20 matches found
CVE-2025-61113
TalkTalk 3.3.6 Android App contains improper access control vulnerabilities in multiple API endpoints. By modifying request parameters, attackers may obtain sensitive user information such as device identifiers and birthdays and access private group information, including join credentials...
MOLE TalkTalk Android App 安全漏洞
MOLE TalkTalk Android App is a chat application from China-based MOLE. A security vulnerability exists in MOLE TalkTalk Android App version 3.3.6. The vulnerability stems from improper access control of multiple API endpoints, and an attacker may be able to obtain sensitive user information and...
CVE-2025-61113
TalkTalk Android app v3.3.6 has improper access control across multiple API endpoints. The issue allows parameter tampering to extract sensitive user data (device identifiers, birthdays) and private group information (including join credentials). Impact is privacy breach and unauthorized access t...
PT-2025-44419
Name of the Vulnerable Software and Affected Versions TalkTalk version 3.3.6 Description The TalkTalk 3.3.6 Android App has improper access control issues in several API endpoints. Modifying request parameters can allow attackers to get sensitive user information, like device identifiers and...
CVE-2025-61113
TalkTalk 3.3.6 Android App contains improper access control vulnerabilities in multiple API endpoints. By modifying request parameters, attackers may obtain sensitive user information such as device identifiers and birthdays and access private group information, including join credentials...
CVE-2025-61113
TalkTalk 3.3.6 Android App contains improper access control vulnerabilities in multiple API endpoints. By modifying request parameters, attackers may obtain sensitive user information such as device identifiers and birthdays and access private group information, including join credentials...
New Charges, Sentencing in Satori IoT Botnet Conspiracy
The U.S. Justice Department today charged a Canadian and a Northern Ireland man for allegedly conspiring to build botnets that enslaved hundreds of thousands of routers and other Internet of Things IoT devices for use in large-scale distributed denial-of-service DDoS attacks. In addition, a...
This Week in Security News: Tax Scams and Spam Emails
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how criminals can use tax deadlines for social engineering schemes and redirection URLs in spam emails to sidestep spam filters. Read...
Two TalkTalk hackers jailed for 2015 data breach that cost it £77 million
Two hackers have been sent to prison for their roles in hacking TalkTalk, one of the biggest UK-based telecommunications company, in 2015 and stealing personal information, banking, and credit card details belonging to more than 156,000 customers. Matthew Hanley, 23, and Connor Allsopp, 21, both...
Two TalkTalk hackers jailed for 2015 data breach that cost it £77 million
Two hackers have been sent to prison for their roles in hacking TalkTalk, one of the biggest UK-based telecommunications company, in 2015 and stealing personal information, banking, and credit card details belonging to more than 156,000 customers. Matthew Hanley, 23, and Connor Allsopp, 21, both...
brianhowell.talktalk.net Open Redirect vulnerability
Open Bug Bounty ID: OBB-325870 Description| Value ---|--- Affected Website:| brianhowell.talktalk.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...
webmail.talktalkbusiness.net Open Redirect vulnerability
Open Bug Bounty ID: OBB-272031 Description| Value ---|--- Affected Website:| webmail.talktalkbusiness.net Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...
New Call to Regulate IoT Security By Design
A Washington, D.C. think tank whose mission is critical infrastructure security has joined the call for lawmakers to consider regulating the security of connected devices. In a report published this week, the Institute for Critical Infrastructure Technology pinned the blame for a rash of Mirai...
TalkTalk Hack: Police Arrest Second Teenager in London
British Police have arrested a second teenage boy in relation to the major hack on the servers of UK-based telco 'TalkTalk' last week. On Monday, a 15-year-old boy first arrest from County Antrim, Northern Ireland, was arrested in connection with the TalkTalk Data Breach. On Thursday, The...
15-year-old Boy Arrested in connection with TalkTalk Cyber Attack
The arrest is the first major outcome since TalkTalk – the biggest phone and broadband provider in the UK with more than 4 Million customers – had suffered a serious data breach. The Police Service of Northern Ireland PSNI and the investigating officers from the Metropolitan police's cyber crime...
TalkTalk Hackers Demand Ransom of CEO Dido Harding
Update The U.K.’s Metropolitan Police Cyber Crime Unit this afternoon arrested a 15-year-old Northern Ireland boy in connection with the TalkTalk hack. The teen is alleged to have violated the Computer Misuse Act, a police statement said. He is being questioned at the County Antrim police station...
TalkTalk Hacked; 4 Million Credit Card Profiles may have been Stolen
TalkTalk, one of the biggest UK-based phone and Internet service provider with more than 4 Million customers, has been hacked again, the company announced late Thursday. TalkTalk is informing its 4 million customers that it has fallen victim to a "significant and sustained cyber attack" and it is...
video.talktalk.co.uk XSS vulnerability
Open Bug Bounty ID: OBB-93183 Description| Value ---|--- Affected Website:| video.talktalk.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
talktalk.co.uk XSS vulnerability
Vulnerable URL: http://www.talktalk.co.uk/email/dashboard/jsonp.dashboard.tagcloud.php?id=1=jsonp1364429767851%22%3E%3Csvg/onload=alert%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 23.11.2015 Latest check for patch:| 23.11.2015 16:40 GMT Vulnerability type:| XSS...
TalkTalk Admits Customer Data Breach, warns of Scam Calls
TalkTalk, one of the biggest UK-based phone, TV and Internet service provider with 4 million customers, has admitted it suffered a major Data Breach. TalkTalk said customer information was accessed after a breach at a third-party company, in which names, addresses, phone numbers and TalkTalk...