Proxyearth Tool Lets Anyone Trace Users in India with Just a Mobile Number

Proxyearth is a new site that shows names, Aadhaar numbers, and live locations of users in India using only mobile numbers, raising serious privacy and security concerns...

INTERPOL Arrests 1,209 Cybercriminals Across 18 African Nations in Global Crackdown

INTERPOL on Friday announced that authorities from 18 countries across Africa have arrested 1,209 cybercriminals who targeted 88,000 victims. "The crackdown recovered $97.4 million and dismantled 11,432 malicious infrastructures, underscoring the global reach of cybercrime and the urgent need for...

MTN Group: Ability to Add and Verify Uncontrolled Mobile Numbers Leading to Account Takeover (ATO)

The vulnerability allowed attackers to manipulate the OTP verification response to bypass the OTP check and link an uncontrolled mobile number to the victim's account. This led to an account takeover scenario where the attacker gained full access to the victim's account without controlling the...

CVE-2024-33003

Some OCC API endpoints in SAP Commerce Cloud allows Personally Identifiable Information PII data, such as passwords, email addresses, mobile numbers, coupon codes, and voucher codes, to be included in the request URL as query or path parameters. On successful exploitation, this could lead to a Hi...

CVE-2024-33003

CVE-2024-33003 affects SAP Commerce Cloud via the OCC API Endpoint component. The root issue is that certain OCC API endpoints may include PII (passwords, emails, mobile numbers, coupon/voucher codes) in the request URL as query or path parameters, leading to potential disclosure and integrity im...

The ‘AT&T breach’—what you need to know

Earlier this week, the data of over 70 million people was posted for sale on an online cybercrime forum. The person selling the data claims it stems from a 2021 breach at AT&T. Back in 2021, a hacker named Shiny Hunters claimed to have breached AT&T and put the alleged stolen data up for sale for...

CVE-2022-45118

OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions...

CVE-2022-45118

OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions...

Information disclosure

OpenHarmony-v3.1.2 and prior versions had a vulnerability that telephony in communication subsystem sends public events with personal data, but the permission is not set. Malicious apps could listen to public events and obtain information such as mobile numbers and SMS data without permissions...

CVE-2018-17404

The SBIbuddy aka com.sbi.erupee application 1.41 and 1.42 for Android might allow an attacker to sniff private information such as mobile number, PAN number from a government-issued ID, and date of birth...

Alleged SIM Swapper Arrested in California

Authorities in Santa Clara, Calif. have arrested and charged a 19-year-old area man on suspicion hijacking mobile phone numbers as part of a scheme to steal large sums of bitcoin and other cryptocurrencies. The arrest is the third known law enforcement action this month targeting "SIM swappers,"...

Mai Dot Mall App has SMS Bombing Vulnerability

MacDot Mall APP is an online shopping software. There is a SMS bombing vulnerability in MaiDot Mall APP. The attacker consumes server resources and causes denial of service by sending unlimited CAPTCHAs to cell phones...

Gaming Network ESEA Breached, 1.5M Profiles Leaked

Following an extortion attempt, information from a recent breach of a competitive video gaming community surfaced over the weekend online. Data purportedly belonging to 1.5 million members of video gaming community ESEA, the E-Sports Entertainment Association League, was added to LeakedSource’s...

‘One-Stop Shop’ – Phishing Domain Targets Information from Customers of Several Indian Banks

FireEye Labs recently discovered a malicious phishing domain designed to steal a variety of information – including credentials and mobile numbers – from customers of several banks in India. Currently, we have not observed this domain being used in any campaigns. The phishing websites appear to b...

President's personal mobile numbers published online by Anonymous Philippines Hackers

A Philippine Anonymous hacker "pR.is0n3r" has posted the President Benigno Aquino’s three personal mobile telephone numbers online on facebook. Officials would not confirm if the numbers were really the President’s. Aquino spokesman Ricky Carandang, “It’s cyber vandalism plain and simple,”...

Mobile Phone Number Harvester Fuels SMS Spam

The latest version of a phone number harvesting tool offers its users the ability to trawl the public web and collect mobile phone numbers indexed on sites that ask visitors for them, according to a Webroot report. The numbers are later used as targets for SMS spam campaigns peddling whatever get...

English Defence League Facebook Page Deleted & Members Mobile Numbers Leaked

English Defence League Facebook Page Deleted & Members Mobile Numbers Leaked TeaMp0isoN Hacking Crew Hack and Delete Official Facebook page of English Defence League was on . Also TeaMp0isoN Leaks the Phone numbers of Members of English Defence League via a pastie link. Screenshot of the Numbers...