News Heading - 1

In Three Years, Millions of AI & Gaming Credentials Leaked on Dark Web

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Over the years, billions of login credentials have been circulating on the dark web; occupying a significant portion of the buyer and seller market.

Among these, most notable have been login credentials of gaming platforms. According to the data from the latest report of Kaspersky Digital Footprint Intelligence , a popular children’s gaming platform, Roblox, has witnessed a marked increase in compromise of user accounts.

Between 2021 and 2023, nearly 34 million Roblox credentials were found circulating on the dark web. The number of accounts compromised increased by 231%, from nearly 4.7 million in 2021 to 15.5 million in 2023.

Additionally, the average number of compromised accounts across 11 popular games or gaming platforms including Twitch, Steam, Sony PlayStation, and Electronic Arts, among others, witnessed a rise by 112% since 2021.

According to Kaspersky’s cybersecurity expert, the trusting nature of young gamers makes them easy targets for various social engineering attacks. Often cybercriminals employ deceptive tactics, like hiding infostealers in cheat code files, or posting malicious download links on popular social media sites like YouTube.

While Roblox accounts continue to be exploited for in-game currency and other valuable items, platforms like Steam are more appealing to the criminals, as they offer an opportunity for real-money theft.

The study also disclosed the rising trend witnessed in theft of AI-services credentials. In the last three years, nearly 2.6 million AI- services (Grammarly, Canva, OpenAI) credentials were compromised. OpenAI services, including ChatGPT’s users’ credentials leak increased nearly 33 times year-on-year, reaching approximately 664,000.

The steady increase in account compromise of AI and gaming platforms make it imperative that organizations deploy robust solutions to safeguard against infostealers and other social engineering attacks, said Yuliya Novikova, head of Kaspersky Digital Footprint Intelligence.

‘’While users must exercise caution, platform owners can bolster protection by tracking and promptly blocking compromised accounts through specialized services”, Novikova said in conclusion.

News Heading - 2

WordPress LiteSpeed Plugin Flaw Puts Millions of Sites at Risk

  • Written by Shipra Sanganeria Cybersecurity & Tech Writer
  • Fact-Checked by Justyn Newman Former Lead Cybersecurity Editor

Cybersecurity researchers warned WordPress users of a security vulnerability found in one of its plugins – LightSpeed.

One of the most popular cache plugins to improve site performance, LightSpeed cache (free version) boasts active installations of over 4 million. The said vulnerability is an unauthenticated site-wide stored XSS (Cross Site Scripting), that allows unauthorized access to sensitive information.

Moreover, an attacker can also exploit the vulnerability to escalate privileges on the WordPress site with a single HTTP request.

Discovered by the Patchstack team of researchers , the flaw ‘’occurs because the code that handles input from the user doesn’t implement sanitization and output escaping. This case also combined with improper access control on one of the available REST API endpoints from the plugin,’’ the advisory described.

The flaw mainly resides in the function known as update_cdn_status, which is ‘’confirmed as a function handler’’ for LiteSpeed cdn_status REST API endpoint. When exploited, it allows any unauthenticated user access WordPress admin privileges.

‘Since the XSS payload is placed as an admin notice and the admin notice could be displayed on any wp-admin endpoint, this vulnerability also could be easily triggered by any user that has access to the wp-admin area,’’ the advisory detailed.

To prevent the risk associated with the vulnerability, Patchstack researchers advised WP users to update their LiteSpeed cache plugin to the latest version, 6.1 released in February 2024. It also advised developers to limit access to privileged users by implementing permission checks on the affected functions.

‘’We recommend applying escaping and sanitization to any message that will be displayed as an admin notice. Depending on the context of the data, we recommend using sanitize_text_field to sanitize value for HTML output (outside of HTML attribute) or esc_html,’’ the vendor continued.

First discovered on October 17, 2023, the vulnerability tracked as CVE-2023-40000, was fixed in version 5.7.0.1.