Dec 02, 2025

Email 1: Some ChatGPT customers’ data were exposed by a breach at vendor Mixpanel

• OpenAI notified some ChatGPT API customers that limited identifying information was exposed due to a breach at analytics provider Mixpanel.
• Mixpanel experienced a smishing (SMS phishing) attack on Nov 8 affecting a limited number of customers; OpenAI was informed Nov 25.
• No OpenAI systems or core user data (like chats, passwords, API keys) were compromised.
• CoinTracker, a crypto tax platform, may also be impacted with exposure of device metadata and limited transaction counts.
• OpenAI removed Mixpanel from its production services and is investigating the full scope.
• Additional news includes North Korean Lazarus Group suspected of $30.6m hack of Upbit crypto exchange, Coupang’s breach compromised 33.7 million users, Korea arrests for hacking 120,000 IP cameras, and OnSolve CodeRED platform cyberattack disrupting US emergency notification services.
• Researchers at Palo Alto Networks’ Unit42 revealed advanced malicious code generation by cybercriminal AI tools, WormGPT 4 and KawaiiGPT.
• The “Scattered LAPSUS$ Hunters” hacking group continues active extortion campaigns.
• Several other significant corporate and governmental security incidents were reported worldwide.
• Campbell Soup fired their CISO for classist and racist remarks.
• Security researcher Luke Marshall found over 17,000 exposed secrets in public GitLab repositories.
• Hacktivist threats and multiple law enforcement actions around the globe.

Email 2: The CyberWire 12.1.25: European law enforcement shutters illegal cryptocurrency mixer

• Swiss and German authorities shut down “Cryptomixer,” an illegal crypto mixer, seizing ~$29 million in Bitcoin.
• Cryptomixer was used since 2016 to launder over EUR 1.3 billion in Bitcoin from criminal activities.
• South Korea’s Coupang disclosed a data breach affecting 33.7 million customer accounts including names, emails, phone numbers, and addresses.
• South Korean government held emergency meetings regarding Coupang’s compliance with privacy laws.
• Korea’s Internet & Security Agency warned about possible phishing scams after Coupang breach.
• Asahi, Japan’s largest beer company, continues recovery from a ransomware attack affecting 1.5 million customers and employee data.
• Various upcoming sponsored webinars and events focused on security and AI-related topics.

Email 3: CISA Warns of ScadaBR Vulnerability After ICS Attacks

• CISA issued a warning about a vulnerability in ScadaBR industrial control system software after a hacktivist ICS attack.
• Cybersecurity news highlights include:
• Facial recognition trust issues
• $29 million Bitcoin seized in Cryptomixer takedown
• New Russian-developed Albiriox Android malware discovered
• Australian man sentenced to 7 years for in-flight Evil Twin WiFi attacks
• Trends in OpenAI user data leaks, ransomware disruptions, and supply chain attacks
• Reports on significant cyber incidents such as Harvard University data theft, Oracle hacks, and massive secret exposure on GitLab.
• Security firm funding announcements and expert insights on trends like AI supercharging phishing attacks.
• Emphasis on cybersecurity as a core business discipline and leadership approaches to cyber risk.

Email 4: Please check your spam filters for today’s Metacuritys

• Due to reports of phishing, Google mistakenly moved today’s Metacurity newsletter to readers’ spam folders.
• Readers are kindly asked to check spam folders and mark the email as safe to ensure continued delivery.
• The publisher is working with Google to resolve this issue.
• Expresses gratitude to readers for their cooperation.

Stay Well!