BeyondMachines :verified:<p>DOGE Employee exposes AI API Keys in source code, giving access to advanced xAI models</p><p>A Department of Government Efficiency (DOGE) employee exposed a private xAI API key on GitHub, providing unauthorized access to over 52 large language models. This is very concerning given the employee's extensive access to sensitive systems across multiple government agencies in the USA. This marks the second such xAI key exposure by DOGE personnel in recent months, indicating a pattern of operational security failures that indicate a broken security culture within the organization.</p><p>**Build a culture of not saving API keys, passwords, or any secrets directly into your code. Use environment variables or proper secret management tools instead. If leaking API key becomes a practice, consider stronger discipline and awareness measures, paired with technical scanners to detect secrets in code.**<br><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/incident" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incident</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a><br><a href="https://beyondmachines.net/event_details/doge-employee-exposes-ai-api-keys-in-source-code-giving-access-to-advanced-xai-models-k-l-q-0-o/gD2P6Ple2L" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">beyondmachines.net/event_detai</span><span class="invisible">ls/doge-employee-exposes-ai-api-keys-in-source-code-giving-access-to-advanced-xai-models-k-l-q-0-o/gD2P6Ple2L</span></a></p>
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
270active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.1
#dataleak
1 post · 1 participant · 0 posts today
Cybernews<p>McHire, McDonald's hiring chatbot platform, was protected by a default "123456" password</p><p>Read more: <a href="https://cnews.link/mcdonalds-mchire-chatbot-data-leak-8/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cnews.link/mcdonalds-mchire-ch</span><span class="invisible">atbot-data-leak-8/</span></a> <br><a href="https://infosec.exchange/tags/McDonalds" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>McDonalds</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/chatbot" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>chatbot</span></a> <a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AI</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a></p>
Dissent Doe :cupofcoffee:<p>In August 2020, <span class="h-card" translate="no"><a href="https://infosec.exchange/@SchizoDuckie" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>SchizoDuckie</span></a></span> and I published what was to become the first of a series of articles or posts called "No Need to Hack When It's Leaking."</p><p>In today's installment, I bring you "No Need to Hack When It's Leaking: Brandt Kettwick Defense Edition." It chronicles efforts by <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span>, <span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span>, and I to alert a Minnesota law firm to lock down their exposed files, some of which were quite sensitive.</p><p>Read the post and see how even the state's Bureau of Criminal Apprehension had trouble getting this law firm to respond appropriately. </p><p><a href="https://databreaches.net/2025/07/04/no-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/07/04/no</span><span class="invisible">-need-to-hack-when-its-leaking-brandt-kettwick-defense-edition/</span></a></p><p>Great thanks to the Minnesota Bureau of Criminal Apprehension for their help on this one, and to <span class="h-card" translate="no"><a href="https://infosec.exchange/@TonyYarusso" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>TonyYarusso</span></a></span> and <span class="h-card" translate="no"><a href="https://hachyderm.io/@bkoehn" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bkoehn</span></a></span> for their efforts. </p><p><a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/misconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>misconfiguration</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/incidentmanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentmanagement</span></a> <a href="https://infosec.exchange/tags/responsibledisclosure" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>responsibledisclosure</span></a> <a href="https://infosec.exchange/tags/securityalert" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>securityalert</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a></p>
Morpheus Being<p><a href="https://aus.social/tags/australia" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>australia</span></a> <a href="https://aus.social/tags/Qantas" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Qantas</span></a> <a href="https://aus.social/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataLeak</span></a> <a href="https://aus.social/tags/Hack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hack</span></a> <a href="https://aus.social/tags/MWM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MWM</span></a></p><p><a href="https://michaelwest.com.au/news/legal-risk-on-qantas-radar-as-hack-victims-face-scams/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">michaelwest.com.au/news/legal-</span><span class="invisible">risk-on-qantas-radar-as-hack-victims-face-scams/</span></a></p>
Dissent Doe :cupofcoffee:<p>When Cybernews published an article about a 16 billion credentials leak, some of us strongly criticized the article as irresponsible and misleading journalism. Although some people have tried to suggest that the Cybernews article had some value in highlighting infostealers, the article was so riddled with falsehoods and misleading statements that the confusion and misunderstandings it created outweighs any benefit one might try to ascribe to it.</p><p>To his credit, <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> and a colleague have taken the time to analyze the datasets used in Cybernews‘ reporting and to fact-check their reporting with actual data and proof from their own research. </p><p>He has now written up their findings, in which they identified no less than five significant false claims by Cybernews. You can read his report here:</p><p><a href="https://jltee.substack.com/p/fact-checking-claims-by-cybernews" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">jltee.substack.com/p/fact-chec</span><span class="invisible">king-claims-by-cybernews</span></a></p><p><a href="https://infosec.exchange/tags/journalism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>journalism</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/infostealers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infostealers</span></a></p>
