149 million login credentials for various websites have been leaked online after they were accumulated by info-stealing malware into an exposed database.
These compiled credentials also include links to the corresponding platform they are used for. Websites affected by this leak include Gmail, Outlook, Yahoo, Facebook, Instagram, Netflix, and more.
It’s unknown how long the database was online for, but after cybersecurity researcher Jeremy Fowler contacted the hosting provider multiple times within a month and received no response, the database’s hosting was suspended, taking it offline.
(–Source: Tom’s Guide on MSN
Read More: 149 million logins and passwords exposed for Gmail, Facebook, Instagram and more — everything you need to know )
After the Department of Government Efficiency (DOGE) was accused of mishandling sensitive information, federal officials are working to contain the fallout of a Social Security data exposure that may have compromised more than 300 million Social Security records.
Millions of Americans are now concerned about the possibility of identity theft following this news as officials investigate claims that DOGE officials moved data around in ways that bypassed safeguards to protect the information.
(–Source: The Daily Overview on MSN
Read More: Massive Social Security data breach sparks identity theft fears for millions )
1.4TB of data allegedly belonging to Nike has been leaked online by hackers after the World Leaks ransomware gang posted a countdown clock on the dark web.
The post promised that the stolen data would be released once the clock ran out. When the clock ran out on January 24th, the ransomware gang kept their promise, releasing the information online. The data includes Nike corporate data such as garment measurements, material details, retail prices, and more. No employee or customer data was compromised in this attack, meaning this leak is more valuable to counterfeit producers and competitors of the Nike brand.
(–Source: Cybernews
Read More: Nike data breach: Hackers post company data, but what do we know so far? | Cybernews )
At least 100 major organizations have been targeted in a recent phishing campaign from the ShinyHunters cybercrime group.
It’s unclear if any of the attacks were successful, but some of the companies targeted include Canva, Epic Games, HubSpot, Moderna, and more. This campaign involves the attackers using vishing to target SSO accounts.
(–Source: Security Week
Read More: Over 100 Organizations Targeted in ShinyHunters Phishing Campaign – SecurityWeek )
A December 2025 data breach on SoundCloud is revealed to have exposed nearly 30 million accounts after hackers gained unauthorized access to an internal dashboard.
It doesn’t appear that passwords or financial data was compromised in this attack, but with SoundCloud users’ usernames and emails, the attackers have the ability to create convincing phishing emails.
(–Source: Security Boulevard
Read More: SoundCloud Data Breach: Nearly 30 Million Accounts Confirmed Exposed – Security Boulevard )
