BreachAware ®

🔐Instagram Meta AI Vulnerability Allegedly Enables Password Reset for Accounts Source: https://t.co/bxzWfGoOpO A critical flaw in Meta's AI-powered account recovery tool on Instagram allowed attackers to hijack high-value accounts by tricking the chatbot into forwarding password reset codes with no verification required. Attackers engaged the AI chatbot in conversation and prompted it to forward password reset codes to unauthorized parties, entirely bypassing identity verification checks. The flaw stemmed from insufficient controls in how the AI processed account recovery requests, effectively allowing anyone who knew a target's username to initiate the takeover process. #cybersecuritynews

🇬🇧 United Kingdom: Alleged Rightmove Property Owner Database Advertised for Sale * A threat actor is advertising a dataset allegedly originating from Rightmove, one of the United Kingdom's largest real estate platforms * The listing claims to contain approximately 357,000 records related to property owners and real estate leads * Advertised personal information includes names, email addresses, telephone numbers, mobile numbers, mailing addresses, geographic data, account identifiers, and communication preferences * The seller further claims the dataset contains property ownership and address-related records, including geolocation data, mailing information, and associated property details * Most notably, the listing alleges the presence of authentication-related information such as login emails, password hashes, password reset tokens, MFA enrollment status, account lockout information, and other security-related metadata * The dataset is being marketed as a structured collection of contact, property, and account information Analyst Note: Real estate platforms contain highly valuable data because they aggregate personal identities, property ownership information, financial interests, and contact details. If the claims are legitimate, the combination of property records and authentication-related metadata could significantly increase the risk of account takeover attempts, targeted phishing, business email compromise, real estate fraud, and identity theft. Threat actors frequently leverage property ownership data to build detailed profiles of high-value targets. At the time of publication, the authenticity and origin of the alleged dataset remain unverified. #DDW #Intelligence #Rightmove #DarkWeb

‼️ Dutch and French authorities have taken down "First VPN," a criminal VPN service that openly marketed itself to cybercriminals on dark web forums. Every user received a notification on takedown that the service is gone and they have been identified. Before pulling the service offline, police had full visibility into the criminal traffic of every user. 33 servers were seized. 83 intelligence packages were shared with ongoing investigations through a Europol Operational Taskforce. First VPN advertised directly on known cybercrime forums and promised users no logs, no cooperation with justice, and no jurisdiction. Customers used it for ransomware attacks, system intrusions, and account hijacking. The takedown ran on 19 and 20 May 2026, led by the Dutch Team High Tech Crime and the French authorities, with coordination support from Eurojust and Europol. Action days hit Ukraine, Switzerland, the UK, Romania, and Luxembourg simultaneously. The administrator was interrogated in Ukraine at France's request.