Alcasec, “Robin Hood of Spanish Hackers,” Jailed for 31 Months Over Data Theft

Alcasec, the "Robin Hood of Spanish Hackers," is jailed for 31 months after admitting to stealing and selling Spanish citizens' banking data...

1 in 8 employees have sold company logins or know someone who has

UK anti-fraud non-profit Cifas just published research that should bother anyone who runs a business, or buys from one: One in eight workers at large enterprises have either sold their company login credentials or know someone who did. The internet is awash with compromised credentials that...

82 Chrome Extensions Found Selling User Data, 6.5 Million Users Affected

LayerX research finds 82 Chrome extensions collecting and selling user data, affecting at least 6.5 million users through disclosed but concerning practices...

Founder Liquidity Without Compromising on Growth

Founders can access liquidity without exiting by selling shares via secondary deals, reducing financial pressure while staying focused on long-term growth...

Hacker Behind Wired.com Leak Now Selling Full 40M Condé Nast Records

A hacker claims to be selling nearly 40 million Condé Nast user records after leaking Wired.com data, with multiple major brands allegedly affected...

CVE-2025-60243

Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...

EUVD-2025-38104

Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...

CVE-2025-60243

Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...

CVE-2025-60243 WordPress Selling Commander for WooCommerce plugin <= 1.2.46 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...

CVE-2025-60243

CVE-2025-60243 describes an Incorrect Privilege Assignment vulnerability in Holest Engineering’s Selling Commander for WooCommerce (selling-commander-connector) plugin, affecting WordPress/WooCommerce installations with versions up to and including 1.2.46. The public records indicate a privilege ...

CVE-2025-60243 WordPress Selling Commander for WooCommerce plugin <= 1.2.46 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...

WordPress plugin Selling Commander for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

PT-2025-45284

Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...

EUVD-2023-50577

Malicious code in bioql PyPI...

Startup takes personal data stolen by malware and sells it on to other companies

A tech startup is using personal data stolen by infostealer malware that it has found on the dark web, and then selling access to that data. And it claims to be working within the law. According to 404 Media, for as little as $50, Farnsworth Intelligence will give companies a look at records from...

WordPress Selling Commander for WooCommerce plugin <= 1.2.46 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by ch4r0n in WordPress Plugin Selling Commander for WooCommerce versions = 1.2.46...

CVE-2023-28422

Auth. admin+ Stored Cross-site Scripting XSS vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce = 3.8.6. versions...

CVE-2023-36347

A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data...

CVE-2023-46357

In the module "Cross Selling in Modal Cart" motivationsale 3.5.0 from MyPrestaModules for PrestaShop, a guest can perform SQL injection. The method motivationsaleDataModel::getProductsByIds has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injectio...

The Dark Side of the Web: Towards Understanding Various Data Sources in Cyber Threat Intelligence

Cyber threats have become increasingly prevalent and sophisticated. Prior work has extracted actionable cyber threat intelligence CTI, such as indicators of compromise, tactics, techniques, and procedures TTPs, or threat feeds from various sources: open source data e.g., social networks, internal...