Work contact details of Amazon employees were among data leaked on a cybercrime forum following a security incident at a property management vendor. The leaked data was connected to the CVE-2023-34362 vulnerability found last year in the MOVEit file transfer software. The data, which includes names, email addresses and phone numbers, is now being distributed or auctioned by an individual known as Nam3L3ss. Over 2.86 million of the five million leaked records were from Amazon.

Mandiant warns of attacks on newly-disclosed Ivanti remote takeover threat
Google’s Mandiant team has issued an alert about a remote code execution flaw in the Ivanti Connect Secure VPN platform. The vulnerability, designated CVE-2025-22457, is