Cybernews

The tool allegedly analyzes data from thousands of people in the justice system, including information from police and probation services, and may also include sensitive details about those without criminal records - such as mental health, abuse, or self-harm.

7 hours ago | [YT] | 146

Cybernews

Mr. Beast is suing a former employee for breach of company contract and misappropriation of trade secrets after the employee allegedly stole thousands of confidential files and installed hidden cameras in Beast Industries offices.

Mr. Beast, legally Jimmy Donaldson, is suing former employee Leroy Nabors for allegedly stealing company secrets in the form of confidential documents.

Nabors supposedly stole financial information, data regarding business transactions, private employee compensation data, and information related to Beast’s investors.
The former employee was originally employed in the channel's IT department and was then moved to the company’s development team.
Due to the nature of Nabors’ previous role (in the IT department), he was made to sign a non-disclosure agreement.

Things weren’t going well for Nabors, and he was subsequently fired, which he allegedly knew “was coming,” according to the lawsuit.

As he prepared for his termination, he supposedly exfiltrated a host of sensitive information and transferred it to an “unidentified device.”

“Nabors then tried to cover these actions up by wiping his laptop, which had access to those files and records of his actions,” the lawsuit reads.

However, a forensic investigation was ordered, which revealed that the wipe hadn’t been successful, as deletion attempts failed, and some of the exfiltrated information was identified in the search.

Donaldson then confronted Nabors about the downloaded information, where he allegedly lied, saying that on his last day of employment, all his files had been wiped.
The lawsuit describes this statement as “demonstrably false” because Nabors attempted to erase this information several days before his termination.

Nabors dug himself deeper into his lies and said that all the information had been downloaded in a “routine backup” he executed as a “normal course of business.”

While this could seem plausible, the company does not have a routine backup policy, certainly not involving thousands of confidential documents, the lawsuit alleges.

To add insult to injury, Nabors has been syncing data to a DropBox account, which he could access once he left the company.
Alongside exfiltrating all this information, Nabors had allegedly set up hidden cameras around Donaldson’s offices.

The company employs around 350 people, and according to employees, no one was aware of the hidden cameras.

But Nabors was allegedly “well known” for recording company meetings, presumably when he was not meant to.

Furthermore, Nabor's daughter, who is the sole managing member of Vine Networks (Vine), was contracted by the defendant to take care of Beast Industries' entire IT network.
Along with the cameras, employees at Beast Industries found a “mini-PC attached to Beast’s company server.”

The only app installed on this program was Synchro, an application that gives users remote access and control of the network.

“A review of the mini-PC showed at least two separate logins by accounts affiliated with Nabors,” the lawsuit reads.

Neither Donaldson nor Beast personnel had allowed or told Nabors to install the mini-PC or use it to access the company’s servers.

Mr. Beast is suing Nabors on the grounds of misappropriating trade secrets and breach of contract.

Author: Niamh Ancell, Journalist
Read the article on our website

10 hours ago | [YT] | 101

Cybernews

Companies have unknowingly hired thousands of North Korean citizens posing as American software engineers using fake or stolen identities

1 day ago | [YT] | 695

Cybernews

How charged is your phone right now?

1 day ago | [YT] | 75

Cybernews

Our latest “No_Rollback” series video is now live - be sure to watch it 👉 https://youtu.be/3-MSlNVqzYY

Skip the Carousel

1 2 3 4 5

1 day ago | [YT] | 111

Cybernews

Hundreds of millions of Discord messages have been scraped and are now for sale on hacker forums. At least, that's what the seller claims.

A threat actor is offering over 348 million scraped messages for sale on the well-known cybercrime forum. The messages were allegedly extracted from nearly 1,000 public Discord servers.

According to the listing, the majority of the records come from users in the United States, France, and Russia, spanning nearly a year's worth of conversations.

The sample shared by the seller showed that scraped data included:

📌User ID
📌Username
📌Display name
📌Nickname
📌Message
📌Guild ID
📌Channel ID
📌Message ID
📌Reply ID
📌Timestamp

Cybernews researchers have checked the data, and so far, there's no sign it's fake. The leaked dataset contains no private messages or non-public data—only content scraped from publicly accessible Discord servers.

While scraping public Discord messages isn't exactly rocket science for someone with the right skills – the real issue kicks in when that data gets aggregated, cross-referenced, and tied to individual users. That's when things start to get personal, and the risk of targeted harassment becomes very real.

"It makes it easier to look through someone's message history on a lot of public servers at once," said Cybernews researcher Aras Nazarovas.

Author: Paulina Okunytė, Journalist
Read more on our website.

2 days ago | [YT] | 396

Cybernews

Microsoft warns that Windows is affected by a zero-day flaw that hackers are exploiting to deploy ransomware. The patch arrives with the latest monthly security update.

“Microsoft urges customers to apply these updates as soon as possible,” the Redmond giant said in a report.

The actively exploited zero-day flaw lies in the Windows Common Log File System (CLFS), an OS component that manages logging and event data for applications and Windows itself.

