Researcher exploits SQL injection in stalkerware app Catwatchful, gaining access to 62k user accounts with plaintext credentials. Despite takedown attempts, service briefly reappeared still vulnerable.
https://ericdaigle.ca/posts/taking-over-60k-spyware-user-accounts/
Ah, the timeless art of SQL injection: the #hacking equivalent of finding a skeleton key 
and being surprised that it opens doors. Who would've thought that a #spyware service advertising itself as #stalkerware might have security flaws? 
It's like breaking into an unlocked bicycle shop and being proud of "hacking" a kid's tricycle. 
https://ericdaigle.ca/posts/taking-over-60k-spyware-user-accounts/ #SQLinjection #cybersecurity #HackerNews #ngated
Stalkerware firm gets scooped by SQL-slinging security snoop – Source: go.theregister.com https://ciso2ciso.com/stalkerware-firm-gets-scooped-by-sql-slinging-security-snoop-source-go-theregister-com/ #rssfeedpostgeneratorecho #TheRegisterSecurity #CyberSecurityNews #Stalkerware #TheRegister
Catwatchful stalkerware app spills secrets of 62,000 users – including its own admin – Source: grahamcluley.com https://ciso2ciso.com/catwatchful-stalkerware-app-spills-secrets-of-62000-users-including-its-own-admin-source-grahamcluley-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #grahamcluleycom #Vulnerability #Grahamcluley #Stalkerware #DataBreach #Dataloss #Android #privacy
Catwatchful stalkerware app spills secrets of 62,000 users – including its own admin https://grahamcluley.com/catwatchful-stalkerware-app-spills-secrets-of-62000-users-including-its-own-admin/ #Vulnerability #vulnerability #stalkerware #databreach #Dataloss #Android #Privacy
Content warning: Domestic abuse, stalking, controlling behavior, Schadenfreude, irony.
A new data leak shows the dangers of secret, silent #stalkerware. An app known as #Catwatchful appears to be just as insecure as all the others.
The Catwatchful app’s user login database was vulnerable to a simple #SQLinjection attack. In #SBBlogwatch, we call for Little Bobby Tables.
@TheFuturumGroup @TechstrongGroup @SecurityBlvd: https://securityboulevard.com/2025/07/catwatchful-stalkerware-data-breach-richixbw/?utm_source=richisoc&utm_medium=social&utm_content=richisoc&utm_campaign=richisoc
(Also known as #spouseware and #creepware, this vile trade enables all manner of frightening and dangerous abuse, from stalking to serious sexual assault. It’s no laughing matter.)
Catwatchful “child monitoring” app exposes victims’ data https://www.malwarebytes.com/blog/news/2025/07/catwatchful-child-monitoring-app-exposes-victims-data #catwatchful #stalkerware #databreach #Privacy #News
Hacked, leaked, exposed: Why you should never use #stalkerware apps
https://techcrunch.com/2025/07/02/hacked-leaked-exposed-why-you-should-stop-using-stalkerware-apps/
#DataBreach reveals #Catwatchful ‘#stalkerware’ is spying on thousands of phones
Data #breach reveals #Catwatchful 'stalkerware' is #spying on thousands of phones | TechCrunch
A #security #vulnerability in a stealthy #Android #spyware operation called Catwatchful has exposed thousands of its customers, including its administrator.
#stalkerware #stalker #privacy
I will be doing some googling and homework of my own, but does anyone here know if something that shows up as "org.openoffice.script" on iOS is malware?
A friend got a warning from iOS about this script in her screentime app, and she's got a fucked up situation with an ex. The combination is worrying her.
@arcturus calling "#Telegram" an "#Encrypted #Messaging Service" is as much of corporate propaganda lie as calling "#MicrosoftRecall" a productivity tool, not a #Govware and #Stalkerware!
@dalfen @europarl_en basically, #Microsoft refuses to comply with #GDPR by shoving their #Stalkerware (#Recall) into #Windows11 and Microsoft under #CloudAct decided to cancel key #ICC staff's accounts for no valid reason than #Trump doesn't like the fact that they investigate #WarCrimes that happened in #Gaza.
Cocospy, Spyic, & Spyzie, stalkerware apps that spied on millions, have gone offline after a data breach. 
These apps allowed access to messages, photos, & location data without consent. If you think your phone is compromised, dial ✱✱001✱✱ to check. #stalkerware #privacybreach 
https://techcrunch.com/2025/05/19/cocospy-stalkerware-apps-go-offline-after-data-breach/ #oldnewz
Following Data #Breach, Multiple #Stalkerware #Apps Go Offline. The same easily exploitable #vulnerability was found in three of the apps that led to the compromise of victims' data.
https://www.darkreading.com/threat-intelligence/following-data-breach-stalkerware-apps-offline
Stalkerware apps go dark after data breach https://www.malwarebytes.com/blog/news/2025/05/stalkerware-apps-go-dark-after-data-breach #Fonemonitor #stalkerware #TeenSafe #Threats #Cocospy #Neatspy #Minspy #Spyier #Spyine #Spyzie #Spyic #News
En trio af relaterede #stalkerware -apps, Cocospy, Spyic og Spyzie, ser ud til at være gået offline
Selvom de 3 apps havde forskellig branding, var de meget ens og delte en fejl
Det gjorde det muligt for en forsker at skrabe 3,2 millioner brugeres e-mailadresser
Efter at have rapporteret om bruddet, er stalkerware-apps siden holdt op med at fungere, deres hjemmesider er forsvundet, og deres Amazon-hostede cloud storage er blevet slettet
https://techcrunch.com/2025/05/19/cocospy-stalkerware-apps-go-offline-after-data-breach/
@Baa #MicrosoftTeams is garbage.amd.I'll refuse.to use this #Govware.with #Stalkerware built-in even if I end up homeless!
@Erpel I'm glad #Stalkerware like that is so illegal in #Germany that no employer dares this shite!
/
) 