The notorious threat actor known as USDOD, a 31-year-old Brazilian named Luan, has finally been arrested in Brazil. With a track record of breaches that read like a cybersecurity thriller, Luan’s exploits include his infamous hack of InfraGard—a public-private partnership between the FBI and key industry players that works to protect U.S. critical infrastructure. By impersonating a finance CEO, he gained access to the site, downloaded a treasure trove of sensitive data, and then dumped it all on the dark web. As expected, this was like slapping a giant “wanted” sign on his forehead. But things didn’t truly spiral until he took on cybersecurity heavyweight CrowdStrike.

After leaking a list of threat actors CrowdStrike was monitoring, USDOD’s victory was short-lived. CrowdStrike rapidly pieced together his identity and leaked his details to a Brazilian tech news outlet. Remarkably, he took it in stride, even congratulating CrowdStrike and stating he was ready to face the consequences. Whether that sentiment came from humility or resignation, it didn’t matter—Luan has now officially been “nicked.”

Meanwhile, Microsoft’s latest AI feature, *Recall* (or as some critics are calling it, "Rec-All"), has stirred up fresh privacy concerns. Initially intended only for high-end Copilot Plus devices, which come equipped with NPUs to handle AI tasks, Recall is now available for most Windows 10 and 11 users. This feature takes periodic screenshots, creating a searchable timeline of computer activity—think browser history, but for everything you do on your machine. Despite Microsoft's best intentions, privacy advocates see it as another backdoor to sensitive information, particularly if unauthorised access is gained. It's got shades of spyware, and many are questioning whether this feature is genuinely necessary.

In other under-the-radar news, the British government is quietly preparing to transfer control of the Chagos Islands, a group of atolls in the Indian Ocean, to Mauritius. The shift has more than a few tech companies raising an eyebrow, given that it means the British Indian Ocean Territory will no longer exist—and with it, the much-loved *.io* domain may be on the chopping block. Once the transition is official, the IANA is likely to cease new registrations for .io domains, which could ultimately signal the end of an era for the tech industry’s favourite top-level domain. So, if you’ve got a .io domain you love, hang onto it; this domain may soon be the stuff of digital nostalgia.

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan

THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES

Call of Duty gamers targeted with anti-cheat exploit.
https://breachaware.com/research/call-of-duty-gamers-targeted-with-anti-cheat-exploit
A total of 22 breaches were found and analysed resulting in 5,145,008 leaked accounts containing a total of 24 different data types. The breaches found publicly and freely available included Le Slip Francais, Detmir, Illuvium, Stealer Log 0490 and Wine Style.

The beginning of the end for .io websites
https://breachaware.com/research/the-beginning-of-the-end-for-io-websites
A total of 15 breaches were found and analysed resulting in 25,581,512 leaked accounts containing a total of 22 different data types. The breaches found publicly and freely available included TEG, OpenSea, Stealer log 0489, Maksavit and SPIM.

100 domains seized following 120-page court order.
https://breachaware.com/research/100-domains-seized-following-120-page-court-order
A total of 22 breaches were found and analysed resulting in 13,158,059 leaked accounts containing a total of 22 different data types. The breaches found publicly and freely available included Kleinanzeigen, Boutiqaat, Nexo, Netherlands FOREX Consumer Leads and DigiDirect.

Debt and credit information exposed in recent Bank breach.
https://breachaware.com/research/debt-and-credit-information-exposed-in-recent-bank-breach
A total of 21 breaches were found and analysed resulting in 30,573,656 leaked accounts containing a total of 30 different data types. The breaches found publicly and freely available included Tianya Club, Stealer log 0487, Stealer Log 0488, Stealer log 0486 and GetCarrier.