At a glance.
- Second Tea data breach exposes user chats.
- PoC exploit published for maximum-severity Cisco ISE flaw.
- CISA warns of PaperCut vulnerability exploitation.
Second Tea data breach exposes user chats.
404 Media reports that a researcher discovered a second exposed database containing data from the Tea app. Tea is a women-only app that allows users to review dates and share safety tips. The app requires users to upload selfies for verification, which were posted on 4chan last week following the initial breach.
The newly discovered database contains more than a million user messages sent from 2023 up until last week. The messages contain extremely sensitive data involving abortions, cheating partners, and personal information that can be used to dox users. Any Tea user could access this database using their API key.
Tea told 404 Media that it is in contact with law enforcement.
PoC exploit published for maximum-severity Cisco ISE flaw.
Security researcher Bobby Gould has published a proof-of-concept exploit for a maximum-severity remote code execution vulnerability (CVE-2025-20281) in Cisco Identity Services Engine (ISE) that was patched last month, BleepingComputer reports. Gould explains, "[A]n attacker can leverage a perfect storm of mistakes in Cisco Identity Services Engine to achieve full system takeover as root. By utilizing the ${IFS} variable in bash, we could get around Java's exec method restraining us from using the space character. Additionally, although the initial command injection was executed inside of a Docker container, we were able to break out of the sandbox and execute code on the host because Cisco configured the container in privileged mode."
Cisco last Tuesday flagged the flaw as actively exploited, and users should ensure their systems are patched.
CISA warns of PaperCut vulnerability exploitation.
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a two-year-old vulnerability affecting printing management software PaperCut to its Known Exploited Vulnerability (KEV) list, SecurityWeek reports. The vulnerability (CVE-2023-2533), which received a patch in June 2023, is a cross-site request forgery (CSRF) flaw that can "enable an attacker to alter security settings or execute arbitrary code." Details of the exploitation haven't been disclosed. CISA has ordered Federal agencies to patch the flaw by August 18th.
