'%3e%3cg id='Final-Copy-2_2_' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st0' d='M7.4,12.8h6.8l3.1-11.6H7.4C4.2,1.2,1.6,3.8,1.6,7S4.2,12.8,7.4,12.8z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg id='final---dec.11-2020'%3e%3cg id='_x30_208-our-toggle' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st1' d='M22.6,0H7.4c-3.9,0-7,3.1-7,7s3.1,7,7,7h15.2c3.9,0,7-3.1,7-7S26.4,0,22.6,0z M1.6,7c0-3.2,2.6-5.8,5.8-5.8 h9.9l-3.1,11.6H7.4C4.2,12.8,1.6,10.2,1.6,7z'/%3e%3cpath id='x' class='st2' d='M24.6,4c0.2,0.2,0.2,0.6,0,0.8l0,0L22.5,7l2.2,2.2c0.2,0.2,0.2,0.6,0,0.8c-0.2,0.2-0.6,0.2-0.8,0 l0,0l-2.2-2.2L19.5,10c-0.2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8 c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z'/%3e%3cpath id='y' class='st3' d='M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8.3,10c-0.2,0.1-0.5,0.1-0.7-0.1l0,0 L5.4,7.7c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0L8,8.6l3.8-4.5C12,3.9,12.4,3.9,12.7,4.1z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
Crypto Scandals, Insider Crimes & Global Cyber Threats.
07 July 2025BREACHAWARE HQ
A total of 28 breach events were found and analysed resulting in 13,014,568 exposed accounts containing a total of 34 different data types of personal datum. The breaches found publicly and freely available included ACC Limited, Los Angeles Unified School District, Rhithm, Tracelo and Quantum Information Port (QIP). Sign in to view the full
library of breach events which includes, where available, reference articles relating to
each breach.
Categories of Personal Data Discovered
Contact, Digital Behaviour, Finance, Commerce, Technology, Career, Communication Logs, Sociodemographic, Academic, Geolocation, National Identifiers, Relationships.
Data Breach Impact
Affected parties face heightened risks of identity theft, financial fraud, and reputational damage due to the wide variety of sensitive information compromised. The inclusion of entities such as ACC Limited, Los Angeles Unified School District, and others indicates a broad spectrum of sectors being targeted, suggesting systemic vulnerabilities. For organisations, this highlights the urgent need to strengthen data protection measures and response protocols to mitigate legal, operational, and trust-related consequences.Cyber Spotlight
A former DigitalMint employee, a company specialising in ransomware negotiations and crypto facilitation, is under criminal investigation by the U.S. Department of Justice for allegedly collaborating with ransomware gangs for personal profit.- DigitalMint, based in Chicago, terminated the individual as soon as the probe was announced.
- The firm has negotiated over 2,000 ransomware cases since 2017.
- Industry insiders have long speculated that incident response companies lack transparency and may even inflate demands to profit from larger cryptocurrency payouts.
The incident raises difficult questions: when you normalise negotiating with criminals, where do the ethics end and exploitation begin?
Authorities in the United Arab Emirates have arrested the founder of WhiteRock Finance, a decentralised platform aiming to tokenise real-world financial assets.
- The arrest is tied to the Zkasino rug pull, a now-defunct crypto gambling protocol accused of vanishing with $30 million in investor funds.
- WhiteRock and Zkasino shared infrastructure and founders, as identified by blockchain sleuth ZachXBT, who flagged the connections to UAE law enforcement.
- Investors were promised airdrops and staking rewards, which never materialised.
ZachXBT continues to act as a thorn in the side of crypto scammers, but his investigative reports may make him a high-value target.
New insights have surfaced about IntelBroker, one of the most prolific and dangerous threat actors of the past three years:
- He began his digital mischief in the UK with swatting and bomb threats before being raided by the National Crime Agency (NCA).
- Attempted reform followed: his criminal record was scrubbed, and he was even placed in a cybersecurity trainee program.
- That redemption arc was short-lived. He re-emerged as IntelBroker, responsible for breaching US federal agencies, defense contractors, and critical infrastructure, causing over $25 million in damage.
- The U.S. is now seeking extradition, and he faces 20+ years in federal prison.
This is one of the clearest cases of a second chance violently misused, and the justice system is coming full circle.