Dissent Doe :cupofcoffee:<p>With great thanks to <span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span> and <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> and others who assisted or tried to, including Rogers ISP and law enforcement in Canada, we can finally say:</p><p>Bolton Walk-In Clinic patient data leak locked down! </p><p>Read about this very frustrating effort to get exposed patient data locked down:</p><p><a href="https://databreaches.net/2025/06/30/bolton-walk-in-clinic-patient-data-leak-locked-down-finally/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/30/bo</span><span class="invisible">lton-walk-in-clinic-patient-data-leak-locked-down-finally/</span></a></p><p><a href="https://infosec.exchange/tags/healthsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>healthsec</span></a> <a href="https://infosec.exchange/tags/PHIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHIPA</span></a> <a href="https://infosec.exchange/tags/HIPA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>HIPA</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/incidentresponse" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>incidentresponse</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a></p>
nemo™ 🇺🇦<p>Another "record" password leak? 🤔 Turns out the 16B password dump is just recycled data! 🔄 Stay sharp, don’t fall for the hype. Read more here: <a href="https://cyberinsider.com/16-billion-passwords-dump-hyped-as-record-leak-is-just-recycled-data/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cyberinsider.com/16-billion-pa</span><span class="invisible">sswords-dump-hyped-as-record-leak-is-just-recycled-data/</span></a> <a href="https://mas.to/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mas.to/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataLeak</span></a> <a href="https://mas.to/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a></p>
JayeLTee<p>US Forensic Lab was leaking phone data extracts for multiple cases, including ongoing ones.</p><p>Likely the most sensitive data I've found exposed to date, with links to the DOJ in Montana.</p><p>Thanks again to <span class="h-card" translate="no"><a href="https://infosec.exchange/@masek" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>masek</span></a></span> and <span class="h-card" translate="no"><a href="https://infosec.exchange/@PogoWasRight" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>PogoWasRight</span></a></span> for helping get the message to the people responsible for this one.</p><p><a href="https://jltee.substack.com/p/forensic-lab-with-links-to-montana-doj-leaks-phone-extracts" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">jltee.substack.com/p/forensic-</span><span class="invisible">lab-with-links-to-montana-doj-leaks-phone-extracts</span></a></p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/unitedstates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>unitedstates</span></a> <a href="https://infosec.exchange/tags/usa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>usa</span></a> <a href="https://infosec.exchange/tags/us" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>us</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/leak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>leak</span></a> <a href="https://infosec.exchange/tags/evidence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>evidence</span></a> <a href="https://infosec.exchange/tags/phone" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>phone</span></a> <a href="https://infosec.exchange/tags/forensics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>forensics</span></a> <a href="https://infosec.exchange/tags/data" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>data</span></a></p>
Dissent Doe :cupofcoffee:<p>As much as I generally detest claims that something should be a wake-up call, <span class="h-card" translate="no"><a href="https://infosec.exchange/@lawrenceabrams" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>lawrenceabrams</span></a></span> response to <span class="h-card" translate="no"><a href="https://infosec.exchange/@cybernews" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>cybernews</span></a></span> "16 billion" story really should be a wake-up call for any news outlets who repeat any claims of discovered leaks or breaches by Cybernews. </p><p>See <a href="https://www.bleepingcomputer.com/news/security/no-the-16-billion-credentials-leak-is-not-a-new-data-breach/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/no-the-16-billion-credentials-leak-is-not-a-new-data-breach/</span></a></p><p>DataBreaches.net will no longer link to Cybernews unless there is some reliable source that confirms that their claims are accurate and that they are not just reporting on leaks that they haven't even seriously tried to get locked down before they report on it. </p><p>Comments:<br><a href="https://databreaches.net/2025/06/20/no-the-16-billion-credentials-leak-is-not-a-new-data-breach-a-wake-up-call-about-fake-news/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">databreaches.net/2025/06/20/no</span><span class="invisible">-the-16-billion-credentials-leak-is-not-a-new-data-breach-a-wake-up-call-about-fake-news/</span></a></p><p><a href="https://infosec.exchange/tags/journalism" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>journalism</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/infostealers" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infostealers</span></a> <a href="https://infosec.exchange/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passwords</span></a> <a href="https://infosec.exchange/tags/hype" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hype</span></a> <a href="https://infosec.exchange/tags/clickbait" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>clickbait</span></a> <a href="https://infosec.exchange/tags/ethics" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ethics</span></a></p><p><span class="h-card" translate="no"><a href="https://cyberplace.social/@GossiTheDog" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>GossiTheDog</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@JayeLTee" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>JayeLTee</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@dangoodin" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>dangoodin</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.green/@gcluley" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>gcluley</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@brianhonan" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>brianhonan</span></a></span></p>
