8 matches found
`logflux` was removed from crates.io for malicious code
The logflux crate attempted to download and run a malicious payload on the user's machine. The malicious crate had 1 version published on 2026-04-26, approximately 1 month before removal, and had no evidence of actual usage. This crate had no dependencies on crates.io. Thanks to Paweł Bis for...
Hundreds of People With ‘Top Secret’ Clearance Exposed by House Democrats’ Website
A database containing information on people who applied for jobs with Democrats in the US House of Representatives was left accessible on the open web...
Poor Passwords Tattle on AI Hiring Bot Maker Paradox.ai
Security researchers recently revealed that the personal information of millions of people who applied for jobs at McDonald 's was exposed after they guessed the password "123456" for the fast food chain's account at Paradox.ai , a company that makes artificial intelligence based hiring chatbots...
McDonald’s AI bot spills data on job applicants
McDonald's has outsourced the initial stages of its hiring process to an AI chatbot which seems to have been built without proper security measures. Security researchers managed to extract personal information about McDonald's job applicants by simply guessing a username and the password “12345.”...
TA4557 Targets Recruiters by Delivering Malware Disguised as Job Applicant
Summary: Threat actor TA4557 has been focusing on recruiters by posing as job applicants to distribute malware. While this approach is not unprecedented, there have been notable shifts in both technique and attack vectors compared to their previous methods. The attackers have demonstrated an...
Mass Spoofing Campaign Abuses Walmart Brand
An ongoing domain name spoofing campaign is taking aim at retail giant Walmart and other big fish, with more than 540 malicious domains being used to harvest consumer information. The scam domains are mimicking legitimate sites in name and appearance, in hopes of fooling visitors into entering...
Trove of Private Military Contractor Job Applicants Exposed Online
By Waqas Another day another trove of data goes public This This is a post from HackRead.com Read the original post: Trove of Private Military Contractor Job Applicants Exposed Online...
Hacker Claims Compromise of IT Recruiter
A hacker affiliated with a group called TeamGhostShell claims he hacked into a website servicing IT professionals seeking jobs on Wall Street, and in doing so compromised the personal information of thousands of job applicants, according to a ComputerWorld report. A hacker identifying himself as...