💔 10M Dating App Users Exposed in Match Group Breach 💔

ShinyHunters cybercrime group claims to have stolen over 10 million records from Match Group (NASDAQ: MTCH), owner of Tinder, Hinge, Match.com, and OkCupid. The alleged breach, posted January 28, 2026, includes user behavioral data from Appsflyer analytics (swipes, matches, sessions, geo-locations), hundreds of internal corporate documents, and highly sensitive personal information including romantic preferences. The 1.76GB compressed dump appears linked to ShinyHunters' broader Okta voice-phishing campaign that has already compromised Crunchbase, Betterment, and SoundCloud.

Sources:
- https://x.com/justabreach/status/2016436843164696661
- https://www.ransomware.live/id/TWF0Y2ggR3JvdXBAc2hpbnlodW50ZXJz
- https://cybernews.com/security/hinge-okcupid-data-leak-shinyhunters-claims/
- https://darknetsearch.com/knowledge/news/en/match-group-leak-2026-urgent-data-breach-impact-guide/
- https://www.binance.com/en/square/post/01-28-2026-data-breach-exposes-millions-of-user-records-from-dating-apps-35696579060105

#Tinder #PlentyofFish #Hinge #OKCupid #Match.com
-----------------

🐴 Chinese APT Upgrades Backdoor with Browser Stealers 🐼

|Chinese espionage group Mustang Panda (aka HoneyMyte) has updated its CoolClient backdoor to steal login credentials from Chrome, Edge, and Chromium-based browsers while monitoring clipboard activity. Kaspersky researchers observed the malware targeting government entities in Myanmar, Mongolia, Malaysia, Russia, and Pakistan throughout 2025. The backdoor was deployed via compromised legitimate software from Sangfor, a Chinese cybersecurity company, and uses hardcoded API tokens for Google Drive and Pixeldrain to exfiltrate stolen data.

Sources:
- https://www.bleepingcomputer.com/news/security/chinese-mustang-panda-hackers-deploy-infostealers-via-coolclient-backdoor/
- https://securelist.com/honeymyte-updates-coolclient-uses-browser-stealers-and-scripts/118664/

#China #CoolClinet #Chrome #Edge #MustangPanda
-----------------

🚨 DHS Agents Doxxed: ICE List Leaks Thousands of Federal Employee Details 🚨

A whistleblower allegedly leaked data on ~4,500 DHS employees (ICE, Border Patrol) to a site called ICE List, exposing names, emails, phone numbers, and job info. While some data came from scraping LinkedIn, centralizing it creates a dangerous attack surface for harassment and phishing. Meta is now blocking links to the site across all platforms.

Sources:
- https://x.com/justabreach/status/2016059957452341347
- https://www.wired.com/story/meta-is-blocking-links-to-ice-list-on-facebook-instagram-and-threads/
- https://www.wired.com/story/ice-agents-are-doxing-themselves/
- https://www.police1.com/officer-safety/ice-list-doxxing-site-alleges-dhs-whistleblower-leaked-identities-of-4-500-agents
- https://www.scworld.com/brief/suspected-russian-ddos-attack-disrupts-ice-agent-data-leak-site

#ICE #Minneapolis #Immigration #DOXED #BorderPatrol
-----------------