■■■■□ Is an "American" startup providing information security and privacy certifications actually an Indian company in disguise providing fake certifications?
Last weekend, a long article was published on the Substack blogging platform accusing the startup Delve of issuing fake information security and privacy certifications such as ISO 27001, HIPAA, SOC 2, to clients.
In the blog, written by a former Delve client, it is claimed that about two months ago internal information leaked from Delve's network gave a glimpse into the extensive fraud the startup is conducting while providing hundreds of companies with fake certifications through various entities in India that act as a rubber stamp.
The company denies the allegations in a post it published, claiming that it contains "inaccuracies" and that it does not provide certifications, but only helps clients prepare for the required certification audit, etc., etc.
If the fraud story turns out to be true, then hundreds of companies are allegedly exposed to legal/regulatory risk.
Companies use the certifications they received with Delve's help to prove to customers, regulators, etc., that they meet security and privacy requirements.
If the certifications and certification audits are fake or not independently verified, then many companies could be in serious trouble.
More on this story - here
Last weekend, a long article was published on the Substack blogging platform accusing the startup Delve of issuing fake information security and privacy certifications such as ISO 27001, HIPAA, SOC 2, to clients.
In the blog, written by a former Delve client, it is claimed that about two months ago internal information leaked from Delve's network gave a glimpse into the extensive fraud the startup is conducting while providing hundreds of companies with fake certifications through various entities in India that act as a rubber stamp.
The company denies the allegations in a post it published, claiming that it contains "inaccuracies" and that it does not provide certifications, but only helps clients prepare for the required certification audit, etc., etc.
If the fraud story turns out to be true, then hundreds of companies are allegedly exposed to legal/regulatory risk.
Companies use the certifications they received with Delve's help to prove to customers, regulators, etc., that they meet security and privacy requirements.
If the certifications and certification audits are fake or not independently verified, then many companies could be in serious trouble.
More on this story - here
❤1
■□□□□ Cyber-Fraud on Indian politician. Janasena MLA loses Rs 1.2M in fake RTA challan cyber fraud.
C Balaraju lost Rs 12 lakh in a cyber fraud after clicking a malicious APK link posing as an RTA challan. Andhra Pradesh Police registered a case and launched a probe into suspected organised gang involvement.https://telanganatoday.com/janasena-mla-loses-rs-12-lakh-in-fake-rta-challan-cyber-fraud
Telangana Today
Janasena MLA loses Rs 12 lakh in fake RTA challan cyber fraud
C Balaraju lost Rs 12 lakh in a cyber fraud after clicking a malicious APK link posing as an RTA challan. Andhra Pradesh Police registered a case and launched a probe into suspected organised gang involvement
😁2
■■■■□ Intel: These six locations are targets of IRGC in the upcoming days, in case their power stations are hit.
Reliability of the source is mediocre, so take it with the grain of salt 🧂
🔥6❤1⚡1🤯1😨1
The exploit chain used 6 Zero-Day vulnerabilities.
Software patch has been released. https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
Please open Telegram to view this post
VIEW IN TELEGRAM
Google Cloud Blog
The Proliferation of DarkSword: iOS Exploit Chain Adopted by Multiple Threat Actors | Google Cloud Blog
DarkSword is a new iOS exploit chain that leverages multiple zero-day vulnerabilities to fully compromise iOS devices.
■■■□□ OpenAI rolls out ChatGPT Library to store your personal files.
OpenAI is rolling out a new feature called 'Library' for ChatGPT, which allows you to store your personal files or images on OpenAI's cloud storage, so you can reference those items in a future chat.
https://www.bleepingcomputer.com/news/artificial-intelligence/openai-rolls-out-chatgpt-library-to-store-your-personal-files/
OpenAI is rolling out a new feature called 'Library' for ChatGPT, which allows you to store your personal files or images on OpenAI's cloud storage, so you can reference those items in a future chat.
https://www.bleepingcomputer.com/news/artificial-intelligence/openai-rolls-out-chatgpt-library-to-store-your-personal-files/
BleepingComputer
OpenAI rolls out ChatGPT Library to store your personal files
OpenAI is rolling out a new feature called 'Library' for ChatGPT, which allows you to store your personal files or images on OpenAI's cloud storage, so you can reference those items in a future chat.
