Security Affairs
Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

State Bank of India left archive with millions of Customer messages exposed

Another data breach made the headlines, this time the victim is the State Bank of India that left a database containing personal information exposed online. The State Bank of India that left a database containing personal information exposed online. The discovery was made by an anonymous security researcher that has found a server used for […]

Xsolis

Another data breach made the headlines, this time the victim is the State Bank of India that left a database containing personal information exposed online.

The State Bank of India that left a database containing personal information exposed online.

The discovery was made by an anonymous security researcher that has found a server used for the bank’s Quick service, a mobile-based information service. Quick is “a free service from the Bank where in you can get your Account Balance, Mini Statement and more just by giving a Missed Call or sending an SMS with pre-defined keywords to pre-defined mobile numbers from your registered mobile number.”

The database was exposed online without protection and the database was located could gain access to the plaintext information it contained.

The archive contained millions of text messages, going back to December, that were exchanged by the bank with its customers. Exposed data includes the customer’s phone number, partial bank account number, bank balance and records of transactions.

The good news is that the State Bank of India quickly fixed the issue within hours after it was informed of the problem, unfortunately, it is not known how long the data remained exposed online or whether threat actors accessed to the huge trove of information.

The availability of this information poses a serious risk to bank customers, threat actors could use it to target bank customers.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – data breach, State Bank of India)

[adrotate banner=”5″] [adrotate banner=”13″]