article thumbnail

DeepSeek database exposed highly sensitive information

Security Affairs

“This database contained a significant volume of chat history, backend data and sensitive information, including log streams, API Secrets, and operational details.” It was hosted at oauth2callback.deepseek.com:9000 and dev.deepseek.com:9000.” ” reads the report published by Wiz. ” concludes the report.

article thumbnail

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

PLAYFULGHOST is a new malware family with capabilities including keylogging, screen and audio capture, remote shell access, and file transfer/execution. Google researchers analyzed a new malware family called PLAYFULGHOST that supports multiple features, including keylogging, screen and audio capture, remote shell, and file transfer/execution.

Malware 130
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Broadcom fixed information disclosure flaws in VMware Aria Operations

Security Affairs

is an information disclosure vulnerability in VMware Aria Operations for Logs.A is an information disclosure vulnerability. Broadcom patched five flaws in VMware Aria Operations and Aria Operations for Logs that could lead to privilege escalation and credential theft. CVE-2025-22222 (CVSS score: 7.7)

article thumbnail

Fairfax County, Va., CISO Michael Dent on Leadership

Lohrman on Security

Whats on the minds of top local government chief information security officers? In this interview, Michael Dent shares current security and technology priorities, career tips and more.

CISO 169
article thumbnail

Threat actors use fake AI tools to deliver the information stealer Noodlophile

Security Affairs

Threat actors use fake AI tools to trick users into installing the information stealer Noodlophile, Morphisec researchers warn. Morphisec researchers observed attackers exploiting AI hype to spread malware via fake AI tools promoted in viral posts and Facebook groups.

Malware 111
article thumbnail

Change Healthcare Breach Hits 100M Americans

Krebs on Security

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. Image: Tamer Tuncay, Shutterstock.com. Image: Darkbeast, ke-la.com.

article thumbnail

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. “We have been playing cat and mouse for a while with these guys,” said Matt Sciberras , chief information security officer at Invicti.

Hacking 252