NFT Marketplace OpenSea Suffers Data Breach- Users’ Email IDs Leaked

In a blog post published Wednesday, OpenSea said the issue was caused by an employee of Customer.io, which is OpenSea’s email delivery vendor. OpenSea is a popular NFT marketplace that is…

Patchable and Preventable Security Issues Lead Causes of Q1 Attacks

Attacks against U.S. companies spike in Q1 2022 with patchable and preventable external vulnerabilities responsible for bulk of attacks. Eighty-two percent of attacks on organizations in Q1 2022 were caused…

Flaws in Smart Jacuzzi App Could Be Exploited To Extract Users’ Data

The vulnerability existed in Jacuzzi Brand LLC’s SmartTub app web interface that could reveal users’ private data to remote malicious attackers. Researchers have identified vulnerabilities in Jacuzzi Brand LLC’s SmartTub…

Elasticsearch Database Mess Up Exposed Login, PII Data of 30,000 Students

The misconfigured Elasticsearch database apparently belonged to the US-based software solution provider Transact Campus. SafetyDetectives’ cybersecurity research team led by Anurag Sen identified a misconfigured Elasticsearch server that exposed the…

Travel-related Cybercrime Takes Off as Industry Rebounds

Upsurge in the tourism industry after the COVID-19 pandemic grabs the attention of cybercriminals to scam the tourists. Researchers are warning a post-COVID upsurge in travel has painted a bullseye…

Kaiser Permanente Exposes Nearly 70K Medical Records in Data Breach

Attackers gained access to private account details through an email compromise incident that occurred in April. Kaiser Permanente suffered a data breach due to email compromise on April 5 that…

Scoop: Uganda Security Exchange Caught Leaking 32GB of Sensitive Data

Apart from personal and financial records, the data also included plain-text login credentials including usernames and passwords of customers and businesses using the Easy Portal of the Uganda Security Exchange.…

MyEasyDocs Exposed 30GB of Israeli and Indian Students PII Data

MyEasyDocs is a Chennai, India based online documents verification platform whose Microsoft Azure server exposed data of over 57,000 students. The team of IT security researchers at vpnMentor led by…

Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw

The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario. Threat actors are using public exploits to pummel a critical zero-day…

Scoop: Australian Trading Giant ACY Securities Exposed 60GB of User Data

Upon being alerted by security researcher Anurag Sen, the company rubbished the sensitivity of the matter by labeling the exposed database as “an insignificant one.” Anurag Sen, a prominent IT…