es appears to have been breached, with an anonymous actor offering a dataset of roughly 2.5 million records for sale. The leak reportedly contains over 100GB of KYC files, internal documents, customer JSONL data, and sensitive personal and financial details. #ClickrentES #KYC...

An anonymous actor is selling ~2.5M records from Clickrent.es, including 100GB+ of KYC files, customer data, internal documents, and sensitive info like national IDs and passwords exposed. #DataLeak #Spain #InfoBreach

Ukraine Inclusive Resource Center Suffers Data Breach The Inclusive Resource Center (ircenter.gov.ua), a Ukrainian state portal for children with special educational needs, has reportedly been breached and a database of roughly 300,000 unique records was advertised for sale on a hacker forum. The sample indicates the leak contains highly sensitive PII for minors and their parents or guardians,...

A data breach at Ukraine’s Inclusive Resource Center exposed about 300,000 records containing sensitive info on children with special needs and their families, including IDs and addresses. #Ukraine #DataLeak #SpecialNeeds

Ransom! GYF (MAR-2026) The ransomware claim from threat actor sarcoma targets GYF and alleges a data breach involving the exfiltration of 1.5 TB, including SQL databases, from a company that designs and develops IT products and services for the financial market. The attack is tied to Argentina as the geo location, and the leak is described as 1.5 TB containing SQL, with the impacted country(s) shown as #Argentina

Ransomware group Sarcoma claims breach of GYF, an IT firm serving the financial sector, leaking 1.5 TB of data including SQL databases. Incident linked to Argentina. #DataLeak #FinancialIT #Argentina

Image

A fascinating take on the Anthropic data leak: this piece dives into the leaked details of Claude Mythos, future AI model tiers, and security concerns. See link below. #AI #Anthropic #dataleak
mashable.com/article/claude-mythos-ai...

Members Cointelegraph The leader in Bitcoin, Ethereum & blockchain news. Markets & Research: @CointelegraphMT

🇬🇧 ALERT: An IT glitch at Lloyds Banking Group exposed the transaction data and personal details of nearly 450,000 customers.

animalverse.social/community/p/...

#Lloyds #DataBreach #CyberSecurity #DataLeak #Banking #Privacy #TechNews #Security #ITGlitch #BreakingNews