REDMOND, WA - Microsoft has issued a new security alert to users of its Microsoft Advertising platform, warning of a wave of OAuth consent phishing attacks - a sophisticated form of credential theft designed to look completely legitimate. In its notice, Microsoft explained that malicious actors are sending out fake login or permission prompts that appear identical to the company’s official consent screens. Once a user clicks “Accept”, the attacker gains access to sensitive … [Read more...]
Massive “Combo List 93M” Surfaces on Dark Web, Exposing Millions of Emails
WEST PALM BEACH, FL - A newly circulated credential database called Combo List 93M has emerged on underground forums, raising concerns for millions of email account holders. The massive compilation - reportedly containing over 93 million records - is being distributed within cybercriminal communities for use in credential-stuffing and phishing campaigns. What Is Combo List 93M? Unlike a traditional “data breach” tied to a single company, Combo List 93M appears to be an … [Read more...]
Aflac Hit by Sophisticated Cyberattack: What Victims, Businesses Need to Know
COLUMBUS, GA - Aflac Incorporated, a leading supplemental insurance provider, disclosed that its U.S. systems suffered a cyberattack on June 12, 2025, potentially exposing sensitive customer data. The breach was quickly contained, but it may have compromised claims information, health records, Social Security numbers, and other personal identifiers. What We Know So Far Potential Data Exposure Aflac’s Response Broader Industry Implications What Affected … [Read more...]
Record-Breaking Data Leak Exposes 16 Billion Credentials Including Session Tokens
WEST PALM BEACH, FL - A massive trove of approximately 16 billion username-password combinations—along with session tokens and cookies - has surfaced on unsecured servers, cybersecurity researchers confirmed. The cache appears to be an aggregate of around 30 previously known data sets, sourced from malware-based credential thefts and older breaches, rather than a fresh, single-source attack. Security analysts emphasize the sheer volume of data makes it impossible to … [Read more...]
Murder.net — A Cyber Thriller for Domain Name Enthusiasts and Beyond
WEST PALM BEACH, FL - For over two decades, I’ve been deeply entrenched in the domain name industry—an ecosystem where names aren’t just words, but digital real estate with the power to shape ideas, brands, and sometimes, even entire industries. That’s why I’m excited to announce the release of my latest book: Murder.net, a cyber thriller that blends the dark web, the psychology of digital obsession, and the hidden underworld behind domain names. The story behind … [Read more...]
Massive Data Breach Exposes 184 Million Login Credentials from Major Tech Platforms
WEST PALM BEACH, FL - A significant data breach has compromised over 184 million login credentials, affecting users of major platforms including Google, Apple, Meta (Facebook, Instagram), Microsoft, Snapchat, and others. The exposed information includes email addresses, usernames, plaintext passwords, and login URLs, posing a substantial risk of identity theft and unauthorized account access. Cybersecurity researcher Jeremiah Fowler discovered the unprotected database, … [Read more...]
Near Identical Domain Used To Scam Over $800,000 With Wire For Real Estate Deal
AUSTRALIA - A South Australian woman narrowly avoided a complete financial disaster after falling victim to a sophisticated business email compromise (BEC) scam that led to the loss of over $800,000. Authorities have since managed to recover a significant portion of the stolen funds, shedding light on the growing threat of cyber fraud in real estate transactions. The victim, who had been in the process of purchasing a property, received what appeared to be a legitimate … [Read more...]
50 Million Potentially Compromised In PowerSchool Data Breach
SACRAMENTO, CA - On December 28, 2024, PowerSchool, a prominent provider of educational technology services to over 60 million K-12 students worldwide, identified a cybersecurity incident involving unauthorized access to its Student Information System (SIS) through the PowerSource customer support portal. The breach, which occurred between December 19 and December 24, 2024, allowed threat actors to exfiltrate sensitive data, including names, addresses, dates of birth, … [Read more...]
Scammers & Cybercriminals Using Cheap New Domains To Host Fake Websites
BOSTON, MA - A new report is pointing to new generic top-level domains (gTLDs) launched within the past few years, such as .Top, and .Shop as contributing to an increase in use by scammers and cybercriminals due to the fact that – given their relatively new status on the market – they are cheaper to register compared to more established domains. According to Interisle Consulting Group’s newly-published Cybercrime Supply Chain 2024 report, 16 million cybercrime events … [Read more...]
Data Leak Impacts Snowflake Customers, Including Advanced Auto Parts, LendingTree
BOZEMAN, MT - In a significant data breach, several major companies have been impacted due to vulnerabilities in their Snowflake cloud storage accounts. The breach, which came to light in early June 2024, has affected companies like Advanced Auto Parts and LendingTree, among others. Details of the Breach: The breach involved unauthorized access to Snowflake's cloud storage, leading to the theft of vast amounts of data. The hacker, known by the alias "Sp1d3r," has … [Read more...]
Investigation Uncovers 40,000 Phishing Domains Linked To LabHost Scam Operation
UNITED KINGDOM - The LabHost phishing-as-a-service (PhaaS) platform, which had tens of thousands of phishing domains linked to it and thousands of users worldwide, has had its infrastructure completely disrupted and 37 suspects have been arrested – including the original developer – following a year-long global law enforcement operation. Originally launched in 2021, LabHost was a resource for cybercriminals that – for a monthly subscription fee – provided them … [Read more...]
Hackers Take Control of Computer Network At Missouri Hospital; Demand Ransom
KANSAS CITY, MO - Liberty Hospital in Missouri fell victim to a grim cyber assault Tuesday when a menacing blackmail message from a hacker resulted in a disruption of its computer systems. A message from an anonymous source targeting the hospital warned, “We have hacked you and downloaded all confidential data of your company. Your reputation will be ruined. Save your business. Contact us within 72 hours.” This message itself was uncovered exclusively by KMBC-TV, an ABC … [Read more...]
Multiple Domains Used by Vietnamese Cybercrime Group Seized by Microsoft
REDMOND, WA - Multiple domains utilized by a Vietnamese cybercrime group known as “Storm-1152” to sell fraudulent Outlook email accounts have been seized by Microsoft’s Digital Crimes Unit. The domains have been used to cause millions of dollars in damage. Storm-1152 had reportedly used these domains to register over 750 million fake Outlook accounts that they then would sell online to cybercriminals. In addition, the outlaw group also provided numerous other illegal … [Read more...]
Managed Care Confirms Serious Breach of Nearly 9 Million Patients’ Critical Info
ATLANTA, GA - Managed Care of North America, Inc. (MCNA), a major insurance company, suffered a data breach that exposed the personal information of nearly 9 million patients. The Atlanta-based company claims to be the largest dental insurer in the nation. According to reports, Hackers had access to MCNA systems from February 26 to March 7, 2023, compromising confidential patient information such as full names, addresses, birthdates, driver’s license numbers, phone … [Read more...]
PII Of Up To 4.6 Million Neiman Marcus Customers Potentially Exposed In Breach
PALM BEACH, FL - On Thursday, September 30, 2021, luxury department store Neiman Marcus announced that about 4.6 million of its customers may have had their personally identifiable information or PII compromised in a data breach that occurred in May 2020. The personal information stolen in the breach varied and may have included names and contact information, payment card numbers and expiration dates including virtual gift card numbers. Worse, the cyber-thieves may have … [Read more...]