9 matches found
EUVD-2026-38237
The vulnerability arises when the system fails to properly validate the 'email' field during the authentication process, allowing unverified or fake email addresses to be accepted. This lack of validation enables the creation of user accounts with fake email addresses, facilitating the mass...
CVE-2026-7167 Multiple vulnerabilities in the Assassin game by Gaudire
The vulnerability arises when the system fails to properly validate the 'email' field during the authentication process, allowing unverified or fake email addresses to be accepted. This lack of validation enables the creation of user accounts with fake email addresses, facilitating the mass...
CVE-2026-7167
The vulnerability arises when the system fails to properly validate the 'email' field during the authentication process, allowing unverified or fake email addresses to be accepted. This lack of validation enables the creation of user accounts with fake email addresses, facilitating the mass...
Anthropic Says Chinese AI Firms Used 16 Million Claude Queries to Copy Model
Anthropic on Monday said it identified "industrial-scale campaigns" mounted by three artificial intelligence AI companies, DeepSeek, Moonshot AI, and MiniMax, to illegally extract Claude's capabilities to improve their own models. The distillation attacks generated over 16 million exchanges with...
Microsoft Takes Legal Action to Crack Down on Storm-1152's Cybercrime Network
Microsoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting them millions of...
Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts
Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network MPN accounts that were used for creating malicious OAuth applications as part of a phishing campaign designed to breach organizations' cloud environments and steal email. "The applications created by these fraudulen...
Threat Advisory: E-commerce Bots Use Domain Registration Services for Mass Account Fraud
While researching a recent large-scale bot campaign with CQ Prime Threat Research team lead, Dean Lendrum, we found attackers using domain parking and monetization services to register multiple domains, creating a large number of fake eCommerce accounts per domain. TL; DR ------ Analysis of...
Mexico’s Banking System Sees $18M Siphoned Off in Phantom Transactions
Somewhere between $18 million to $20 million has gone missing during unauthorized interbank money transfers in Mexico’s central banking system. Authorities are investigating the shadow transactions, but answers are thus far scarce. The affected banks and government officials are determining wheth...
Twitter Account 'Classifier' Detects Fraudulent Accounts
Fraudulent Twitter accounts are a booming business, accounting for significant underground money for spammers, fake antivirus scams, drive-by downloads and phishing schemes. But research presented at USENIX yesterday proposes a means for driving up the cost for attackers to get these campaigns of...