'%3e%3cg id='Final-Copy-2_2_' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st0' d='M7.4,12.8h6.8l3.1-11.6H7.4C4.2,1.2,1.6,3.8,1.6,7S4.2,12.8,7.4,12.8z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3cg id='final---dec.11-2020'%3e%3cg id='_x30_208-our-toggle' transform='translate(-1275.000000, -200.000000)'%3e%3cg id='Final-Copy-2' transform='translate(1275.000000, 200.000000)'%3e%3cpath class='st1' d='M22.6,0H7.4c-3.9,0-7,3.1-7,7s3.1,7,7,7h15.2c3.9,0,7-3.1,7-7S26.4,0,22.6,0z M1.6,7c0-3.2,2.6-5.8,5.8-5.8 h9.9l-3.1,11.6H7.4C4.2,12.8,1.6,10.2,1.6,7z'/%3e%3cpath id='x' class='st2' d='M24.6,4c0.2,0.2,0.2,0.6,0,0.8l0,0L22.5,7l2.2,2.2c0.2,0.2,0.2,0.6,0,0.8c-0.2,0.2-0.6,0.2-0.8,0 l0,0l-2.2-2.2L19.5,10c-0.2,0.2-0.6,0.2-0.8,0c-0.2-0.2-0.2-0.6,0-0.8l0,0L20.8,7l-2.2-2.2c-0.2-0.2-0.2-0.6,0-0.8 c0.2-0.2,0.6-0.2,0.8,0l0,0l2.2,2.2L23.8,4C24,3.8,24.4,3.8,24.6,4z'/%3e%3cpath id='y' class='st3' d='M12.7,4.1c0.2,0.2,0.3,0.6,0.1,0.8l0,0L8.6,9.8C8.5,9.9,8.4,10,8.3,10c-0.2,0.1-0.5,0.1-0.7-0.1l0,0 L5.4,7.7c-0.2-0.2-0.2-0.6,0-0.8c0.2-0.2,0.6-0.2,0.8,0l0,0L8,8.6l3.8-4.5C12,3.9,12.4,3.9,12.7,4.1z'/%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/g%3e%3c/svg%3e)
Cyber heists, espionage malware, and eSIM exploits.
14 July 2025BREACHAWARE HQ
A total of 26 breach events were found and analysed resulting in 16,465,424 exposed accounts containing a total of 30 different data types of personal datum. The breaches found publicly and freely available included ULP Alien TxT File - Episode 18, Fibertel, ULP 0028, KFC China and 3S POS. Sign in to view the full
library of breach events which includes, where available, reference articles relating to
each breach.
Categories of Personal Data Discovered
Contact, Digital Behaviour, Commerce, Sociodemographic, Career, Technology, Finance, Geolocation, National Identifiers, Academic, Relationships, Human Behaviour, Health and Environment.
Data Breach Impact
The breached datasets collectively form a high-value intelligence asset for cybercriminals and state-level actors: 1. Cross-referencing across datasets may yield verified identities. 2. Data diversity enables the building of digital profiles and behavioural models. 3. Business logic leaks (especially from POS systems) provide adversaries with operational insights that could inform further breaches.Companies named in the breaches, especially multinationals like KFC, face significant compliance exposure under global privacy frameworks (e.g., GDPR, China's PIPL, Argentina’s Data Protection Law). The international scope also suggests a lack of consistent cross-border data governance practices, increasing reputational and financial risk.
Cyber Spotlight
Brazilian authorities have arrested a 48-year-old IT technician who played a key role in a $140 million bank heist that hit six banks just two weeks ago. The attack began in a bar, where cybercriminals convinced the techie to sell his C&M Software login credentials for just 15,000 BRL (~£2,000)...- That access opened the door to internal banking systems, enabling the transfer of millions.
- Authorities have frozen $55 million so far.
- ZachXBT estimates that the attackers managed to launder $30–40 million via crypto, spreading funds into ETH and BTC wallets.
One compromised employee + access to financial infrastructure = one of the largest digital heists in Brazil’s history.
Meanwhile Lazarus Group, North Korea’s infamous state-backed cyber unit, is deploying Nimdoor, a sophisticated macOS malware campaign aimed at web3 and crypto companies. It starts on Telegram, where hackers pose as recruiters or partners, then convince targets to join a Zoom call, which installs a fake SDK update containing the malware.
Once infected, Nimdoor:
- Communicates with a command & control server,
- Attempts to decrypt Telegram messages,
- Reinstalls itself if removed,
- Targets `telegram.db` and `a.tempkeyEncrypted` files specifically.
It’s a smart, persistent backdoor designed for espionage and crypto theft, and shows Lazarus is investing heavily in targeting the macOS ecosystem.