Petra van Cronenburg<p>"Cybercriminals now have unprecedented access to personal credentials and could exploit them for account takeovers, identity theft, and targeted phishing attacks. This is fresh, weaponizable intelligence at scale,” researchers said.</p><p><a href="https://cybernews.com/security/billions-credentials-exposed-infostealers-data-leak/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cybernews.com/security/billion</span><span class="invisible">s-credentials-exposed-infostealers-data-leak/</span></a></p><p><a href="https://mastodon.online/tags/cyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberSecurity</span></a> <a href="https://mastodon.online/tags/passwords" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>passwords</span></a> <a href="https://mastodon.online/tags/dataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataLeak</span></a> <a href="https://mastodon.online/tags/cyberCrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cyberCrime</span></a></p>
Europe Says<p><a href="https://www.europesays.com/2178535/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">europesays.com/2178535/</span><span class="invisible"></span></a> 16 Milliarden Zugangsdaten: Kein neuer Leak, viele alte Daten <a href="https://pubeurope.com/tags/alt" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>alt</span></a> <a href="https://pubeurope.com/tags/Cybernews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybernews</span></a> <a href="https://pubeurope.com/tags/Dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Dataleak</span></a> <a href="https://pubeurope.com/tags/deutschland" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>deutschland</span></a> <a href="https://pubeurope.com/tags/Elasticsearch" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Elasticsearch</span></a> <a href="https://pubeurope.com/tags/germany" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>germany</span></a> <a href="https://pubeurope.com/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IT</span></a> <a href="https://pubeurope.com/tags/Nachrichten" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Nachrichten</span></a> <a href="https://pubeurope.com/tags/Remix" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Remix</span></a> <a href="https://pubeurope.com/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a></p>
Marcel SIneM(S)US<p>CCC: Gesammelte Ausweisdaten von Übernachtungsdienstleister Numa gefunden | heise online <a href="https://www.heise.de/news/Uebernachtungsdienstleister-Numa-CCC-findet-gesammelte-Ausweisdaten-10441317.html" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">heise.de/news/Uebernachtungsdi</span><span class="invisible">enstleister-Numa-CCC-findet-gesammelte-Ausweisdaten-10441317.html</span></a> <a href="https://social.tchncs.de/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataLeak</span></a> <a href="https://social.tchncs.de/tags/Datenleck" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Datenleck</span></a> <a href="https://social.tchncs.de/tags/Datenschutz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Datenschutz</span></a> <a href="https://social.tchncs.de/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a></p>
𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕<p>The Meta AI app is a privacy disaster</p><p>It sounds like the start of a 21st-century horror film: Your browser history has been public all along, and you had no idea. That’s basically what it feels like right now on the new stand-alone Meta AI app, where swathes of people are publishing their ostensibly private conversations with the chatbot. […]</p><p>😬 <a href="https://techcrunch.com/2025/06/12/the-meta-ai-app-is-a-privacy-disaster/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">techcrunch.com/2025/06/12/the-</span><span class="invisible">meta-ai-app-is-a-privacy-disaster/</span></a></p><p><a href="https://chaos.social/tags/MetaAI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MetaAI</span></a> <a href="https://chaos.social/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://chaos.social/tags/desaster" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>desaster</span></a> <a href="https://chaos.social/tags/meta" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>meta</span></a> <a href="https://chaos.social/tags/app" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>app</span></a> <a href="https://chaos.social/tags/ai" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ai</span></a> <a href="https://chaos.social/tags/problem" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>problem</span></a> <a href="https://chaos.social/tags/arrested" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>arrested</span></a> <a href="https://chaos.social/tags/us" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>us</span></a> <a href="https://chaos.social/tags/america" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>america</span></a> <a href="https://chaos.social/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://chaos.social/tags/instagram" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>instagram</span></a> <a href="https://chaos.social/tags/app" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>app</span></a> <a href="https://chaos.social/tags/aiapps" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aiapps</span></a> <a href="https://chaos.social/tags/aiapp" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>aiapp</span></a> <a href="https://chaos.social/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a></p>
