ποΈ Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft's Direct Send feature to form a "highly efficient attack pipeline" in recent phishing campaigns, according to new findings from ReliaQuest. "Axios user agent activity surged 241 from June to August 2025, dwarfing the 85 growth of all other flagged user agents combined," the cybersecurity company said in a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Threat Actor Accidentally Exposes AI-Powered Operations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A threat actor accidentally revealed their AIpowered methods by installing Huntress security software.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Threat Actor Accidentally Exposes AI-Powered Operations
A threat actor accidentally revealed their AI-powered methods by installing Huntress security software
π 8 Red Flags AI SOC Canβt Protect You π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Everyone wants a magic button, like AI SOC. Press it, and boom every threat is caught, every breach is stopped, no ones pulling a 3 a.m. incident call. Thats the dream AI SOC vendors are selling a tireless, allknowing, nocoffeeneeded virtual analyst. The reality? Its closer to a selfdriving car in a snowstorm impressive The post 8 Red Flags AI SOC Cant Protect You appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
AI SOC Canβt Protect You: 8 Red Flags You Should Know
AI SOC promises faster threat detection, but the reality is full of blind spots. Discover 8 real-world red flags and expert tips
π’ FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The Salt Typhoon hacker group has waged several major campaigns against US telecoms companies and critical infrastructure operators now it's ramping up attacks globally.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries
The agency has issued an advisory on the China-linked Salt Typhoon hacker group
π¦
LunoBotnet: A Self-Healing Linux Botnet with Modular DDoS and Cryptojacking Capabilities π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Executive Summary In a deepdive analysis, Cyble Research and Intelligence Labs CRIL identified an ongoing inthewild Linux botnet campaign, which we have dubbed Luno. This campaign combines cryptocurrency mining, remote command execution, and modular DDoS attack capabilities. Additionally, it uses watchdogbased respawning and unusually strong antianalysis defences into a single malware framework, indicating active professional threat actor involvement. Unlike conventional cryptominers or DDoS botnets, LunoC2 exhibits process masquerading, binary replacement, and a selfupdate system, suggesting the malware is designed as a longterm criminal infrastructure tool. Based on frequent updates to attack modules, it appears to be actively evolving and being augmented with new functional...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
LunoBotnet:-A-Self-Healing Linux Botnet
LunoBotnet is an actively evolving Linux botnet combining crypto-mining and DDoS with modular updates and monetization.
π’ FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The Salt Typhoon hacker group has waged several major campaigns against US telecoms companies and critical infrastructure operators now it's ramping up attacks globally.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries
The agency has issued an advisory on the China-linked Salt Typhoon hacker group
π Salty2FA Phishing Kit Unveils New Level of Sophistication π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Salty2FA Phishing Kit Unveils New Level of Sophistication
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations
ποΈ RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new Android malware called RatOn has evolved from a basic tool capable of conducting Near Field Communication NFC relay attacks to a sophisticated remote access trojan with Automated Transfer System ATS capabilities to conduct device fraud. "RatOn merges traditional overlay attacks with automatic money transfers and NFC relay functionality making it a uniquely powerful threat,".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Salty2FA Phishing Kit Unveils New Level of Sophistication π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Salty2FA Phishing Kit Unveils New Level of Sophistication
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations
π Salty2FA Phishing Kit Unveils New Level of Sophistication π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Salty2FA Phishing Kit Unveils New Level of Sophistication
Salty2FA phishing campaign showcases advanced techniques and professionalism of cybercrime operations
π’ Salesloft Drift hackers had access to company GitHub account for months before attacks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Hackers behind the Salesloft Drift breach had access to the companys GitHub account for several months before waging a flurry of attacks, the company has revealed.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Salesloft Drift hackers had access to company GitHub account for months before attacks
Dozens of large enterprises have been impacted by the Salesloft Drift breach
π’ Salesloft Drift hackers had access to company GitHub account for months before attacks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Hackers behind the Salesloft Drift breach had access to the companys GitHub account for several months before waging a flurry of attacks, the company has revealed.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Salesloft Drift hackers had access to company GitHub account for months before attacks
Dozens of large enterprises have been impacted by the Salesloft Drift breach
π’ FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The Salt Typhoon hacker group has waged several major campaigns against US telecoms companies and critical infrastructure operators now it's ramping up attacks globally.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries
The agency has issued an advisory on the China-linked Salt Typhoon hacker group
π’ FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The Salt Typhoon hacker group has waged several major campaigns against US telecoms companies and critical infrastructure operators now it's ramping up attacks globally.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
FBI warns 'indiscriminate' Salt Typhoon hacking campaign has hit organizations in more than 80 countries
The agency has issued an advisory on the China-linked Salt Typhoon hacker group
ποΈ [Webinar] Shadow AI Agents Multiply Fast β Learn How to Detect and Control Them ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
One click is all it takes. An engineer spins up an experimental AI Agent to test a workflow. A business unit connects to automate reporting. A cloud platform quietly enables a new agent behind the scenes. Individually, they look harmless. But together, they form an invisible swarm of Shadow AI Agentsoperating outside securitys line of sight, tied to identities you dont even know exist.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Open Source Community Thwarts Massive npm Supply Chain Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source community.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Open Source Community Thwarts Massive npm Supply Chain Attack
What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source community
π Open Source Community Thwarts Massive npm Supply Chain Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source community.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Open Source Community Thwarts Massive npm Supply Chain Attack
What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source community
π Threat Actor Accidentally Exposes AI-Powered Operations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A threat actor accidentally revealed their AIpowered methods by installing Huntress security software.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Threat Actor Accidentally Exposes AI-Powered Operations
A threat actor accidentally revealed their AI-powered methods by installing Huntress security software
π Open Source Community Thwarts Massive npm Supply Chain Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source community.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Open Source Community Thwarts Massive npm Supply Chain Attack
What could have been a historic supply chain attack seems to have been averted due to the rapid response of the open source community
π Threat Actor Accidentally Exposes AI-Powered Operations π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A threat actor accidentally revealed their AIpowered methods by installing Huntress security software.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Threat Actor Accidentally Exposes AI-Powered Operations
A threat actor accidentally revealed their AI-powered methods by installing Huntress security software
ποΈ Axios Abuse and Salty 2FA Kits Fuel Advanced Microsoft 365 Phishing Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors are abusing HTTP client tools like Axios in conjunction with Microsoft's Direct Send feature to form a "highly efficient attack pipeline" in recent phishing campaigns, according to new findings from ReliaQuest. "Axios user agent activity surged 241 from June to August 2025, dwarfing the 85 growth of all other flagged user agents combined," the cybersecurity company said in a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity