The exodus from Telegram feels like the digital equivalent of rats fleeing a sinking ship, but in this case, the captain invited the water onboard. Once hailed as the free-speech messiah, Pavel Durov has now gone full 180, swapping his halo for a "Please Comply with Authorities" sign. Telegram’s latest Terms of Service updates allow your IP address and phone number to be handed over faster than a hot potato if you so much as sneeze near a legal investigation.

And if you’re looking for an “anonymous” number through Telegram, you’d better be ready to hand over everything short of your blood type and your grandma’s maiden name. They’re asking for your passport, selfie video, and probably a cute childhood story for good measure. At this point, the term "anonymous" is as meaningful as a politician’s promise during an election year. No wonder users are migrating faster than influencers to the next viral app.

Meanwhile, Andrew Tate’s website, The Real World, just learned the hard way that cybersecurity isn’t optional. A 14 GB data breach exposed everything from course material (which users paid $50/month for) to chat logs that can only be described as a toxic Call of Duty lobby fused with 4chan on steroids. Seriously, if Shakespeare were alive today, he’d have written sonnets about how unhinged these messages are.

To anyone caught in this breach: If you haven’t already, delete your LinkedIn account before HR stumbles across the searchable chat logs someone’s inevitably working on. It’s only a matter of time before recruiters start rejecting candidates because they were spotted in Tate's "broetry" forums. Moral of the story? Invest as much in security as you do in your ego—or end up a meme.

Now onto some justice, because Operation Magnus just served up cybercrime’s version of a five-star beatdown. Redline and Meta Infostealers, the digital equivalents of mosquitoes in a swamp, have been wreaking havoc by stealing over 170 million plaintext passwords in just six months. (That’s one stolen password for every three people on Earth. Bravo, scumbags.)

But thanks to the combined efforts of Dutch Police, the FBI, and an international coalition, key servers were seized, and Russian suspect Maxdim Rudometov has been named. Unfortunately, extraditing him from Russia is like asking your cat to stop knocking things off the counter—possible, but unlikely without serious bribery.

In the meantime, the shutdown has caused major disruption in the cybercriminal world. Word on the dark web is that hackers are “considering other career options”, like data-entry jobs, where they can use their stolen credentials for good instead of evil. To stay safe, though, remember: Use strong passwords, enable 2FA, and maybe don’t re-use "Password123" for your bank login. Let’s not make the criminals’ jobs any easier than it already is.

In short, it’s a big month for cybersecurity, with plenty of drama, data dumps, and criminals learning that karma has a killer sense of humour.

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan


THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES

Doxing spree of members that dwell in the cybercrime underworld.
https://breachaware.com/research/doxing-spree-of-members-that-dwell-in-the-cybercrime-underworld
A total of 41 breaches were found and analysed resulting in 10,337,245 leaked accounts containing a total of 33 different data types. The breaches found publicly and freely available included UUU9, SWVL, Superhry, Pankhuri and Bibo Mart.

Attackers strive to destroy the Tor network.
https://breachaware.com/research/attackers-strive-to-destroy-the-tor-network
A total of 17 breaches were found and analysed resulting in 101,638,201 leaked accounts containing a total of 22 different data types. The breaches found publicly and freely available included 1Win - Part 2, Lalafo, Creditcard Consortium, Tibber and Thuocsi.

Alleged snowflake hacker arrested sparking retaliation from threat actor community.
https://breachaware.com/research/alleged-snowflake-hacker-arrested-sparking-retaliation-from-threat-actor-community
A total of 29 breaches were found and analysed resulting in 78,149,373 leaked accounts containing a total of 39 different data types. The breaches found publicly and freely available included JD, InterBank, Topitop, 1Win and Stealer Log 0494.

One of the largest banks in Peru is reeling after massive security breach.
https://breachaware.com/research/one-of-the-largest-banks-in-peru-is-reeling-after-massive-security-breach
A total of 30 breaches were found and analysed resulting in 9,386,518 leaked accounts containing a total of 32 different data types. The breaches found publicly and freely available included Burger King - Russia, Wongnai, ExVagos 2, LionsCredit and Griffin Capital.