Cybernews<p>▪Cybernews research▪ Adult dating app has leaked over four million private records.</p><p><a href="https://infosec.exchange/tags/app" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>app</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/dataprivacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataprivacy</span></a> </p><p><a href="https://cnews.link/headero-data-leak-gps-chat-exposed-3/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cnews.link/headero-data-leak-g</span><span class="invisible">ps-chat-exposed-3/</span></a></p>
Bill<p>Four billion Chinese records leaked due to a poorly configured database. And the contents lead to more questions than answers.</p><p><a href="https://cybernews.com/security/chinese-data-leak-billiones-records-exposed/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cybernews.com/security/chinese</span><span class="invisible">-data-leak-billiones-records-exposed/</span></a></p><p><a href="https://infosec.exchange/tags/china" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>china</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a></p>
nemo™ 🇺🇦<p>🚨 Over 90 Chrome extensions—including big names like Avast, Trust Wallet & Browsec VPN—were found leaking sensitive data & credentials! 🕵️♂️🔑 Millions at risk from hardcoded secrets & unencrypted traffic. Stay safe & review your extensions!<br>Read more 👉 <a href="https://cyberinsider.com/over-90-chrome-extensions-found-exposing-sensitive-data-and-credentials/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cyberinsider.com/over-90-chrom</span><span class="invisible">e-extensions-found-exposing-sensitive-data-and-credentials/</span></a><br><a href="https://mas.to/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://mas.to/tags/ChromeExtensions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ChromeExtensions</span></a> <a href="https://mas.to/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataLeak</span></a> <a href="https://mas.to/tags/Privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Privacy</span></a> <a href="https://mas.to/tags/Infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Infosec</span></a> <a href="https://mas.to/tags/newz" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>newz</span></a></p>
Cybernews<p>Major data leak exposed 184M Facebook, Snapchat, Roblox logins and passwords<br><a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a> <a href="https://infosec.exchange/tags/Facebook" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Facebook</span></a> <a href="https://infosec.exchange/tags/Roblox" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Roblox</span></a> <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Microsoft</span></a> </p><p>Learn more: <a href="https://cnews.link/data-leak-facebook-roblox-instagram-passwords-2/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cnews.link/data-leak-facebook-</span><span class="invisible">roblox-instagram-passwords-2/</span></a></p>
Cybernews<p>More than four million people have had their ancestry data leaked in a fresh cyber blow to 23andMe, one of the most popular direct-to-consumer genetic testing services.</p><p><a href="https://infosec.exchange/tags/23andMe" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>23andMe</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/dataprivacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataprivacy</span></a> <a href="https://infosec.exchange/tags/datasecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>datasecurity</span></a> </p><p><a href="https://cnews.link/millions-more-23andme-users-exposed-online-1/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cnews.link/millions-more-23and</span><span class="invisible">me-users-exposed-online-1/</span></a></p>
Mr Tech King<p>Valve on Steam SMS leak: Old codes & numbers exposed. Not a system breach, data limited, codes expired. Accounts safe. Steam Mobile Authenticator still a good idea. <a href="https://mastodon.social/tags/Steam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Steam</span></a> <a href="https://mastodon.social/tags/DataLeak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DataLeak</span></a> <a href="https://mastodon.social/tags/Gaming" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Gaming</span></a></p>
JayeLTee<p>A Childcare Center in the United States had a server exposing children's documents publicly for years.</p><p>I wasn't the first to alert them about this either. I mentioned this to <span class="h-card" translate="no"><a href="https://infosec.exchange/@PogoWasRight" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>PogoWasRight</span></a></span> and she told me she notified them about the issue on a call in 2022. The call wasn't properly followed up by the company and the data ended up being exposed for almost another 3 years.</p><p>You can read more about it here: <a href="https://jltee.substack.com/p/us-childcare-center-leaks-thousands-of-childrens-private-data" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">jltee.substack.com/p/us-childc</span><span class="invisible">are-center-leaks-thousands-of-childrens-private-data</span></a></p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/education" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>education</span></a> <a href="https://infosec.exchange/tags/usa" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>usa</span></a> <a href="https://infosec.exchange/tags/us" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>us</span></a> <a href="https://infosec.exchange/tags/unitedstates" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>unitedstates</span></a> <a href="https://infosec.exchange/tags/children" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>children</span></a> <a href="https://infosec.exchange/tags/childcare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>childcare</span></a> <a href="https://infosec.exchange/tags/leak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>leak</span></a> <a href="https://infosec.exchange/tags/data" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>data</span></a> <a href="https://infosec.exchange/tags/dataleak" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dataleak</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/privacy" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>privacy</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload