Summary: A sophisticated cyber campaign has been identified utilizing the fasthttp library to conduct brute-force login attempts and spam multi-factor authentication (MFA) requests targeting Azure Active Directory environments. The campaign, which began showing signs on January 6, 2025, is primarily driven by malicious traffic from Brazil and aims to overwhelm security mechanisms to gain unauthorized access to user accounts.…
Read More Category: Cyber Attack
Summary: A malicious campaign exploiting Blogspot redirectors has been uncovered, facilitating the distribution of phishing pages and malware. This operation, part of the larger “ApateWeb” initiative, utilizes Blogspot’s reputation to mislead users through seemingly legitimate links. Researchers have identified advanced techniques used by attackers to evade detection and enhance the effectiveness of their scams.…
Read More 
Summary: Cybersecurity researcher Dominic Alvieri has identified and reported the removal of fake LinkedIn profiles linked to the North Korean Lazarus Group, which were posing as recruiters. These fraudulent accounts, claiming affiliations with various companies and universities, aimed to deceive professionals into revealing sensitive information. The situation raises concerns for job seekers in the Philippines, emphasizing the need for vigilance against such scams.…
Read More 
Summary: Threat actors are exploiting news about Ross Ulbricht to lure users into a malicious Telegram channel, tricking them into executing PowerShell commands that install malware. This new variant of the “Click-Fix” tactic masquerades as a verification process, leveraging fake accounts to gain trust. Users are warned to be cautious of executing any commands copied from online sources, especially in PowerShell or the Windows Run dialog.…
Read More
Victim: Signal, Discord | Signal, Discord
Price: N/A
Data: User geolocation data
Read More Keypoints :
0-click deanonymization attack capable of exposing user locations. Targets applications including Signal and Discord. Leverages caching mechanisms in Cloudflare’s infrastructure. Can infer user geolocations within a 250-mile radius without user interaction. Demonstrated on Signal by sending an attachment via CDN.…
Summary: Conor Fitzpatrick, the founder of the cybercrime platform BreachForums, is set to be resentenced after a three-judge panel vacated a previous lenient sentence that allowed him to serve only 17 days in prison. The appellate court criticized the district court’s decision, which was influenced by Fitzpatrick’s age and autism diagnosis, for being “substantively unreasonable” given his extensive criminal activities.…
Read More
Summary: Recent vulnerabilities in Apache Ambari, a management platform for Hadoop clusters, expose systems to remote code execution and data breaches. The Apache Software Foundation identified three critical flaws, allowing attackers to access sensitive data and execute malicious code. Users are advised to update to the latest version to protect against these threats.…
Read More 
Summary: A supply chain attack on South Korean VPN provider IPany by the PlushDaemon hacking group resulted in the deployment of the SlowStepper malware through a compromised VPN installer. The attack affected multiple companies, including a semiconductor firm, with signs of infection dating back to November 2023.…
Read More 
Summary: SecurityWeek’s Cyber Insights 2025 highlights expert predictions regarding the increasing vulnerabilities associated with APIs as their usage expands. As organizations adopt more SaaS applications and AI-driven tools, APIs are becoming prime targets for cybercriminals, leading to a significant rise in API-related breaches. Experts emphasize the urgent need for improved API security measures to combat these evolving threats.…
Read More 
Summary: A phishing website mimicking Homebrew, an open-source package manager for macOS, has been discovered appearing in Google Search results, raising concerns about Google’s ad verification processes. The malicious site, which closely resembles the official Homebrew website, could install a backdoor on users’ systems, compromising their personal data.…
Read More 
Summary: A vulnerability in ChatGPT’s web crawler can be exploited to launch DDoS attacks on arbitrary websites by sending a single HTTP request to the ChatGPT API. Cybersecurity researcher Benjamin Flesch highlighted that this flaw allows the crawler to generate an overwhelming number of requests to a target site, potentially flooding it with traffic.…
Read More
Summary: A critical security vulnerability (CVE-2024-12857) has been identified in the AdForest WordPress theme, allowing attackers to bypass authentication and gain unauthorized access. This flaw affects all versions up to 5.1.8 and poses a significant risk to site security. Users are urged to update to version 5.1.9 to mitigate this threat.…
Read More 
Summary: The rise of GenAI tools and SaaS platforms has significantly increased risks related to data exposure and identity vulnerabilities in the workplace. A new complimentary risk assessment is available to help organizations evaluate their specific browsing environment and identify key risks. This assessment provides actionable insights to enhance security posture and inform decision-making for security and IT teams.…
Read More 
Summary: A 15-year-old hacker from Cesena, Italy, initially sought to change his grades but escalated his activities to altering maritime routes in the Mediterranean Sea. His actions drew the attention of authorities after he compromised critical infrastructure, leading to an investigation. The Ministry of Education and Merit confirmed that their systems were not breached, but the hacker’s unauthorized access to other systems raised significant concerns.…
Read More 
Summary: Sophos X-Ops’ Managed Detection and Response (MDR) warns of ransomware attacks that utilize email bombing and vishing tactics through Microsoft Office 365. These attacks are attributed to two threat groups, STAC5143 and STAC5777, which have been active in recent months. The researchers emphasize the need for organizations to enhance their security measures and employee awareness to combat these evolving threats.…
Read More
Summary: Security researcher Joward has identified a critical buffer overflow vulnerability, CVE-2024-54887, in TP-Link TL-WR940N routers, which could allow attackers to execute arbitrary code. The vulnerability arises from improper validation of DNS server configuration parameters, specifically dnsserver1 and dnsserver2. Joward’s Proof of Concept (PoC) exploit demonstrates the potential for remote code execution using sophisticated techniques like Return Oriented Programming (ROP).…
Read More 
Summary: Hewlett Packard Enterprise (HPE) is investigating claims made by the cyberattack group IntelBroker, which alleges it has stolen data from HPE’s network. The group claims to have accessed sensitive information, including source code and user data, and has a history of targeting major organizations. HPE is currently assessing the validity of these claims and has activated its cyber-response protocols.…
Read More 
Summary: The DONOT Team, an advanced persistent threat (APT) group, is utilizing two deceptive Android applications, “Tanzeem” and “Tanzeem Update,” to conduct intelligence-gathering operations against individuals and organizations in India. These apps masquerade as chat applications but are designed to exploit device permissions for data harvesting.…
Read More 
Summary: Rostelecom, a major Russian telecommunications provider, is investigating a suspected cyberattack after the hacker group Silent Crow claimed to have leaked customer data. The group published a data dump containing thousands of emails and phone numbers, allegedly stolen from a contractor responsible for Rostelecom’s corporate website.…
Read More 
Summary: The Tablas Island Electric Cooperative, Inc. (TIELCO) in Romblon, Philippines, has experienced a significant data breach that exposed sensitive employee and customer information. The breach, attributed to the threat actor known as “Lootz” from Deathnote Hackers, raises serious concerns about the security of TIELCO’s critical infrastructure and billing systems.…
Read More