Collection of the resources and links I have found insightful and shared during week #47 of 2022.
5.4 million Twitter users’ stolen data leaked online — more shared privately
Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in January have been shared for free on a hacker forum.
The data consists of scraped public information as well as private phone numbers and email addresses that are not meant to be public.
5.4 million Twitter users' stolen data leaked online - more shared privately
Over 5.4 million Twitter user records containing non-public information stolen using an API vulnerability fixed in…
WhatsApp data leak: 500 million user records for sale
On November 16, an actor posted an ad on a well-known hacking community forum, claiming they were selling a 2022 database of 487 million WhatsApp user mobile numbers.
The dataset allegedly contains WhatsApp user data from 84 countries. Threat actor claims there are over 32 million US user records included.
Another huge chunk of phone numbers belongs to the citizens of Egypt (45 million), Italy (35 million), Saudi Arabia (29 million), #France (20 million), and Turkey (20 million).
Google pushes emergency Chrome update to fix 8th zero-day in 2022
Google has released an emergency security update for the desktop version of the Chrome web #browser, addressing the eighth zero-day vulnerability exploited in attacks this year.
The high-severity flaw is tracked as CVE-2022–4135 and is a heap buffer overflow in GPU, discovered by Clément Lecigne of Google’s Threat Analysis Group on November 22, 2022.
“Google is aware that an exploit for CVE-2022–4135 exists in the wild,” reads the update notice.