❗️🚨 Microsoft Edge keeps every saved password in process memory as cleartext from the moment it launches. Microsoft's responsed when reported: "by design."
All of them. Including credentials for sites you won't open this session.
Researcher @L1v1ng0ffTh3L4N tested every major Chromium browser. Edge is the only one that behaves this way.
Chrome decrypts credentials on demand, and App-Bound Encryption locks the keys to an authenticated Chrome process so other processes can't reuse them.
In Chrome, plaintext surfaces only during autofill or when a password is viewed, making memory scraping far less useful.
What makes this extra weird is that Edge still demands re-authentication before revealing those passwords in its Password Manager UI, while the same browser process already holds every one of them in plaintext.
In shared environments, this turns into a credential harvest. On a terminal server, an attacker with admin rights can read the memory of every logged-on user process. In the published PoC video, a compromised admin account lifts stored credentials from two other logged-on (and even disconnected) users with Edge running.
Microsoft's official response when notified: "by design."
The finding was disclosed April 29 at BigBiteOfTech by PaloAltoNtwks Norway, alongside a small educational tool that lets anyone verify the cleartext storage for themselves.
🚨DATA BREACH– Under Armour (underarmour[.]com)
In November 2025, the Everest ransomware group claimed responsibility for a massive cyberattack on Under Armour, exfiltrating ~343 GB of sensitive data. After Under Armour reportedly failed to pay the ransom within the 7-day deadline, the attackers leaked the data on their dark web site. 😱
Scale of the alleged leak (per underground forums – Jan 2026):
- ~72.7 million unique customer records +emails)
- 191+ million total records across multiple exports
- Decompressed files: 19.5 GB
Compromised data types include:
- Full names + gender 👤
- Email addresses 📧
- Phone numbers 📱
- Physical addresses / postal codes / states / countries 🏠
- Purchase histories & product preferences (e.g., men's/women's items, latest order dates)
- Loyalty program IDs & status
- Nearest/preferred store details + distances
- Browsing behavior (last views on men’s/women’s sections)
- Some employee contact info
Major risks for affected users:
- Hyper-targeted phishing – Emails + purchase history = super convincing scams ("Your UA order refund", fake support) 🎣
- Identity theft & fraud – Names, addresses, phones, genders → easier account takeovers, fake loans, etc. ⚠️
- Spam & harassment – Physical addresses & phones for aggressive marketing or worse
- Credential stuffing – If you reused passwords, combined with this data = high risk for other accounts
- Long-term profiling – Detailed shopping prefs + locations = perfect for social engineering & targeted fraud
Current status (as of Jan 2026):
Under Armour has not publicly confirmed the full scale of the breach (still investigating per reports). Multiple class action lawsuits filed in the US (e.g., Maryland, Texas) accusing the company of negligence in data protection. No official breach notification to customers yet in many cases. ⚖️
#DataBreach #UnderArmour #EverestRansomware #CyberSecurity #Ransomware #PrivacyAlert #DarkWeb
@walmarthelp@TenderKisses_ I DM'd you too. Same issue and what disrespect for a Walmart Business user. I hope your CS team is better than "Mandy" whom I talked to. You all dont even give out a corporate email address because you dont want to hear from us...sad.
show the address or any information for me to begin to search for a home.
Total Loss for a business client that needs items the day they promise and people that want to help you. Business users, beware!
@walmarthelp Order was delivered across town to some home. Walmart Customer Service agent named "Mandy" was unsympathetic and very mean to a business user for Walmart. Her response was "I did address and fix the issues, I refunded your order". I told her Amazon and other
business elsewhere. They wont even give you the delivery company's name or contact info to see where this was delivered. No idea what LMD_SAMEDAY tracking number references. Probably some average person delivering and pretending to be UPS or FedEx. The photo of the package doesnt
If you are interested in Security Awareness training for your work or business, please reach out to @BytesUnlimited and we can help you and your families stay safe at an affordable cost. YouTube Link: https://t.co/rha1cu5OcZ
What this 3 minute video from #infosec from their #hackerheadlines series to help protect your kids from online threats and how simple things can help them be safe.
Do you feel requests sent to the security teams are being overused? Let us know in the comments.
Bytes Unlimited can help you setup or improve upon phish rates and training best practices!
#chatgpt
Have you ever heard the fable, 'The Boy Who Cried Wolf'?
Here is a #MicrosoftCopilot AI created fable for the modern generation. It is called 'The Smartphone and the Battery' lol. It certainly makes you feel sad for the future of the next generation 😬
In Security Awareness Training and Human Risk Management, we try to help users to identify real #phishing emails rather than just report every spam email or unwanted email to the security team.
@InfosecEdu InfoSec IQ Reports appears to be down. Do you all have a status page for your site and features? Do you have a real support in place for this type of thing?