π¦Ώ Cybercriminals βGrokβ Their Way Past Xβs Defenses to Spread Malware π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Hackers exploit Xs Grok AI to spread malware via promoted ads, exposing millions to malicious links in a scheme researchers call Grokking.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Cybercriminals βGrokβ Their Way Past Xβs Defenses to Spread Malware
Hackers exploit Xβs Grok AI to spread malware via promoted ads, exposing millions to malicious links in a scheme researchers call βGrokking.β
π€1
ποΈ TAG-150 Develops CastleRAT in Python and C, Expanding CastleLoader Malware Operations ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The threat actor behind the malwareasaservice MaaS framework and loader called CastleLoader has also developed a remote access trojan known as CastleRAT. "Available in both Python and C variants, CastleRAT's core functionality consists of collecting system information, downloading and executing additional payloads, and executing commands via CMD and PowerShell," Recorded Future Insikt Group.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
π Bridgestone Confirms "Limited Cyber Incident" Impacting Facilities in North America π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Bridgestone Americas confirmed the incident but has not detailed the scope of the attack.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Bridgestone Confirms "Limited Cyber Incident" Impacting Facilities in North America
Bridgestone Americas confirmed the incident but has not detailed the scope of the attack
ποΈ CISA Orders Immediate Patch of Critical Sitecore Vulnerability Under Active Exploitation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Federal Civilian Executive Branch FCEB agencies are being advised to update their Sitecore instances by September 25, 2025, following the discovery of a security flaw that has come under active exploitation in the wild. The vulnerability, tracked as CVE202553690, carries a CVSS score of 9.0 out of a maximum of 10.0, indicating critical severity. "Sitecore Experience Manager XM, Experience.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
βοΈ GOP Cries Censorship Over Spam Filters That Work βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
The chairman of the Federal Trade Commission FTC last week sent a letter to Google's CEO demanding to know why Gmail was blocking messages from Republican senders while allegedly failing to block similar missives supporting Democrats. The letter followed media reports accusing Gmail of disproportionately flagging messages from the GOP fundraising platform WinRed and sending them to the spam folder. But according to experts who track daily spam volumes worldwide, WinRed's messages are getting blocked more because its methods of blasting email are increasingly way more spammy than that of ActBlue, the fundraising platform for Democrats.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
GOP Cries Censorship Over Spam Filters That Work
The chairman of the Federal Trade Commission (FTC) last week sent a letter to Google's CEO demanding to know why Gmail was blocking messages from Republican senders while allegedly failing to block similar missives supporting Democrats. The letter followedβ¦
ποΈ Noisy Bear Targets Kazakhstan Energy Sector With BarrelFire Phishing Campaign ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A threat actor possibly of Russian origin has been attributed to a new set of attacks targeting the energy sector in Kazakhstan. The activity, codenamed Operation BarrelFire, is tied to a new threat group tracked by Seqrite Labs as Noisy Bear. The threat actor has been active since at least April 2025. "The campaign is targeted towards employees of KazMunaiGas or KMG where the threat entity.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Malicious npm Packages Impersonate Flashbots, Steal Ethereum Wallet Keys ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new set of four malicious packages have been discovered in the npm package registry with capabilities to steal cryptocurrency wallet credentials from Ethereum developers. "The packages masquerade as legitimate cryptographic utilities and Flashbots MEV infrastructure while secretly exfiltrating private keys and mnemonic seeds to a Telegram bot controlled by the threat actor," Socket researcher.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π NPM Supply Chain Attack That Shook Devs (But Barely Paid Hackersβ Bills) π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
If youve been anywhere near developer Twitter sorry, X this week, youve probably seen the headlines Largest NPM supply chain hack in history. Sounds apocalyptic, right? Millions of developers at risk, billions of downloads compromised and yet the attackers managed to steal less money than your average Starbucks order. Lets break this down. What Happened The post NPM Supply Chain Attack That Shook Devs But Barely Paid Hackers Bills appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Largest NPM Supply Chain Attack : Billions of Downloads
Largest NPM Supply Chain Hack: Hackers compromised 18 NPM packages. Hereβs what happened, why it matters, and how to protect your code.