👎2🤣2
cKure
Media is too big
VIEW IN TELEGRAM
■■■■■ A powerful iPhone-hacking technique known as DarkSword has been discovered in use by Russian hackers. It can take over devices running iOS 18 that simply visit infected websites.
❤1👍1
■■■■□ PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug
PTC Inc. is warning of a critical vulnerability in Windchill and FlexPLM, widely used product lifecycle management (PLM) solutions, that could allow remote code execution.
https://www.bleepingcomputer.com/news/security/ptc-warns-of-imminent-threat-from-critical-windchill-flexplm-rce-bug/
PTC Inc. is warning of a critical vulnerability in Windchill and FlexPLM, widely used product lifecycle management (PLM) solutions, that could allow remote code execution.
https://www.bleepingcomputer.com/news/security/ptc-warns-of-imminent-threat-from-critical-windchill-flexplm-rce-bug/
BleepingComputer
PTC warns of imminent threat from critical Windchill, FlexPLM RCE bug
PTC Inc. is warning of a critical vulnerability in Windchill and FlexPLM, widely used product lifecycle management (PLM) solutions, that could allow remote code execution.
🥴1
Media is too big
VIEW IN TELEGRAM
■■■■□ Archive: Story of a crypto hacker.
As of March 2026, Andean Medjedovic has hired a Washington, D.C. lobbying firm, paying $300,000 to seek a pardon from President Donald Trump. He’s still at large. His story began in 2021 at age 18, when he exploited Indexed Finance for $16 million and fled Canada. In 2023, he was linked to another $50 million crypto exploit involving KyberSwap. Arrested in Serbia in 2024, he spent 105 days in jail before being released after an extradition request from the Netherlands was denied. He then disappeared again. Medjedovic maintains his innocence, saying he didn’t hack or steal anything, he simply found flaws in the coding system and used it the way it was designed. As of December 2025, he is still moving millions of dollars in cryptocurrency and is believed to be hiding in the Balkans, facing up to 90 years if convicted.
🔥1🥱1🌚1
■■■□□ Ajax football club hack exposed fan data, enabled ticket hijack
Dutch professional football club Ajax Amsterdam (AFC Ajax) disclosed that a hacker exploited vulnerabilities in its IT systems and accessed data belonging to a few hundred people.
https://www.bleepingcomputer.com/news/security/ajax-football-club-hack-exposed-fan-data-enabled-ticket-hijack/
Dutch professional football club Ajax Amsterdam (AFC Ajax) disclosed that a hacker exploited vulnerabilities in its IT systems and accessed data belonging to a few hundred people.
https://www.bleepingcomputer.com/news/security/ajax-football-club-hack-exposed-fan-data-enabled-ticket-hijack/
BleepingComputer
Ajax football club hack exposed fan data, enabled ticket hijack
Dutch professional football club Ajax Amsterdam (AFC Ajax) disclosed that a hacker exploited vulnerabilities in its IT systems and accessed data belonging to a few hundred people.
■■■■□ Lockheed Martin responds to Iran-linked hackers' 48-hour ultimatum to staff
“We now possess the complete data of 28 senior American engineers,” hackers say, threatening to turn their homes into “missile targets”.
https://www.cyberdaily.au/security/13395-iran-linked-handala-hackers-deliver-48-hour-ultimatum-to-lockheed-martin-staff
“We now possess the complete data of 28 senior American engineers,” hackers say, threatening to turn their homes into “missile targets”.
https://www.cyberdaily.au/security/13395-iran-linked-handala-hackers-deliver-48-hour-ultimatum-to-lockheed-martin-staff
www.cyberdaily.au
Exclusive: Lockheed Martin responds to Iran-linked hackers' 48-hour ultimatum to staff
“We now possess the complete data of 28 senior American engineers,” hackers say, threatening to turn their homes into “missile targets”.
🤣3❤2🔥1🥱1🥴1