Researchers uncover leaked API keys on nearly 10,000 websites

A massive data breach has come to light, involving 149 million credentials left exposed online. The 98GB cache includes unique usernames and passwords from financial services, social media, and dating apps. The discovery highlights ongoing vulnerabilities in digital security.

December 15, 2025 Reported by AI

A significant data breach has compromised the credit card information of more than 5.6 million individuals. The incident involves 700Credit, where data was stolen via a third-party API integration. Details emerged in a recent report on cybersecurity threats.

Adult entertainment website Frivol has disclosed a data leak that may impact around 479,000 users. The breach involved an open database containing user details. The revelation was reported on February 25, 2026.

February 13, 2026 Reported by AI

Criminals have distributed fake AI extensions in the Google Chrome Web Store to target more than 300,000 users. These tools aim to steal emails, personal data, and other information. The issue highlights ongoing efforts to push surveillance software through legitimate channels.

A security vulnerability in the WordPress plugin Ally has been identified as an SQL injection flaw. This issue could potentially affect up to 250,000 websites using the plugin. The flaw was reported in a TechRadar article published on March 12, 2026.

January 21, 2026 Reported by AI

Cybercriminals have compromised trusted Linux applications on the Snap Store by seizing expired domains, allowing them to push malware that steals cryptocurrency recovery phrases. Security experts from SlowMist and Ubuntu contributor Alan Pope highlighted the attack, which targets established publisher accounts to distribute malicious updates impersonating popular wallets. Canonical has removed the affected snaps, but calls for stronger safeguards persist.