Well, well, well, it seems the digital waters are getting murkier by the day. A mysterious GitHub user by the name of I-SOON recently made their grand entrance onto the coding scene, dropping a repository bombshell titled "The Truth Behind an Xun." Inside? Oh, just a casual 200 megabytes of top-secret intel about a Chinese cybersecurity company. Talk about spilling the digital tea!

This treasure trove of data gives us a backstage pass into the shadowy world of state-sponsored hacking, courtesy of a company that, on the surface, offers cybersecurity courses and pen tests. But oh, there's so much more beneath the surface. The leaked documents, all 500 of them, paint a rather colourful picture of the company's not-so-innocent activities, spanning from the UK to the far corners of Asia.

And if that weren't enough, we've got juicy tidbits on spyware and hacking gadgets straight out of a Bond film. Imagine Android phones unwittingly spilling their guts when connecting to the same network as these nefarious devices. Oh, and let's not forget the pièce de résistance: a Twitter exploit playbook that's like a digital Trojan horse, granting attackers the keys to the Twitter kingdom with just one click on a shady link.

But wait, there's more! Among the treasure trove lies a white paper ominously titled "Twitter Public Opinion Guidance and Control System." Sounds like something straight out of a dystopian novel, doesn't it? Clearly, controlling overseas social public opinion is all the rage these days.

Meanwhile, down under, an Australian internet provider finds itself in some scorching hot water. Ever since cozying up to the Common Wealth Bank in 2021, they've found themselves in the midst of a security storm. Over 230 thousand users are left exposed after a security snafu of epic proportions. Despite assurances that they've slammed the door shut on network access, it seems the damage is done. Data types are now taking a leisurely stroll on the dark web, courtesy of this cyber debacle. Time to batten down the digital hatches, folks!

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan

THIS MONTHS SPOTLIGHT, VULNERABILITY CHAT & PRIVACY HEADLINES

Ransomware group responds following publicised joint operation.
https://breachaware.com/research/ransomware-group-responds-following-publicised-joint-operation
A total of 38 breaches were found and analysed resulting in 3,984,206 leaked accounts containing a total of 27 different data types. The breaches found publicly and freely available included Stealer Log 0248, Leonardo, Stealer Log 0249, Tangerine Telecom and Stealer Log 0250.

Ransomware group allowed affiliates to ransom a cancer treatment centre.
https://breachaware.com/research/ransomware-group-allowed-affiliates-to-ransom-a-cancer-treatment-centre
A total of 18 breaches were found and analysed resulting in 210,458,625 leaked accounts containing a total of 18 different data types. The breaches found publicly and freely available included demo.zerooq.com, Dunzo, Aussie Vapes, Stealer Log 0247 and Too Easy.

Alleged threat actor responsible for mental health provider breach caught.
https://breachaware.com/research/alleged-threat-actor-responsible-for-mental-health-provider-breach-caught
A total of 27 breaches were found and analysed resulting in 19,114,750 leaked accounts containing a total of 25 different data types. The breaches found publicly and freely available included Lime Leads [2], Stealer Log 0425, My Wallet, Toys’R’Us - Israel and 45Minut.

Hong Kong based luxury clothing company's API exploited.
https://breachaware.com/research/hong-kong-based-luxury-clothing-companys-api-exploited
A total of 20 breaches were found and analysed resulting in 5,576,986 leaked accounts containing a total of 20 different data types. The breaches found publicly and freely available included JPoint, Rina Orc, Blogigo, Tolgel88 and Stealer Log 0412.