Vulnerability Chat
France's cybersecurity agency has disclosed a sweeping cyber campaign that targeted a range of sectors across the country, including government, telecom, media, finance, and transport. Codenamed "Houken," the campaign is attributed to a Chinese hacking group that exploited several zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices to breach these entities.Meanwhile, researchers at Stratascale’s Cyber Research Unit (CRU) have uncovered a long-hidden vulnerability in the widely used Sudo utility, a core part of Unix and Linux systems. Shockingly, this flaw has gone unnoticed for over 12 years, potentially leaving millions of systems open to privilege escalation attacks.
Andrew Howe has reported a vulnerability in ModSecurity, which could be exploited to launch denial-of-service (DoS) attacks. The issue lies in how the software parses empty XML elements. Security teams are being urged to disable the SecParseXmlIntoArgs feature immediately or upgrade to the patched version 2.9.11 once it’s available.
Despite widespread reliance on Secure Boot, full-disk encryption, and bootloader passwords, new findings suggest attackers can still circumvent these defences. A vulnerability in the Initial RAM Filesystem debug shell, an area often missed in system hardening guides, can be exploited, according to a report by Insinuator.
A newly identified flaw in the openid-connect plugin of Apache APISIX, disclosed by JunXu Chen and credited to researcher Tiernan Messmer, also made headlines. The open-source API gateway was found to lack proper issuer validation. The Apache APISIX team has since resolved the issue, shoring up the plugin's security.
Security concerns have also hit the wearable tech space. Initially discovered by Moritz Abrell, a German IT security firm has detailed eight separate vulnerabilities affecting all COROS smartwatches. These flaws give attackers nearly full control, letting them interrupt workouts in real time, remotely reset devices, and access or download personal data from COROS.com accounts.
Cisco is tackling its own set of vulnerabilities. The company has rolled out patches for a critical flaw in its Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME) software that could let attackers log in using the root account. Alongside that, it has addressed three medium-severity issues in its Spaces Connector, Enterprise Chat and Email (ECE), and BroadWorks Application Delivery Platform, vulnerabilities that could lead to privilege escalation and cross-site scripting attacks.
4 Common Vulnerability and Exposures (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week including:
- Citrix; NetScaler ADC and Gateway
- TeleMessage; TM SGNL
- Google; Chromium V8
See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
NIST's National Vulnerability Database (NVD), the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), has published 658 vulnerabilities during the last week, making the 2025 total 24,260. For more information visit https://nvd.nist.gov/vuln/search/
View the latest critical vulnerabilities, exploited vulnerabilities and EU CSIRT coordinated vulnerabilities from the European Union Agency for Cybersecurity (ENISA) "Vulnerability Database" here: https://euvd.enisa.europa.eu/homepage
Information Privacy Headlines
Security researcher Eric Daigle has uncovered a significant vulnerability tied to the Android spyware operation known as Catwatchful. His investigation revealed that the group had left its entire database, containing data from more than 62,000 customer accounts, wide open. Among the exposed information were plaintext passwords and email addresses. The breach, discovered in June 2025, also shed light on the scale of the operation, which has reportedly been active since at least 2018. Victims were primarily located in countries including Mexico, Colombia, India, Peru, Argentina, Ecuador, and Bolivia.In response to a cyber-attack that may have impacted up to six million customers, Qantas has announced plans to strengthen its security infrastructure and improve threat detection. The airline’s move comes amid growing concern from Australia’s privacy watchdog, which has warned that social engineering attacks designed to gain unauthorised access to personal data are becoming increasingly common.
Meanwhile, in Germany, a court has ruled that Meta must pay €5,000 to a Facebook user for violating European data protection laws. The court found that Meta’s data practices amounted to near-constant surveillance of users’ private lives, even when they weren’t actively engaging with Facebook or Instagram, a clear breach of EU privacy regulations.
In Nigeria, the Data Protection Commission (NDPC) has hit MultiChoice Nigeria, parent company of DStv and GOtv, with a fine of N766.24 million. The penalty follows an investigation into alleged violations of the Nigeria Data Protection (NDP) Act, which found that MultiChoice had breached the privacy rights of its subscribers and illegally transferred the personal data of Nigerians across borders.
Smarter Protection Starts with Awareness
Data Breach Scan, Check Any Domain for Free https://breachaware.com/scan
