A total of 12 breaches were found and analysed resulting in 18,201,867 leaked accounts containing a total of 27 different data types. The breaches found publicly and freely available included ULP 0001, Corporation.de, Buddy Loan, ULP 0002 and Stealer Log 0507. Sign in to view the full BreachAware Breach Index which includes, where available, reference articles relating to each breach.

SPOTLIGHT

In the ever-evolving world of cybersecurity, one hacker named "emirking" has made a rather audacious claim: allegedly acquiring the log-in credentials for 20 million OpenAI accounts, including passwords and email addresses. Naturally, OpenAI isn’t taking this lightly, stating they are "seriously" investigating the matter while assuring everyone that there’s no evidence—yet—that their systems have been compromised.

Emirking, who sashayed onto the hacker forum scene in January 2025, might not be a fresh face after all. There’s speculation that this digital mischief-maker has been around under different aliases. According to their own boastful admission, the treasure trove of credentials was uncovered by exploiting OpenAI’s bulk account verification processes. In what can only be described as a cybercriminal’s equivalent of a sales pitch, a translated Russian statement from emirking reads:

"When I realised that OpenAI might have to verify accounts in bulk, I understood that my password wouldn’t stay hidden. I have more than 20 million access codes to OpenAI accounts. If you want, you can contact me—this is a treasure."

Treasure, indeed—but only if you fancy being on the FBI’s watchlist.

This incident couldn’t have come at a worse time for OpenAI, which is already juggling a separate controversy. Microsoft has been sniffing around allegations that DeepSeek improperly used OpenAI’s ChatGPT model to train its own AI chatbot. According to Bloomberg, Microsoft security researchers noticed an alarming amount of data being siphoned off OpenAI developer accounts in late 2024—accounts they believe were linked to DeepSeek. OpenAI later confirmed that DeepSeek had indeed been using a technique called distillation—a process that sounds more like fine whiskey-making but is actually a common AI training method where data is extracted from more advanced models.

But let’s not forget, this isn’t OpenAI’s first cybersecurity rodeo. Back in 2023, a hacker waltzed into their internal Slack messaging system and, according to The New York Times, "stole details about the design of the company’s A.I. technologies." Before that, an embarrassingly simple bug allowed hackers to exploit jailbreaking prompts, leading to leaks of private customer data. In one particularly cringeworthy moment, ChatGPT accidentally spilled the digital beans on Samsung’s secrets, leading the tech giant to ban the tool internally.

So, what’s the takeaway? Well, if you’re an OpenAI user, now might be a good time to update that password you’ve been reusing since 2010.

VULNERABILITY CHAT

A newly discovered vulnerability in AnyDesk, the popular remote desktop software, allows local attackers to exploit how Windows background images are handled, granting unauthorised access to sensitive system files. A proof-of-concept exploit has already been disclosed, demonstrating how cybercriminals can take advantage of this flaw. Cybersecurity researcher Naor Hodorov identified the issue, noting that the vulnerability stems from the way AnyDesk processes desktop background images during session initialisation.

Meanwhile, a critical security flaw has been uncovered in the online game Marvel Rivals. The vulnerability lies within the game’s hotfix patching system, which relies on remote code execution to deploy updates. According to a proof-of-concept video shared by security researchers, this exploit could also serve as an entry point for attacks on PlayStation 5 consoles running Marvel Rivals.

In the WordPress ecosystem, a privilege escalation vulnerability has been identified in the Admin and Site Enhancements (ASE) plugin. The flaw originates from the “View Admin as Role” feature, which improperly allows users to recover their previous role after it has been changed. Security analysts at Patchstack traced the issue to insufficient validation checks during user role restoration.

The Zimbra Collaboration Suite (ZCS), a widely used enterprise email and collaboration platform, has also come under scrutiny after researchers disclosed several critical vulnerabilities. These flaws could allow attackers to access sensitive data and compromise user accounts, posing a significant risk to businesses relying on ZCS for secure communication.

Security concerns extend to the Logsign Unified SecOps Platform, a tool used for security operations. Researchers Abdessamad Lahlali and Smile Thanapattheerakul from Trend Micro discovered a vulnerability that allows remote attackers to bypass authentication entirely—no credentials required.

Elsewhere in the hardware space, AMD and Google have jointly disclosed a high-severity microcode signature verification vulnerability affecting AMD’s Zen CPUs. In its advisory, AMD acknowledged the contributions of Google researchers Tavis Ormandy, Josh Eads, Kristoffer Janke, Eduardo Vela, and Matteo Rizzo in identifying and reporting the flaw.

Software vendor Trimble has also issued a warning about active exploits targeting a deserialisation vulnerability in Cityworks, a Geographic Information System (GIS) platform. Hackers have been leveraging this flaw to remotely execute commands on IIS servers, deploying Cobalt Strike beacons to establish initial network access. Cityworks is widely used by municipalities and infrastructure agencies for managing public assets, processing work orders, handling permitting and licensing, as well as capital planning and budgeting.

Meanwhile, Cisco has released software updates to patch two critical vulnerabilities in its Identity Services Engine (ISE). These flaws, if exploited, could allow attackers to take over devices and gain unauthorised access to sensitive data. The vulnerabilities were reported by a team of Deloitte researchers, though Cisco has noted that, as of now, there is no evidence of active exploitation in the wild.

11 Common Vulnerability and Exposure (CVEs) were added to the CyberSecurity & Infrastructure Security Agency's (CISA) 'Known Exploited Vulnerabilities Catalog' last week including Paessler (PRTG Network Monitor). See the full catalog here: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

NIST's National Vulnerability Database (NVD), the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP), has published 650 vulnerabilities last week, making the 2025 total 5,005. For more information visit https://nvd.nist.gov/vuln/search/

INFORMATION PRIVACY HEADLINES

Prominent human rights lawyer Femi Falana has filed a $5 million lawsuit against Meta Platforms Inc., the parent company of Facebook, over an alleged invasion of his privacy. Falana claims that Meta allowed false and misleading content to be published under the Facebook page “AfriCare Health Centre,” falsely asserting that he had suffered from prostatitis for over 16 years, enduring symptoms such as pain, fatigue, and urinary issues.

Meanwhile, Meta is fighting to uphold a $725 million nationwide class-action settlement with users who accused the company of violating their privacy. Some users, however, have objected, arguing that Facebook should be required to pay significantly more and that the $181 million fee awarded to the plaintiffs’ lawyers is excessive. The case is now before a U.S. appeals court.

In the UK, the Home Office has reportedly ordered Apple to grant access to encrypted data stored in its cloud service, The Washington Post revealed. Privacy advocacy group Big Brother Watch has strongly condemned the move, stating, “We are extremely troubled by reports that the UK government has ordered Apple to create a backdoor that would effectively break encryption for millions of users.”

In the U.S., Pennsylvania State Senators Maria Collett and Lisa Boscola have announced plans to reintroduce legislation aimed at protecting the online privacy rights of Pennsylvanians. The proposed bill would specifically target companies that generate at least half of their revenue from selling consumer data to third parties, ensuring that small businesses in the state are not unduly burdened by new compliance costs.

Meanwhile, in New Zealand, the Public Service Association is urging the Privacy Commissioner to launch an urgent investigation into Health NZ’s decision to cut its IT workforce as part of a government cost-saving plan. Health NZ’s Te Whatu Ora has proposed reducing 47% of roles in its Data and Digital Directorate, a move that would eliminate 1,120 positions in an effort to save $100 million.

Breach Exposure Monitoring | Dark Web Monitoring + Surface Web Monitoring
Scan Any Domain for Free https://breachaware.com/scan