Security Affairs
Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|Januscape: 16-Year-Old Linux KVM Bug Enables Cloud VM Escape Attacks|Adobe ColdFusion flaw CVE-2026-48282 now exploited in the wild|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Hacker offers for sale 49 million user records from US data broker LimeLeads

49 million user records from US data broker LimeLeads were available for sale on a hacking forum. 49 million user records from US data broker LimeLeads were available for sale on a hacking forum, the data were exposed on an Elasticsearch server. Exposed LimeLeads data contains full name, title, user email, employer/company name, company address, […]

UK Visa Site data leak

49 million user records from US data broker LimeLeads were available for sale on a hacking forum.

49 million user records from US data broker LimeLeads were available for sale on a hacking forum, the data were exposed on an Elasticsearch server.

Exposed LimeLeads data contains full name, title, user email, employer/company name, company address, city, state, ZIP, phone number, website URL, company total revenue, and the company’s estimated number of employees.

The news was first reported by ZDNet, LimeLeads offers access to its database that contains business contacts that can be used for marketing activities.

ZDNet was alerted of availability online of the records two weeks ago, a hacker that goes online with the handle Omnichorus was selling LimeLeads’ data online.

“Sources in the threat intelligence community have told ZDNet that Omnichorus is a well-known individual on underground hacking forums, having built a reputation for sharing and selling hacked or stolen data — a so-called “data trader.”” reported ZDNet.

The company failed to configure its Elasticsearch server and accidentally exposed it online allowing anyone to access its content.

The popular data leak hunter Bob Diachenko confirmed to ZDNet exposed records were stored in an internal Elasticsearch server that was accidentally exposed online and indexed by the search engine Shodan since at least July 27, 2019.

Diachenko also added that he already reported the presence of the data online to LimeLeads on September 16, and that the company secured the Elasticsearch DB in just one day. This means that the database remained exposed online for more than a month and that likely someone has accessed its content and tried to monetize from the sale of the data.

Omnichorus started selling the data since October 2019, the availability of these data online pose a risk for companies and individuals whose data were included in the database.

A threat actor could launch a spear-phishing attack against them and perform a broad range of malicious activities.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – LimeLeads, hacking)

[adrotate banner=”5″]

[adrotate banner=”13″]