06-24-2019 , 06:58 PM
User data stolen from ‘human hacking’ forum Social Engineered, published on rival site
A vulnerability in MyBB has been blamed.
source
A vulnerability in MyBB has been blamed.
Quote:A forum dedicated to the art of social engineering, Social Engineered, has been compromised and its users' data leaked on a rival website.
The data breach occurred on June 13, 2019. The details of the forum users, including 89,000 unique email addresses linked to 55,000 forum account holders, usernames, IP addresses, and passwords stored as salted MD5 hashes were published and leaked online.
MyBB is open-source, free software for creating and maintaining forums. The vulnerability in question may be a recently-disclosed critical stored XSS bug in MyBB's private messaging and post modules which, if exploited, permits attackers to gain full access to a target account.
source