Brazil Holds Tech Platforms Liable for User Content in Landmark Ruling

Brazil’s Supreme Court ruled that platforms like Google, Meta, and X are liable for user content, introducing *systemic failure* as a new civil liability if they fail to act on hate speech, racism, or violence—even without court orders. Triggered by 2023 pro-Bolsonaro protests, this shift makes Brazil’s digital regime among the world’s strictest. Experts Patricia Peck, Ronaldo Lemos, Paloma Rocillo, and Alessandra Borelli cite chilling effects on political speech, judiciary overreach, and new business risks. Platforms must self-regulate, publish transparency reports, and appoint local legal reps. Industry groups warn of threats to free expression and pressure to preemptively censor content.

Read: https://restofworld.org/2025/brazil-social-media-content-ruling/

Catwatchful Breach Exposes Stalkerware Users, Victims, and Developer

Catwatchful, Android stalkerware disguised as a child safety app, was breached due to an unauthenticated custom API exposing over 62,000 plaintext customer credentials and data from 26,000 victims across Mexico, Colombia, India, Peru, Argentina, Ecuador, and Bolivia. Researcher Eric Daigle discovered the flaw; stolen data—photos, messages, ambient audio, and location—was hosted on Google Firebase. The spyware, live since at least 2018, was linked to Uruguayan developer Omar Soca Charcov via email metadata and admin recovery settings. Though briefly blocked, the API resurfaced on HostGator. Google updated Play Protect but Catwatchful remains live. Dialing 543210 reveals its presence on infected Android devices.

Read: https://techcrunch.com/2025/07/02/data-breach-reveals-catwatchful-stalkerware-spying-on-thousands-android-phones/

Verizon and T-Mobile Customer Data Breach Exposes 116 Million Records for Sale in 2025 Leak

A cybercrime forum user, G_mic, claims to have breached both Verizon Communications Inc. and T-Mobile US, exfiltrating personal data from 61 million Verizon and 55 million T-Mobile customers. The data—offered for sale in CSV and JSON formats—is marked with the year “2025,” suggesting recency. Verizon’s leaked 3.1GB dataset, priced at $600, includes full names, phone numbers, email addresses, IPs, ZIP codes, street addresses, carrier names, gender, ownership status, latitude and longitude, city, county, state, and more. Hackread.com obtained and analyzed a sample directly from the seller, confirming its authenticity and scope. When a forum member requested a download link, G_mic tersely responded, “For sale.” As of March 31, 2025, Verizon—headquartered in New York City—served 146 million wireless subscribers, making it the largest U.S. carrier, raising concerns about the impact of a breach of this magnitude. The forum where the breach was disclosed, unnamed in the article, hosted the listing and discussion, though no confirmation has yet come from Verizon or T-Mobile. The pricing suggests mass exploitation over exclusivity, and the leak’s inclusion of granular geolocation and ownership status adds potential value for malicious actors.

Read: https://hackread.com/verizon-t-mobile-deny-data-breaches-user-records-sold/

Qantas Breach Exposes Millions Amid Call Center Cyberattack Linked to Scattered Spider

Qantas disclosed a data breach after detecting unusual activity on Monday, revealing that a cybercriminal accessed a third-party customer servicing platform via its call center. The breach, described as “significant,” exposed customer names, email addresses, phone numbers, dates of birth, and frequent flyer numbers. Estimates suggest up to six million customers may be affected. Credit card details, financial information, passport numbers, passwords, PINs, logins, and frequent flyer accounts were not compromised. Qantas emphasized that its core systems remain secure and operations unaffected.

The breach aligns with recent FBI warnings about Scattered Spider, a sophisticated threat group targeting cloud environments and SaaS platforms through social engineering and extortion. Former Qantas Group CISO Darren Argyle flagged possible links, while Entrust CISO Jordan Avnaim noted the attack may have been timed to exploit the busy summer travel season. He advocated zero-trust security, phishing-resistant MFA, and continuous identity verification.

Though attribution remains unconfirmed, the breach follows similar incidents at WestJet Airlines and Hawaiian Airlines, highlighting increased targeting of aviation. The compromised platform is operated by a third-party service provider—an entity not named by Qantas. This detail underscores the rising risks in the airline sector’s digital supply chain and the vulnerability of outsourced customer infrastructure.

Read: https://www.infosecurity-magazine.com/news/qantas-significant-contact-center/

Trezor Support System Exploited in Targeted Phishing Attack

Trezor, maker of cold crypto wallets, warns users of a phishing campaign exploiting its automated support system. Anyone can open a support ticket with any email and subject; the system replies from help@trezor.io, echoing the subject as the email title. Attackers submit tickets with urgent, misleading headers—e.g., “[URGENT]: vault.trezor.guide”—to trick users into clicking phishing links. The link leads to a fake site requesting users’ 24-word seed phrase, the cryptographic master key to their wallets. Though Trezor requires physical confirmation for transactions, the seed phrase bypasses that safeguard entirely.

Trezor urges users never to share their seed. The company is developing technical safeguards to prevent this abuse vector. This exploit joins a long lineage: MailChimp’s 2022 breach enabled similar phishing via hijacked email infrastructure; in 2023, fake Trezor alerts flooded inboxes and phones; in January 2024, unauthorized access to a third-party support portal exposed data of 66,000 users dating back to 2021. The phishing page was hosted at vault.trezor.guide, a domain not affiliated with Trezor. The attack was first flagged by user @geUKnDrVgzr6BfF on X, who shared screenshots. Trezor links users to its phishing defense guide and maintains that no legitimate communication will ever request the wallet seed, even under urgent pretense.

Read: https://www.bleepingcomputer.com/news/security/trezors-support-platform-abused-in-crypto-theft-phishing-attacks/