Attackers are abusing this vulnerability on already compromised systems to elevate privileges.

According to Microsoft, the exploits were used “against a small number of targets,” including IT and real estate organizations in the US and financial, software, and retail companies in other countries.

Tracked as CVE-2025-29824, the vulnerability has been assigned a severity score of 7.8 out of 10.

The exploit has been deployed by PipeMagic malware and a threat actor that Microsoft tracks as Storm-2460.

To deploy the exploit, the hackers first need to gain initial access via other means. In Multiple cases, Storm-2460 used compromised legitimate third-party websites to host and deliver malware.

In a later stage, the CLFS exploit can be used to corrupt memory and overwrite process tokens, granting full privileges.

“Ransomware threat actors value post-compromise elevation of privilege exploits because these could enable them to escalate initial access, including handoffs from commodity malware distributors, into privileged access,” Microsoft said.

“They then use privileged access for widespread deployment and detonation of ransomware within an environment.”

The patch for the flaw was released on Tuesday as part of the monthly security updates. The April 2025 Patch Tuesday fixes 126 vulnerabilities in total.

“Microsoft highly recommends that organizations prioritize applying security updates for elevation of privilege vulnerabilities to add a layer of defense against ransomware attacks if threat actors are able to gain an initial foothold,” the tech giant said in a report.

Author: Ernestas Naprys, Senior Journalist
Read more on our website

2 days ago | [YT] | 201

Cybernews

Apple products were delivered to the U.S. in just 3 days during the final week of March

2 days ago | [YT] | 497

Cybernews

Attackers claim they have their hands on a whopping 70 million lines of GrubHub's data, including millions of hashed passwords, phone numbers, and email addresses. The company did report a data breach in early February.

Cybercrooks posted an ad for data on a data leak forum, claiming responsibility for the GrubHub data breach earlier this year. The online food delivery platform announced it indeed suffered a data breach via a third-party service provider in February.

While it's unclear if the recent hacker announcement discusses the same breach, the timeline and exposed data types do match up. GrubHub's February announcement indicated that hashed passwords, email addresses, and other data were stolen. However, GrubHub's announcement did not specify the extent of the attack.

If the attackers' claims hold any weight, it would mean the breach exposed tens of millions of the online food delivery platform's users. Given a single password represents one account, the number of exposed accounts could be around 17 million.

To prove their point, attackers shared a couple of thousands of supposedly stolen lines of data. According to the Cybernews research team, the sample includes:


📌Names
📌Email addresses
📌Hashed passwords

The passwords are encoded using the SHA1 cryptographic hash, which is widely considered vulnerable. Our researchers believe that attackers could exploit the data set in so-called collision attacks – using two different passwords that create the same hash value – thus allowing cybercrooks to break into an account using a fake password.

The popular food delivery platform suffered a data breach after attackers compromised the company's third-party support service provider. After learning about the intrusion, the company locked out the perpetrators and deleted the third party's account.

Initially, it was unclear if the attackers managed to exfiltrate the data. However, the recent claims indicate attackers may have succeeded in siphoning a substantial amount of customer data. The only silver lining is that attackers may have accessed less data than GrubHub expected.

The company initially said that "the contact information of campus diners, as well as diners, merchants, and drivers" who interacted with its customer care service was compromised in the breach. While the exposed data supposedly included partial payment data, attackers don't advertise that in their announcement on the data leak forum.

Author: Vilius Petkauskas, Deputy Editor

​Read more on our website

2 days ago | [YT] | 141

Cybernews

WhatsApp has patched a dangerous spoofing issue that enabled attackers to send executables that appeared to receivers like images, PDFs, or other files.

WhatsApp warns that the flaw affects Windows users using app versions prior to 2.2450.6.

Vulnerable WhatsApp versions show an attachment based on its MIME type, not the filename extension. MIME, or Multipurpose Internet Mail Extensions, is a standard that extends message format to support attachments – it’s a label that tells the app what kind of file it’s dealing with.

“A maliciously crafted mismatch could have caused the recipient to inadvertently execute arbitrary code rather than view the attachment when manually opening the attachment inside WhatsApp,” Meta explains in its advisory.

For example, an attacker could send a user a message with a malicious ‘.exe’ attachment labeled as ‘image/jpeg.’ For users, it would appear as a safe-to-open file.

However, if the user opens such a file, WhatsApp will use the filename’s extension to handle it, which could result in the unintentional execution of arbitrary code.

Any potential attack would still rely on users interacting with the file. For this, hackers would need to obtain and exploit some level of user trust to trick them into manually opening the attachment.

There is no information on whether the flaw has been exploited by attackers in the wild.

Because of the required user interaction and the potential attack complexity, the vulnerability has been assigned a severity score of 6.7 out of 10.

The flaw was reported via a responsible disclosure by an external researcher through Facebook’s security bounty program.

Users are advised to update WhatsApp to the latest version to protect themselves.

Author: Ernestas Naprys, Senior Journalist
Read more on our website.

3 days ago | [YT] | 297