On April 16th, the Cybernews research team discovered an exposed server owned by a threat actor. The exposed information is controlled by a carding market called Jerry’s Store.
Here are the key findings:
- Jerry’s Store is a tool that provides credit card validity percentages. In other words, threat actors used this tool to check if stolen payment cards are still operational.
- Jerry’s Store operators used Cursor, an AI-assisted development environment, to set up the leaking server and administrator-facing dashboards.
- Researchers believe that relying on an AI assistant to set up the server was the main reason why it ended up exposed, and that the threat actor received flawed instructions for building the dashboards.
- “While in this case it helped identify credit card fraud-related abuse, it’s also a lesson for developers using Cursor for legitimate uses, showing how it can lead to accidental data leaks,” researchers said.
Researchers identified nearly 200K credit card details that the service deemed “invalid,” and over 145K counts of valid payment card information, including:
- Credit card numbers;
- Expiration dates;
- Security codes;
- Cardholder names;
- Cardholder addresses.
For more information, here’s the full report: https://cybernews.com/security/jerrys-store-vibecode-exposes-stolen-credit-cards
Like this:
Like Loading...
Related
This entry was posted on April 29, 2026 at 3:24 pm and is filed under Commentary with tags Cybernews. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Scammers leak details of 345K credit cards by vibecoding a server used to verify stolen credit cards
On April 16th, the Cybernews research team discovered an exposed server owned by a threat actor. The exposed information is controlled by a carding market called Jerry’s Store.
Here are the key findings:
Researchers identified nearly 200K credit card details that the service deemed “invalid,” and over 145K counts of valid payment card information, including:
For more information, here’s the full report: https://cybernews.com/security/jerrys-store-vibecode-exposes-stolen-credit-cards
Share this:
Like this:
Related
This entry was posted on April 29, 2026 at 3:24 pm and is filed under Commentary with tags Cybernews. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.