The discovered 16 billion credentials are not from a new cyber attack but are likely collated from earlier incidents, according to BleepingComputer. The data, which may have been accumulated over years from infostealer malware, poses a significant risk for credential stuffing attacks. The report recommended multi-factor authentication, password managers, and check tools such as Have I Been Pwned for protection.
Apache SeaTunnel Vulnerability Allows Unauthorized Users to Perform Deserialization Attack
Apache SeaTunnel disclosed a security vulnerability (CVE-2025-32896) affecting versions 2.3.1-2.3.10, allowing unauthorized file access and deserialization attacks via its RESTful API. Discovered by Owen Amadeus,