β€2
βοΈ Microsoft Patch Tuesday, September 2025 Edition βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zeroday" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft's mostdire "critical" label. Meanwhile, both Apple and Google recently released updates to fix zeroday bugs in their devices.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Microsoft Patch Tuesday, September 2025 Edition
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zero-day" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includesβ¦
βοΈ Microsoft Patch Tuesday, September 2025 Edition βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zeroday" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includes patches for 13 flaws that earned Microsoft's mostdire "critical" label. Meanwhile, both Apple and Google recently released updates to fix zeroday bugs in their devices.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Microsoft Patch Tuesday, September 2025 Edition
Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known "zero-day" or actively exploited vulnerabilities in this month's bundle from Redmond, which nevertheless includesβ¦
π Threat Actor Accidentally Exposes AI-Powered Operations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A threat actor accidentally revealed their AIpowered methods by installing Huntress security software.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Threat Actor Accidentally Exposes AI-Powered Operations
A threat actor accidentally revealed their AI-powered methods by installing Huntress security software
π Threat Actor Accidentally Exposes AI-Powered Operations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A threat actor accidentally revealed their AIpowered methods by installing Huntress security software.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Threat Actor Accidentally Exposes AI-Powered Operations
A threat actor accidentally revealed their AI-powered methods by installing Huntress security software
ποΈ Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft's Direct Send feature to form a "highly efficient attack pipeline" in recent phishing campaigns, according to new findings from ReliaQuest. "Axios user agent activity surged 241 from June to August 2025, dwarfing the 85 growth of all other flagged user agents combined," the cybersecurity company said in a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Threat Actor Accidentally Exposes AI-Powered Operations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A threat actor accidentally revealed their AIpowered methods by installing Huntress security software.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Threat Actor Accidentally Exposes AI-Powered Operations
A threat actor accidentally revealed their AI-powered methods by installing Huntress security software
π 8 Red Flags AI SOC Canβt Protect You π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Everyone wants a magic button, like AI SOC. Press it, and boom every threat is caught, every breach is stopped, no ones pulling a 3 a.m. incident call. Thats the dream AI SOC vendors are selling a tireless, allknowing, nocoffeeneeded virtual analyst. The reality? Its closer to a selfdriving car in a snowstorm impressive The post 8 Red Flags AI SOC Cant Protect You appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
AI SOC Canβt Protect You: 8 Red Flags You Should Know
AI SOC promises faster threat detection, but the reality is full of blind spots. Discover 8 real-world red flags and expert tips
π’ FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The Salt Typhoon hacker group has waged several major campaigns against US telecoms companies and critical infrastructure operators now it's ramping up attacks globally.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries
The agency has issued an advisory on the China-linked Salt Typhoon hacker group
π¦
LunoBotnet: A Self-Healing Linux Botnet with Modular DDoS and Cryptojacking Capabilities π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Executive Summary In a deepdive analysis, Cyble Research and Intelligence Labs CRIL identified an ongoing inthewild Linux botnet campaign, which we have dubbed Luno. This campaign combines cryptocurrency mining, remote command execution, and modular DDoS attack capabilities. Additionally, it uses watchdogbased respawning and unusually strong antianalysis defences into a single malware framework, indicating active professional threat actor involvement. Unlike conventional cryptominers or DDoS botnets, LunoC2 exhibits process masquerading, binary replacement, and a selfupdate system, suggesting the malware is designed as a longterm criminal infrastructure tool. Based on frequent updates to attack modules, it appears to be actively evolving and being augmented with new functional...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
LunoBotnet:-A-Self-Healing Linux Botnet
LunoBotnet is an actively evolving Linux botnet combining crypto-mining and DDoS with modular updates and monetization.
π’ FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The Salt Typhoon hacker group has waged several major campaigns against US telecoms companies and critical infrastructure operators now it's ramping up attacks globally.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries
The agency has issued an advisory on the China-linked Salt Typhoon hacker group
π Salty2FA Phishing Kit Unveils New Level of Sophistication π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Salty2FA Phishing Kit Unveils New Level of Sophistication
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations
ποΈ RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new Android malware called RatOn has evolved from a basic tool capable of conducting Near Field Communication NFC relay attacks to a sophisticated remote access trojan with Automated Transfer System ATS capabilities to conduct device fraud. "RatOn merges traditional overlay attacks with automatic money transfers and NFC relay functionality making it a uniquely powerful threat,".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Salty2FA Phishing Kit Unveils New Level of Sophistication π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Salty2FA Phishing Kit Unveils New Level of Sophistication
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations