Today Cyber News

1.9K posts

Today Cyber News

@TodayCyberNews

🦁 TodayCyberNews 🗞️ - By clicking the Follow button, you start getting daily cyber news updates. #DarkWeb #CVE #BugBounty #Malware #0days #Exploit #CyberWar

🌎 Katılım Nisan 2020

0 Takip Edilen15.3K Takipçiler

Sabitlenmiş Tweet

Today Cyber News@TodayCyberNews·14 Oca

⚠️ Data Breach at PT Kereta Api Indonesia. ( kai.id ) A Hacker group claims to have accessed sensitive data, including employee info, customer details, and more from Indonesia's National railway company. #KeretaApi #DataBreach #CyberSecurity #infosecurity

English

193

941

1.6K

885.2K

Today Cyber News@TodayCyberNews·4d

and have been remanded in custody while the investigation continues. gp.gov.ua/en/posts/na-lv…

English

159

Today Cyber News@TodayCyberNews·4d

Investigators carried out 10 searches and seized computer equipment, storage devices, mobile phones, bank cards, handwritten notes, more than 2,500 euros and nearly 35,000 US dollars in cash. If found guilty, they face up to 15 years in prison

English

193

Today Cyber News@TodayCyberNews·4d

Ukrainian authorities arrest a group of hackers accused of selling stolen video game accounts According to Ukrainian authorities, the detainees, aged between 20 and 25, used Stealers to obtain credentials and Session Cookies from Roblox accounts and sold them on Russian forums.

English

1.2K

Today Cyber News@TodayCyberNews·26 Nis

These leaked conversations may serve as a valuable intelligence source for investigators and law enforcement agencies. 🔗 Download chat leak: lnkd.in/dWYFhGAd #ShinyHunters #DataBreach #CyberSecurity #ThreatIntel #DarkWeb #CyberCrime #Infosec #OSINT

English

252

Today Cyber News@TodayCyberNews·26 Nis

the leak was carried out by a disgruntled member of the group. The leaker claims the incident was triggered after ShinyHunters members attempted to dox one of his associates.

English

297

Today Cyber News@TodayCyberNews·26 Nis

👾 𝗦𝗵𝗶𝗻𝘆𝗛𝘂𝗻𝘁𝗲𝗿𝘀 𝗽𝗿𝗶𝘃𝗮𝘁𝗲 𝗰𝗵𝗮𝘁𝘀 𝗹𝗲𝗮𝗸𝗲𝗱 𝗼𝗻 𝗳𝗼𝗿𝘂𝗺 A series of private Telegram chats allegedly linked to the ShinyHunters group have been leaked online. According to a user known as “NormalLeVrai” on the breached[.]st forum,

English

Today Cyber News retweetledi

Paul Moore - Security Consultant @Paul_Reviews·16 Nis

Hacking the #EU #AgeVerification app in under 2 minutes. During setup, the app asks you to create a PIN. After entry, the app *encrypts* it and saves it in the shared_prefs directory. 1. It shouldn't be encrypted at all - that's a really poor design. 2. It's not cryptographically tied to the vault which contains the identity data. So, an attacker can simply remove the PinEnc/PinIV values from the shared_prefs file and restart the app. After choosing a different PIN, the app presents credentials created under the old profile and let's the attacker present them as valid. Other issues: 1. Rate limiting is an incrementing number in the same config file. Just reset it to 0 and keep trying. 2. "UseBiometricAuth" is a boolean, also in the same file. Set it to false and it just skips that step. Seriously @vonderleyen - this product will be the catalyst for an enormous breach at some point. It's just a matter of time.

Paul Moore - Security Consultant @Paul_Reviews

.@vonderleyen "The European #AgeVerification app is technically ready. It respects the highest privacy standards in the world. It's open-source, so anyone can check the code..." I did. It didn't take long to find what looks like a serious #privacy issue. The app goes to great lengths to protect the AV data AFTER collection (is_over_18: true is AES-GCM'd); it does so pretty well. But, the source image used to collect that data is written to disk without encryption and not deleted correctly. For NFC biometric data: It pulls DG2 and writes a lossless PNG to the filesystem. It's only deleted on success. If it fails for any reason (user clicks back, scan fails & retries, app crashes etc), the full biometric image remains on the device in cache. This is protected with CE keys at the Android level, but the app makes no attempt to encrypt/protect them. For selfie pictures: Different scenario. These images are written to external storage in lossless PNG format, but they're never deleted. Not a cache... long-term storage. These are protected with DE keys at the Android level, but again, the app makes no attempt to encrypt/protect them. This is akin to taking a picture of your passport/government ID using the camera app and keeping it just in case. You can encrypt data taken from it until you're blue in the face... leaving the original image on disk is crazy & unnecessary. From a #GDPR standpoint: Biometric data collected is special category data. If there's no lawful basis to retain it after processing, that's potentially a material breach. youtube.com/watch?v=4VRRri…

English

670

6.2K

24.8K

3.4M

Today Cyber News retweetledi

Pavel Durov@durov·17 Nis

The “age verification app” the EU wants to impose on the world got hacked in 2 minutes. Step 1: Present a “privacy-respecting” but hackable solution. Step 2: Get hacked (you are here). Step 3: Remove privacy to "fix" it. Result: a surveillance tool sold as “privacy-respecting”.

English

465

7.2K

25.3K

625.8K

Today Cyber News@TodayCyberNews·17 Nis

🇨🇱 BREAKING: Hacker group Rutify claims cyberattacks on SERVEL, SAG, and Pullman Bus systems, with alleged access to surveillance cameras in Las Condes. The breach reportedly occurred in February but surfaced publicly on March 19, 2026. No official response yet. #CyberSecurity

English

471

Today Cyber News retweetledi

Shivam Kumar Singh@MrRajputHacker·9 Nis

China Got Hacked 🇨🇳 Sample is out, 10PB claimed. Where did he store it? God knows… Or maybe he never did - just selling panel access. ~/Welcome to modern cyber warfare. #CyberSecurity #ThreatIntelligence #DataBreach #Darkweb #InfoSec #DigitalSecurity #CyberDefense

English

785

Today Cyber News@TodayCyberNews·13 Oca

⚠️ Initial traffic traced to UAE IPs — but IP-based attribution is unreliable and often misleading. Attackers commonly use proxies, VPNs & hijacked infra. For context on advanced regional threat actors, see Stealth Falcon (APT) research by Check Point. research.checkpoint.com/2025/stealth-f…

English

310

Today Cyber News@TodayCyberNews·13 Oca

⚠️ Destructive Cyberattack Hits MammutConnect Fleet Tracking Platform, Critical Data Wiped. MammutConnect platform was reportedly hit by a destructive cyberattack, leading to data wiping of critical vehicle telemetry, GPS locations, fuel usage & driver behavior data.

English

379

Today Cyber News retweetledi

Meta Bug Bounty@metabugbounty·27 Kas

We have a new Specialized Abuse Track and we’re looking for a select group of passionate researchers to help shape the future of abuse prevention on our platforms. This is a new focus area designed to reward researchers who help us identify potential abuse vectors across Meta’s platforms, even when no traditional security vulnerability is present. As a pilot participant, you’ll have the opportunity to provide feedback, test new processes, and help us refine how we tackle novel abuse issues. Eligible reports receive rewards, just like with any Meta Bug Bounty reports. Interested? Apply with your published writeups and research by filling out this form: forms.gle/9QzV7j89HccXmc…

English

8.1K

Today Cyber News@TodayCyberNews·20 Kas

🛡 Ryūjin Protector ( @keowu ) Ryūjin Protector is an open-source Bin2Bin obfuscation, protection, and DRM tool for Windows PE binaries targeting the Intel x64 architecture (x86_64 only). github.com/keowu/Ryujin #bypassav #maldev #github #CyberSecurity #BugBounty

English

721

Today Cyber News@TodayCyberNews·19 Kas

Investigators say CrazyRDP offered highly resilient hosting tailored for the international cybercrime community, built to survive takedown attempts until now. Full details: breached.company/operation-endg…

English

335

Today Cyber News@TodayCyberNews·19 Kas

🇳🇱 International Operation “EndGame” Strike Dutch authorities have seized hardware from CrazyRDP, a notorious bulletproof hosting provider used to deploy #Ransomware, Stealer, and Botnet infrastructures. #endgame #InfoSec #busted #CyberSecurity

English

688

Today Cyber News@TodayCyberNews·15 Kas

Authorities, along with FBI agents, managed to seize Aleksey's computers and crypto wallets. Aleksey is currently awaiting extradition to the US. web.archive.org/web/2025021514… #russia #fancybear #hacker #busted #fbi

English

318

Today Cyber News@TodayCyberNews·15 Kas

a senior officer of the Russian military intelligence agency (GRU). In 2018, the FBI issued a wanted notice against 12 GRU members for interfering in the 2016 elections. Aleksey appears on the list as a high-ranking military officer who leads Unit 26165, also known as Fancy Bear

English

428

Today Cyber News@TodayCyberNews·15 Kas

🇷🇺 Russian hacker arrested in Thailand, presumably part of Russia's GRU. A hacker was arrested in Thailand at the request of the US, several press headlines described the hacker as a "world-famous hacker," it is presumed to be ALEKSEY VIKTOROVICH LUKASHEV, #hacker #busted #fbi

English

803

Today Cyber News@TodayCyberNews·5 Kas

- After responsible disclosure to ANCI and the ministry, access was blocked within a day, with ANCI confirming actions; this incident underscores Shodan's role in identifying misconfigurations during Cybersecurity Month in Chile. x.com/chum1ng0/statu…

chum1ng0/security research@chum1ng0

🚨#Chile🇨🇱: Hace 3 días encontré un servidor expuesto utilizando Shodan.io , el servidor exponía respaldos de archivos de la ENIP (Estrategia Nacional de Integridad Pública), que pertenece al Ministerio Secretaría General de la Presidencia. Estos tenían un tamaño de 3,94 GB, como se ve en la muestra. @Segpres #ciberseguridad "Mes de la Ciberseguridad"

English

667

Today Cyber News@TodayCyberNews·5 Kas

- The server, lacking SSL and with directory listing enabled, had been vulnerable since at least 2024, including an outdated phpMyAdmin directory from 2023, posing risks for sensitive government data on anti-corruption efforts.

English

351

Today Cyber News@TodayCyberNews·5 Kas

🇨🇱 Chilean Government Server Breach Exposed: 3.94 GB of Sensitive Data Leaked (Nov 5, 2025) A security researcher uncovered a vulnerable server linked to Chile National Public Integrity Strategy, exposing emails, names, and password since 2024, now secured after rapid response.

English

960

Keşfet

@vonderleyen @keowu @elonmusk @BarackObama @taylorswift13 @cristiano @BillGates @NASA