Summary: A sophisticated cyber campaign has been identified utilizing the fasthttp library to conduct brute-force login attempts and spam multi-factor authentication (MFA) requests targeting Azure Active Directory environments. The campaign, which began showing signs on January 6, 2025, is primarily driven by malicious traffic from Brazil and aims to overwhelm security mechanisms to gain unauthorized access to user accounts.…
Read More
Summary: A malicious campaign exploiting Blogspot redirectors has been uncovered, facilitating the distribution of phishing pages and malware. This operation, part of the larger “ApateWeb” initiative, utilizes Blogspot’s reputation to mislead users through seemingly legitimate links. Researchers have identified advanced techniques used by attackers to evade detection and enhance the effectiveness of their scams.…
Read More
North Korean Lazarus Group Exposed for Using Fake Philippine Identities on LinkedIn
Summary: Cybersecurity researcher Dominic Alvieri has identified and reported the removal of fake LinkedIn profiles linked to the North Korean Lazarus Group, which were posing as recruiters. These fraudulent accounts, claiming affiliations with various companies and universities, aimed to deceive professionals into revealing sensitive information. The situation raises concerns for job seekers in the Philippines, emphasizing the need for vigilance against such scams.…
Read More
Telegram captcha tricks you into running malicious PowerShell scripts
Summary: Threat actors are exploiting news about Ross Ulbricht to lure users into a malicious Telegram channel, tricking them into executing PowerShell commands that install malware. This new variant of the “Click-Fix” tactic masquerades as a verification process, leveraging fake accounts to gain trust. Users are warned to be cautious of executing any commands copied from online sources, especially in PowerShell or the Windows Run dialog.…
Read More
Victim: Signal, Discord | Signal, Discord Price: N/A Data: User geolocation data

Keypoints :

0-click deanonymization attack capable of exposing user locations. Targets applications including Signal and Discord. Leverages caching mechanisms in Cloudflare’s infrastructure. Can infer user geolocations within a 250-mile radius without user interaction. Demonstrated on Signal by sending an attachment via CDN.…
Read More
BreachForums admin to be resentenced after appeals court slams supervised release
Summary: Conor Fitzpatrick, the founder of the cybercrime platform BreachForums, is set to be resentenced after a three-judge panel vacated a previous lenient sentence that allowed him to serve only 17 days in prison. The appellate court criticized the district court’s decision, which was influenced by Fitzpatrick’s age and autism diagnosis, for being “substantively unreasonable” given his extensive criminal activities.…
Read More
Cyber Insights 2025: APIs – The Threat Continues
Summary: SecurityWeek’s Cyber Insights 2025 highlights expert predictions regarding the increasing vulnerabilities associated with APIs as their usage expands. As organizations adopt more SaaS applications and AI-driven tools, APIs are becoming prime targets for cybercriminals, leading to a significant rise in API-related breaches. Experts emphasize the urgent need for improved API security measures to combat these evolving threats.…
Read More
Summary: A critical security vulnerability (CVE-2024-12857) has been identified in the AdForest WordPress theme, allowing attackers to bypass authentication and gain unauthorized access. This flaw affects all versions up to 5.1.8 and poses a significant risk to site security. Users are urged to update to version 5.1.9 to mitigate this threat.…
Read More
Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks
Summary: The rise of GenAI tools and SaaS platforms has significantly increased risks related to data exposure and identity vulnerabilities in the workplace. A new complimentary risk assessment is available to help organizations evaluate their specific browsing environment and identify key risks. This assessment provides actionable insights to enhance security posture and inform decision-making for security and IT teams.…
Read More
15-Year-Old Hacker Diverts Ships in Mediterranean Sea for Fun
Summary: A 15-year-old hacker from Cesena, Italy, initially sought to change his grades but escalated his activities to altering maritime routes in the Mediterranean Sea. His actions drew the attention of authorities after he compromised critical infrastructure, leading to an investigation. The Ministry of Education and Merit confirmed that their systems were not breached, but the hacker’s unauthorized access to other systems raised significant concerns.…
Read More
Email Bombing, ‘Vishing’ Tactics Abound in Microsoft 365 Attacks
Summary: Sophos X-Ops’ Managed Detection and Response (MDR) warns of ransomware attacks that utilize email bombing and vishing tactics through Microsoft Office 365. These attacks are attributed to two threat groups, STAC5143 and STAC5777, which have been active in recent months. The researchers emphasize the need for organizations to enhance their security measures and employee awareness to combat these evolving threats.…
Read More
Summary: Security researcher Joward has identified a critical buffer overflow vulnerability, CVE-2024-54887, in TP-Link TL-WR940N routers, which could allow attackers to execute arbitrary code. The vulnerability arises from improper validation of DNS server configuration parameters, specifically dnsserver1 and dnsserver2. Joward’s Proof of Concept (PoC) exploit demonstrates the potential for remote code execution using sophisticated techniques like Return Oriented Programming (ROP).…
Read More
HPE Investigates After Alleged Data Breach
Summary: Hewlett Packard Enterprise (HPE) is investigating claims made by the cyberattack group IntelBroker, which alleges it has stolen data from HPE’s network. The group claims to have accessed sensitive information, including source code and user data, and has a history of targeting major organizations. HPE is currently assessing the validity of these claims and has activated its cyber-response protocols.…
Read More
Tablas Island Electric Cooperative, Inc. (TIELCO) Suffers Data Breach, Employee and Customer Information Exposed
Summary: The Tablas Island Electric Cooperative, Inc. (TIELCO) in Romblon, Philippines, has experienced a significant data breach that exposed sensitive employee and customer information. The breach, attributed to the threat actor known as “Lootz” from Deathnote Hackers, raises serious concerns about the security of TIELCO’s critical infrastructure and billing systems.…
Read More