Finally, the US Secret Service is preparing a global offensive against crypto scams, leveraging its seizure powers and data. Over $400 million in crypto assets has been seized by the agency to date, much of which is believed to be stored in one of the largest cold wallets in the world. The surge in crypto-related scams, $9.3 billion lost by Americans in 2023, is forcing federal agencies to escalate their operations.
The goal is to track, trace, and freeze digital assets used in:
- Romance scams,
- Fake investment platforms,
- Phishing and wallet drainers.
Whether or not those seized funds ever leave the cold wallet, the gloves are clearly off. Expect aggressive global takedowns this year.
Vulnerability Chat
Security Explorations, the research arm of AG Security Research, has uncovered a new hacking technique that targets vulnerabilities in eSIM technology used in modern smartphones. This discovery highlights serious risks to user security, especially given its impact on the Kigen eUICC card, technology embedded in two billion IoT SIMs as of December 2020. Recognising the significance of the finding, Kigen awarded the researchers a $30,000 bounty for their report.A curious case from the transportation sector has also resurfaced. Back in 2012, hardware security researcher Neils identified a flaw in American train systems that allowed anyone to activate the brakes on a rear car. Despite the gravity of the issue, the American Association of Railways (AAR) seemingly took no action, until recently, when the Cybersecurity & Infrastructure Security Agency (CISA) issued an advisory, finally pushing the matter into the spotlight.
In the world of video conferencing, two vulnerabilities were discovered in specific Zoom Clients for Windows by security researcher fre3dm4n. These flaws could allow attackers to carry out Denial of Service (DoS) attacks. Zoom has acknowledged the issue and rolled out patches. Users are being strongly encouraged to update their clients to stay protected.
Bluetooth technology in vehicles is also under scrutiny. A set of four newly identified vulnerabilities, collectively dubbed PerfektBlue, have been found in OpenSynergy's BlueSDK Bluetooth stack. If exploited, these flaws could enable remote code execution on millions of transport vehicles from various vendors, opening the door to potentially serious compromise.
Lastly, Palo Alto Networks has disclosed a critical flaw in its GlobalProtect VPN application affecting macOS and Linux systems. The vulnerability allows locally authenticated users to escalate privileges to root access. In practical terms, this could let attackers install malicious software, tamper with system settings, access sensitive files, or even maintain long-term control over affected systems through backdoors.
5 Common Vulnerability and Exposures (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week including:
- Synacor; Zimbra Collaboration Suite (ZCS)
- Rails; Ruby on Rails
- PHP; PHPMailer
- Looking Glass; Multi-Router Looking Glass (MRLG)
- Citrix; NetScaler ADC and Gateway
See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
NIST's National Vulnerability Database (NVD), the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), has published 1,135 vulnerabilities during the last week, making the 2025 total 25,395. For more information visit https://nvd.nist.gov/vuln/search/
View the latest critical vulnerabilities, exploited vulnerabilities and EU CSIRT coordinated vulnerabilities from the European Union Agency for Cybersecurity (ENISA) "Vulnerability Database" here: https://euvd.enisa.europa.eu/homepage
Information Privacy Headlines
Across Europe, privacy activists are embracing a powerful new tool, collective redress, that could dramatically raise the financial stakes for Big Tech when privacy violations occur. This legal mechanism, which allows groups of individuals to seek compensation collectively, has already seen action. Dutch non-profit SOMI has filed suits against TikTok and Meta, the Irish Council for Civil Liberties has targeted Microsoft, and Austrian privacy group Noyb is gearing up for its first case against credit ratings agency CRIF. Guillaume Couneson, a data protection lawyer at Linklaters, commented that once a data protection authority confirms a breach, collective redress cases could “immediately [pop] up like mushrooms.”Meanwhile, the Chinese chatbot DeepSeek may soon vanish from Apple and Google's app stores in Germany. Data protection authorities there are accusing the AI of violating privacy laws. This follows a similar move by Italy, which banned DeepSeek from both major app platforms back in January 2025 for the same reason.
In Japan, Nippon Steel Solutions has reported a significant data breach after falling victim to a zero-day cyber attack. The attack exploited a previously unknown vulnerability in the company’s network infrastructure, exposing personal information related to customers, business partners, and employees.
And in a startling discovery, security researchers Ian Carroll and Sam Curry revealed serious flaws in McHire, the job application platform developed by AI firm Paradox.ai. The platform was found to be protected by weak security measures, including logins using “123456” as both username and password. As a result, the personal information of as many as 64 million job applicants may have been left exposed to unauthorised access.
Smarter Protection Starts with Awareness
Data Breach Scan, Check Any Domain for Free https://breachaware.com/scan
