VulnHub

Articles tagged "LinkedIn"

Found 3 articles

Convincing LinkedIn comment-reply tactic used in new phishing

BleepingComputer

Actively Exploited

Scammers are targeting LinkedIn users with a new phishing tactic that involves fake comments appearing as replies to legitimate posts. These comments, which resemble official LinkedIn notifications, falsely warn users about policy violations and encourage them to click on malicious external links. Some attackers are even using LinkedIn's own lnkd.in URL shortener, making it more difficult for users to recognize these attempts as scams. This tactic is particularly concerning as it exploits the trust users have in the platform, potentially compromising personal and professional information. LinkedIn users should be cautious and verify the authenticity of comments before clicking on any links.

Impact: LinkedIn users, especially professionals using the platform for networking and job searching.

Remediation: Users should verify the authenticity of comments and links before clicking, report suspicious activity to LinkedIn, and consider adjusting privacy settings to limit exposure.

Phishing

1 day ago

Read Original

Experts found an unsecured 16TB database containing 4.3B professional records

Security Affairs

A significant security oversight was uncovered when researchers found an unsecured 16TB MongoDB database that exposed approximately 4.3 billion professional records. This database primarily contained LinkedIn-style data, which could be exploited for large-scale AI-driven social engineering attacks. The discovery was made by Bob Diachenko and nexos.ai on November 23, 2025, and the database was secured only after the researchers alerted its owner. This incident underscores the risks associated with unsecured databases, as the exposed data could facilitate identity theft and phishing schemes targeting professionals. Organizations need to ensure better security measures for their data to prevent such breaches in the future.

Impact: Unsecured MongoDB database, professional records, LinkedIn-style data

Remediation: Database secured after researcher notification; organizations should implement strict access controls and regular security audits.

Phishing Data Breach

1 month ago

Read Original

ThreatsDay Bulletin: 0-Days, LinkedIn Spies, Crypto Crimes, IoT Flaws and New Malware Waves

The Hacker News

This week has highlighted a surge in cybersecurity incidents, including arrests of hackers and the increasing sophistication of espionage activities. The use of everyday technology, such as browser add-ons and IoT devices, for malicious purposes underscores the evolving nature of online threats.

Impact: N/A

Remediation: N/A

Malware

1 month ago

Read Original