Hacked β€˜AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse A hacked database from AI companion site Muah[.]ai exposes peoples' particular kinks and fantasies they've asked their bot to engage in. It also shows many of them are trying to use the platform to generate child abuse material. See more (paywall):
404 Media
Hacked β€˜AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse
A hacked database from AI companion site Muah.ai exposes peoples' particular kinks and fantasies they've asked their bot to engage in. It also show...
 Original post on Twitter:
X (formerly Twitter)
Have I Been Pwned (@haveibeenpwned) on X
New sensitive breach: "AI girlfriend" site Muah[.]ai had 1.9M email addresses breached last month. Data included AI prompts describing desired imag...
 #security
AI 'Nude Photo Generator' Delivers Infostealers Instead of Images! The notorious FIN7 threat group is combining artificial intelligence (AI) with social engineering in an aggressive, adult-themed threat campaign that dangles lures for access to technology that can "deepfake" nude photos β€” all to fool people into installing infostealing malware. Detailed description in the article, it seems the journalist did her homework 😊 See more:
Dark Reading
AI
The FIN7 group is using sophisticated malware campaign that spans numerous websites, to lure people with a deepfake tool promising to create nudes ...
 #security #malware
WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks See more:
The Hacker News
WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks
LiteSpeed Cache plugin vulnerability (CVE-2024-47374) exposes WordPress sites to XSS attacks. Update to version 6.5.1 now.
 #security
Cyberattack on American Water Shuts Down Customer Portal, Halts Billing: Customers have been reassured that water and wastewater services remain unaffected by the cybersecurity incident. The company confirms that the safety and quality of the water supply continue to meet all standards, with no disruptions anticipated. See more:
Cyberattack on American Water Shuts Down Customer Portal, Halts Billing – Hackread – Cybersecurity News, Data Breaches, AI, and More
BleepingComputer
American Water shuts down online services after cyberattack
American Water, the largest publicly traded U.S. water and wastewater utility company, was forced to shut down some of its systems after a Thursday...
 #security
MoneyGram confirms hackers stole customer data in cyberattack: MoneyGram has confirmed that hackers stole customers' personal information and transaction data in a September cyberattack that caused a five-day outage The threat actors stole a varied amount of sensitive customer information, including transaction information, email addresses, postal addresses, names, phone numbers, utility bills, government IDs, and social security numbers. See more:
BleepingComputer
MoneyGram confirms hackers stole customer data in cyberattack
MoneyGram has confirmed that hackers stole customers' personal information and transaction data in a September cyberattack that caused a five-...
 #security
Firefox Zero-Day Under Attack: Update Your Browser Immediately! Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release (ESR) has come under active exploitation in the wild. The vulnerability, tracked as CVE-2024-9680, discovered by ESET researcher Damien Schaeffer, has been described as a use-after-free bug in the Animation timeline component. "An attacker was able to achieve code execution in the content process by exploiting a use-after-free in Animation timelines," Mozilla said in a Wednesday advisory. The issue has been addressed in the following versions of the web browser: Firefox 131.0.2 Firefox ESR 128.3.1, and Firefox ESR 115.16.1. See more:
The Hacker News
Firefox Zero-Day Under Attack: Update Your Browser Immediately
Mozilla urges users to update Firefox after critical CVE-2024-9680 vulnerability is actively exploited.
BleepingComputer
Mozilla fixes Firefox zero-day actively exploited in attacks
Mozilla has issued an emergency security update for the Firefox browser to address a critical use-after-free vulnerability that is currently exploi...
 #security #cve
Internet Archive hacked, data breach impacts 31 million users Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authentication database containing 31 million unique records. News of the breach began circulating Wednesday afternoon after visitors to archive.org began seeing a JavaScript alert created by the hacker, stating that the Internet Archive was breached. "Have you ever felt like the Internet Archive runs on sticks and is constantly on the verge of suffering a catastrophic security breach? It just happened. See 31 million of you on HIBP (Have I Been Pwned)!," reads a JavaScript alert shown on the compromised archive.org site. See more:
BleepingComputer
Internet Archive hacked, data breach impacts 31 million users
Internet Archive's "The Wayback Machine" has suffered a data breach after a threat actor compromised the website and stole a user authenticati...
 #security #privacy
Tails 6.8 was released πŸ‘€ #privacy
Tails - Tails 6.8
AT&T, Verizon reportedly hacked to target US govt wiretapping platform! Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have been breached by a Chinese hacking group tracked as Salt Typhoon, the Wall Street Journal reports. The purpose of the attack appears to be for intelligence collection as the hackers might have had access to systems used by the U.S. federal government for court-authorized network wiretapping requests. The exploit run 'for a few months or longer'. The threat actor attacked also hotels, engineering companies, and law firms in Brazil, Burkina Faso, South Africa, Canada, Israel, France, Guatemala, Lithuania, Saudi Arabia, Taiwan, Thailand, and the United Kingdom. See more:
BleepingComputer
AT&T, Verizon reportedly hacked to target US govt wiretapping platform
Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have been breached by a Chinese hacking group tracked as Salt T...
 #security
Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits The security flaw (CVE-2024-43047) was reported by Google Project Zero's Seth Jenkins and Amnesty International Security Lab's Conghui Wang, and it is caused by a use-after-free weakness that can lead to memory corruption when successfully exploited by local attackers with low privileges. See more:
BleepingComputer
Qualcomm patches high-severity zero-day exploited in attacks
Qualcomm has released security patches for a zero-day vulnerability in the Digital Signal Processor (DSP) service that impacts dozens of chipsets.
The Hacker News
Qualcomm Urges OEMs to Patch Critical DSP and WLAN Flaws Amid Active Exploits
Qualcomm fixes 20 vulnerabilities, including actively exploited CVE-2024-43047 in DSP, urging fast OEM updates.
 #security