Friday , July 11 2025
Leaked

10K Records Allegedly from Mac Cloud Provider’s Customers Leaked Online

infosecbulletin 4 weeks ago Data Breach

SafetyDetectives’ Cybersecurity Team discovered a public post on a clear web forum in which a threat actor claimed to have leaked a database supposedly associated with VirtualMacOSX.com. The information reportedly affects 10,000 customers.

The data was discovered on a public forum that hosts message boards for database downloads, leaks, and cracks. The post author shared a 34-line database sample and made the full database accessible for free to anyone on the forum who replies or likes the post.

AMD discloses 4 new CPU flaws Affecting Many CPUs

By infosecbulletin / Friday , July 11 2025
AMD has revealed four new vulnerabilities that could enable attackers to access sensitive data via timing-based side-channel attacks. These vulnerabilities,...
Read More
AMD discloses 4 new CPU flaws Affecting Many CPUs

GitLab patched XSS and Authorization Bypass Flaws

By infosecbulletin / Thursday , July 10 2025
GitLab has released security updates for its Community Edition (CE) and Enterprise Edition (EE) to fix vulnerabilities that could enable...
Read More
GitLab patched XSS and Authorization Bypass Flaws

CVE-2025-7206
Critical D-Link DIR-825 Router Flaw Remote Crash Via Buffer Overflow

By infosecbulletin / Thursday , July 10 2025
A newly found vulnerability (CVE-2025-7206) in the D-Link DIR-825 router firmware version 2.10 poses a significant risk to home and...
Read More
CVE-2025-7206 Critical D-Link DIR-825 Router Flaw Remote Crash Via Buffer Overflow

Urgently patch now: Zoom Patches 6 Flaws

By infosecbulletin / Thursday , July 10 2025
Zoom released a security update addressing six newly discovered vulnerabilities in its Workplace, Rooms, and SDK products for Windows, macOS,...
Read More
Urgently patch now: Zoom Patches 6 Flaws

Whatsapp rival ‘Bitchat’, message without internet

By infosecbulletin / Wednesday , July 9 2025
Jack Dorsey, co-founder of Twitter and Block Head, launched a new peer-to-peer messaging app called Bitchat, which operates solely over...
Read More
Whatsapp rival ‘Bitchat’, message without internet

Splunk Addresses Third-Party Package Vulns in SOAR Versions

By infosecbulletin / Wednesday , July 9 2025
Splunk has issued critical security updates for SOAR versions 6.4.0 and 6.4 to fix several vulnerabilities in third-party packages. The...
Read More
Splunk Addresses Third-Party Package Vulns in SOAR Versions

Texas-based Tax Credit Consultancy agency exposed PII, ID Numbers, & SSNs

By infosecbulletin / Wednesday , July 9 2025
Cybersecurity researcher Jeremiah Fowler found an unsecured database with 245,949 records, reported to vpnMentor. It likely belonged to a tax...
Read More
Texas-based Tax Credit Consultancy agency exposed PII, ID Numbers, & SSNs

CVE-2025-25257
Fortinet Addresses Major SQL Injection Flaw in FortiWeb

By infosecbulletin / Wednesday , July 9 2025
Fortinet has issued a critical patch for a critical vulnerability in its FortiWeb product, a web application firewall commonly used...
Read More
CVE-2025-25257 Fortinet Addresses Major SQL Injection Flaw in FortiWeb

Microsoft July 2025 Patch Tuesday: One zero-day, 137 flaws

By infosecbulletin / Wednesday , July 9 2025
Microsoft's Patch Tuesday in July 2025 is critical, featuring updates for 137 vulnerabilities, including a zero-day in Microsoft SQL Server....
Read More
Microsoft July 2025 Patch Tuesday: One zero-day, 137 flaws

Android malware Anatsa infiltrates Google Play targeting banks worldwide

By infosecbulletin / Tuesday , July 8 2025
ThreatFabric researchers have discovered a new sophisticated campaign by the Anatsa banking trojan targeting mobile banking users in the U.S....
Read More
Android malware Anatsa infiltrates Google Play targeting banks worldwide

SafetyDetectives’ Cybersecurity Team analyzed a section of the dataset to verify its authenticity. Although the data looked genuine, and we noticed indicators in invoices sent to VirtualMacOSX, we could not fully confirm it belonged to their customers since we chose not to test the exposed credentials for ethical reasons.

The entire dataset consisted of 176,000 lines split across three separate .txt files named ‘tblcontacts,’ ‘tbltickets,’ and ‘tblclients.’

The sensitive information allegedly belonging to VirtualMacOSX’s customers included:

User ID
Full name
Company name
Email
Full physical address
Phone number
Password
Password reset key

SafetyDetectives’ Cybersecurity Teamsaw customers’ financial data such as:

Bank name
Bank type
Bank code
Bank account

SafetyDetectives’ Cybersecurity Team

This data is important because it can be used by criminals to target affected clients.

According to its website, VirtualMacOSX serves 102 countries and has offered “Apple Macintosh cloud based computing since 2012. With the greatest range of cloud based Apple products and services available anywhere on the Web.”

Paraguay 7.4 Million Citizen Records Leaked on Dark Web

 

Check Also

internal systems

Canada 2nd largest airlines “WestJet” investigates cyberattack disrupting internal systems

WestJet, Canada’s second-largest airline, is looking into a cyberattack that has affected some internal systems …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin