VulnHub

Real-time Cybersecurity News

149M Logins from Roblox, TikTok, Netflix, Crypto Wallets Found Online

Hackread – Cybersecurity News, Data Breaches, AI, and More
Actively Exploited
ExploitData Breach

Overview

A significant data breach has surfaced, revealing that 149 million login credentials from popular platforms such as Roblox, TikTok, Netflix, and various crypto wallets have been exposed online in plain text. This incident raises serious concerns for users of these services, as attackers could easily exploit these credentials for unauthorized access. The discovery of these credentials emphasizes the ongoing risks associated with poor security practices, such as weak passwords and lack of two-factor authentication. Companies must take immediate action to secure their systems and encourage users to change their passwords and enable additional security measures. As the digital landscape continues to evolve, incidents like this serve as a stark reminder of the importance of safeguarding personal information.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: Roblox, TikTok, Netflix, Crypto Wallets
  • Action Required: Users should change their passwords immediately and enable two-factor authentication where available.
  • Timeline: Newly disclosed

Original Article Summary

Another day, another trove of login credentials in plain text found online.

Impact

Roblox, TikTok, Netflix, Crypto Wallets

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Users should change their passwords immediately and enable two-factor authentication where available. Companies should conduct security audits and enhance their password policies.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Related Topics: This incident relates to Exploit, Data Breach.

Read Original Article

Related Coverage

Malicious Commands in GitHub Codespaces Enable RCE

Infosecurity Magazine

Recent security research has uncovered vulnerabilities in GitHub Codespaces that could allow attackers to execute malicious commands remotely. These flaws can be exploited through specially crafted repositories or pull requests, putting users and organizations that rely on this service at risk. If successfully exploited, attackers could gain unauthorized access to sensitive code or data, leading to potential data breaches or system compromises. This incident emphasizes the need for developers and companies using GitHub Codespaces to remain vigilant and implement necessary security measures to protect their environments. Users are urged to monitor for updates from GitHub regarding this issue.

Feb 5, 2026

Researchers Expose Network of 150 Cloned Law Firm Websites in AI-Powered Scam Campaign

SecurityWeek

Researchers have uncovered a sophisticated scam operation that uses artificial intelligence to clone more than 150 law firm websites. These cloned sites are designed to deceive potential clients into sharing personal information or making payments. The criminals are employing tactics like hiding behind Cloudflare to mask their identities and frequently changing their IP addresses to evade detection. This operation raises serious concerns for anyone seeking legal services online, as unsuspecting users could easily fall victim to these fraudulent sites. It highlights the growing use of AI in cybercrime and the need for increased vigilance from both consumers and cybersecurity professionals.

Feb 5, 2026

Smartphones Now Involved in Nearly Every Police Investigation

Infosecurity Magazine

According to data from Cellebrite, smartphones have become integral to almost every police investigation. This trend emphasizes the growing reliance on digital evidence in law enforcement, as officers increasingly turn to data from mobile devices to solve cases. The information gathered from these devices can include text messages, call logs, location data, and photos, all of which can provide critical insights into criminal activities. The findings suggest that as technology continues to evolve, police methods are also adapting, making digital forensics a key component in modern investigations. This shift raises important questions about privacy and data security, as the line between personal information and investigative needs becomes increasingly blurred.

Feb 5, 2026

Italy Averted Russian-Linked Cyberattacks Targeting Winter Olympics Websites, Foreign Minister Says

SecurityWeek

Italy's government has successfully thwarted a series of cyberattacks linked to Russian sources, aimed at its foreign ministry offices, including one located in Washington, D.C. These attacks were reportedly targeting websites associated with the upcoming Winter Olympics. The Italian Foreign Minister announced the prevention of these incidents, emphasizing the ongoing risks posed by cyber threats in international contexts. This situation underlines the vulnerabilities that governments face, particularly during significant global events like the Olympics. The foiled attacks serve as a reminder of the persistent cyber warfare tactics employed by nation-states.

Feb 5, 2026

Cyberspy Group Hacked Governments and Critical Infrastructure in 37 Countries

SecurityWeek

A recent report from Palo Alto Networks reveals that a cyberspy group has successfully targeted governments and critical infrastructure across 37 countries. While the specific origin of these attacks hasn't been confirmed, there are strong indications pointing to China as the likely source. The affected entities include various government agencies and critical infrastructure sectors, which raises significant concerns about national security and the potential for disruption in essential services. The scale of the operation suggests a sophisticated level of planning and execution, highlighting the ongoing risks that nation-states pose in the cyber realm. This incident serves as a reminder for organizations worldwide to bolster their cybersecurity defenses and remain vigilant against such threats.

Feb 5, 2026

Why boards should be obsessed with their most ‘boring’ systems

CyberScoop

Recent cyberattacks have prompted boards of directors to take a closer look at enterprise resource planning (ERP) systems, which are often overlooked but can be vulnerable to significant security threats. A notable example is the cyberattack on Jaguar Land Rover (JLR) in September 2025, which showcased the severe repercussions of such incidents. This attack not only disrupted operations but also highlighted the risks that come with failing to adequately secure these 'boring' systems. As organizations reassess their cybersecurity strategies, it's clear that even the most mundane systems can have catastrophic impacts if left unprotected. Companies are encouraged to prioritize the security of their ERP systems to prevent similar incidents in the future.

Feb 5, 2026