‼️🇺🇸 A threat actor is selling an alleged critical severity OpenSea 0-day exploit chain for $100,000 USD (BTC/XMR).

The threat actor claims the exploit affects OpenSea's Seaport order validation logic on Ethereum Main Net, Polygon, and Blast, enabling forced transfer of high-value NFTs at 0 ETH, bypassing listing approvals, and working on both active and inactive listings.

The seller claims the vulnerability is unpatched and undisclosed.

‼️ CISA added one more vulnerability to the KEV Catalog today...

CVE-2025-40536: SolarWinds Web Help Desk Security Control Bypass Vulnerability: SolarWinds Web Help Desk contains a security control bypass vulnerability that could allow an unauthenticated attacker to gain access to certain restricted functionality.

‼️ CISA has added 3 vulnerabilities to the KEV Catalog

CVE-2025-15556: Notepad++ Download of Code Without Integrity Check Vulnerability: Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could allow an attacker to intercept or redirect update traffic to download and execute an attacker-controlled installer. This could lead to arbitrary code execution with the privileges of the user.

CVE-2026-20700: Apple Multiple Buffer Overflow Vulnerability: Apple iOS, macOS, tvOS, watchOS, and visionOS contain an improper restriction of operations within the bounds of a memory buffer vulnerability that could allow an attacker with memory write the capability to execute arbitrary code.

CVE-2024-43468: Microsoft Configuration Manager SQL Injection Vulnerability: Microsoft Configuration Manager contains an SQL injection vulnerability. An unauthenticated attacker could exploit this vulnerability by sending specially crafted requests to the target environment which are processed in an unsafe manner enabling the attacker to execute commands on the server and/or underlying database.

‼️New Forum: TierOne a/k/a T1erOne

jprrin6bqe3flvtpyxkt4zsmzc3u6vvn7ahgtcbul224w3xn4h3gawid[.]onion

t1eron3[.]vip

Credit: @club31337

‼️ Odido Telecom Says Customer Data Compromised in Cyberattack

The breach involves personal data from a customer contact system used by Odido.

Approximately 6.2 million accounts are said to be affected. The intrusion was discovered several days ago.

The following data was exposed according to Obido:

▪️Full name
▪️Address and city of residence
▪️Mobile number
▪️Customer number
▪️Email address
▪️IBAN (bank account number)
▪️Date of birth
▪️Identification details (passport or driver's license number and expiration date)

❗️🇩🇪 German motorcycle site allegedly breached including live MySQL access and full banking data offered for sale

📌 Germany

▪️Type: Data Breach / Initial Access
▪️Threat actor: OpenBullet
▪️Records: 75,394+ SEPA records, 97,104 bank transactions, 6,694 PayPal orders
▪️Samples: Yes

The dataset includes SEPA direct debits, bank transactions dating back to 2010, user bank accounts, PayPal order records, and payment method details. Email and hashed password data is also allegedly included.

Data includes: Full customer IBANs, BICs, account holder names, sender names, bank account numbers (Kontonummer/BLZ), transaction amounts in EUR, mandate references, PayPal order IDs, capture request/response JSON, and payment types (Lastschrift, PayPal, Bar, Rechnung, Verrechnung).

❗️🇩🇪 Brillen (operated by SuperVista AG) dataset allegedly leaked

📌 Germany

▪️Type: Data Breach
▪️Threat actor: Meow
▪️Records: 1,531,618

A forum post claims that Brillen, a German eyewear retailer operated by SuperVista AG, suffered a data breach in September 2025 resulting in over 1.5 million rows of user data being compromised.

The actor states the company fixed the vulnerability internally without making a public announcement.

Data includes: First name, last name, email, contact number, DOB, gender, age, street address, postal code, and city.

🚨 A threat actor is allegedly selling access and data from a Spain-based business association on a hacking forum.

The listing allegedly includes:

▪️Foothold/access to internal office network
▪️Email credentials (6,000+ contacts in address book)
▪️Employee email credentials
▪️Email marketing account (3,000+ contacts)
▪️Cloud storage access
▪️Social media accounts
▪️Extracted member PII (name, DNI/ID, NIF, address, email, phone, business name, IBAN, etc.)

The threat actor is asking for $1,000.

Chris Titus Tech's Windows Utility: It is meant to streamline installs, debloat with tweaks, troubleshoot with config, and fix Windows updates

GitHub: https://github.com/ChrisTitusTech/winutil