A security researcher discovered an SQL injection vulnerability in the Catwatchful stalkerware service, leading to the compromise of over 60,000 user accounts, including plaintext logins and passwords. After reporting the vulnerability, actions were taken to shut down the service and investigate its operators, highlighting the risks associated with such spyware applications.