NVIDIA Data Breach Reportedly Exposes Personal Information of GeForce Users

NVIDIA Data Breach Reportedly Exposes Personal Information of GeForce Users

Category: <h2 class="cBlue inline m-r-10">Arti<span class="cOrange">cles</span></h2>

NVIDIA Data Breach Reportedly Exposes Personal Information of GeForce Users

Information:

   NVIDIA is a U.S.-based technology company known for developing GPUs and AI technologies. Its GeForce graphics cards are widely used for gaming, graphic design, and high-performance computing.GeForce also supports related services such as user accounts, drivers, and cloud gaming platforms, which may expose registered users to risk in the event of a data breach.

Incident:

  GFN.AM, an official provider of NVIDIA GeForce NOW, disclosed on May 5, 2026 that it identified unauthorized access to its database. The breach reportedly began on March 9, 2026 and was discovered on May 2, 2026, resulting in an approximately 54-day window during which threat actors may have accessed user data.

The potentially exposed data includes:
• Email addresses
• Phone numbers
• Dates of birth
• Full names (for users who logged in via Google)
• Platform usernames
The company stated that passwords were not affected and has since remediated the vulnerability while implementing additional security measures.

Incident:

  Impact: The leaked data could be used to carry out phishing, SIM swapping, and social engineering attacks against affected users.

Recommendation:

  • Change passwords for related accounts, especially if the same password is used across multiple services.
    • Enable Multi-Factor Authentication (MFA) for email, Google, and other linked accounts.
    • Be cautious of suspicious emails, SMS messages, or phone calls impersonating GFN.AM or NVIDIA.
    • Regularly monitor account login activity for any unusual access attempts.

The important things is Security systems. We must concern and monitor as usual.
For more information please contact
Email :sales@inetms.co.th
065 149 2822 (Ms.Suphatson )
063 204 4534 (Ms.Atsamaphorn)
065 929 6330 (Ms.Kansinee)
092 257 6902 (Ms.Narusorn)
063 197 7510 (Mr.Yanotai)
065 725 7405 (Ms.Nattharini)
065 725 7405 (Ms.Donraya)

References :
https://cybersecuritynews.com/nvidia-data-breach-geforce-users/                                   
https://www.bleepingcomputer.com/news/security/nvidia-confirms-geforce-now-data-breach-affecting-armenian-users/?utm_source=chatgpt.com
https://www.cryptika.com/nvidia-data-breach-reportedly-exposes-personal-information-of-geforce-users/?utm_source=chatgpt.com

 

Weekly Interesting CVE

NO.

CVE Name

Published Date

Last Update

Device/Appplication/OS Target

Attack Type

CVSS
Severity Rating

Detail

Solution

Reference
1

CVE-2026-7358

 23/4/2026

28/4/2026

Google Chrome version before 147.0.7727.138

Remote Code Execution (RCE)

8.8

A vulnerability has been detected in Google Chrome. Remote attackers can compromise systems by creating specially crafted web pages and tricking targets into visiting them. If the attack is successful, it may allow the attacker to execute malicious code within Google Chrome's sandbox.

Upgrade to versions 18.10.4, 18.11.1 or above.

https://chromereleases.googleblog.com/2026/04/stable-channel-update-for-desktop_28.html


 

 
2

CVE-2026-41461

23/4/2026

29/4/2026

SocialEngine

Server-Side Request Forgery (SSRF)

8.5

A vulnerability has been detected in SocialEngine. Authenticated attackers can send an HTTP request to /core/link/preview containing an internal network IP address instead of a normal website link. Due to the lack of destination validation, if the attack is successful, it may cause the server to connect to the specified IP, turning the server into an attack tool against the internal network

MySQL Server 8.0.46 or later (for 8.0.x series)
MySQL Server 8.4.9 or later (for 8.4.x series)
MySQL Server 9.6.1 or later (for 9.x series

Google Chrome เวอร์ชันก่อนหน้า 147.0.7727.138


 
3

CVE-2026-5973

9/4/2026

29/4/2026

FoundationAgents MetaGPT

Command injection

7.3

This vulnerability is caused by improper input validation within the get_mime_type function. This flaw allows attackers to inject and execute arbitrary commands on the operating system remotely (Remote Code Execution - RCE). If the attack is successful, it could lead to full system compromise or the theft of sensitive data

Currently, no fix or workaround is available.

https://github.com/FoundationAgents/MetaGPT/issues/1930
 4

CVE-2026-41353

23/4/2026

1/5/2026

OpenClaw

Access Control Bypass

8.1

A vulnerability has been detected in OpenClaw affecting all versions prior to 2026.3.22. Remote attackers with low privileges can compromise the system without requiring user interaction. If the attack is successful, it may allow the attacker to bypass access controls to access confidential data and interfere with profile operations within the system.

Currently, no fix or workaround is available.

https://www.vulncheck.com/advisories/openclaw-allowprofiles-bypass-via-profile-mutation-and-runtime-selection
5

CVE-2026-40491

18/4/2026

1/5/2026

gdown (Google Drive public file/folder downloader)

Path Traversal

6.5

A vulnerability has been detected in the gdown library affecting versions prior to 5.2.2. Attackers do not require system privileges, but user interaction is required. If the attack is successful, it may allow the attacker to write files outside the designated directory, which could lead to overwriting system files or executing malicious commands.

Update to the latest patch version.

https://www.oracle.com/security-alerts/cpuapr2026.html


 

 

Malware News or Campaign IOC/IOA | EN

No

Campaign Name

Detection Date

Attack

Type

  

Description

  

Mitigation/Remediation
1

Vidar infostealer evolves, uses image files for stealthy attacks

28/04/2026

Malware, Security Operations

     According to HackRead, hackers are embedding malicious code in common files such as JPEG images and text files to distribute a new version of the Vidar Infostealer. The malware has evolved from a simple password stealer into a multi-stage attack framework.

    The latest campaign uses social engineering to trick users via fake GitHub repositories, as well as platforms like Reddit, Discord, and compromised WordPress sites. Attackers disguise malicious commands as tools such as game cheats or CAPTCHA prompts to lure victims into executing them.

    The attack chain begins with VBScript and PowerShell, followed by downloading a Go-based loader. It then uses steganography to hide code within JPEG and TXT files, reconstructing the malware in memory through a fileless approach while leveraging legitimate Windows tools to evade detection.

    The malware targets sensitive data, including credentials, browser data, and cryptocurrency wallets, and exfiltrates the stolen information via Telegram and Cloudflare-fronted domains.
  • Avoid downloading files or executing commands from untrusted sources.
  • Keep systems and applications up to date
  • Strengthen user security awareness

Ref: https://www.scworld.com/brief/vidar-infostealer-evolves-uses-image-files-for-stealthy-attacks 

 

13 May 2026

Viewed 105 time

Engine by shopup.com