Someone uploaded malware on NuGet in 2023 that destroys systems in 2027 and 2028
That's quite the long game!!!
socket.dev/blog/9-malicious-nu…
reshared this
Russian authorities have filed charges against a 20-year-old man for deliberately searching the internet for extremist content—Ukraine's Azov battalion.
This is Russia's first case for such a crime under a law that entered into effect in September.
«Первый случай в области»: молодого свердловского медика судят по новой статье
В Каменске-Уральском (Свердловская область) под суд попал 20-летний сотрудник медучреждения, которого обвиняют в умышленном поиске экстремистских материалов в Сети (ст. 13.53 КоАП РФ).Сергей Бодров (URA.RU)
reshared this
-Top UK mobile carriers will block spoofed phone numbers starting next year
-Six telcos to participate
-Network upgrades underway
-Telcos will mark calls coming from abroad to prevent scams
-Also roll out "advanced call tracing technology" to let police hunt down scammers
gov.uk/government/news/spoofed…
Spoofed numbers blocked in crackdown on scammers
Scammers who fake their numbers to trick the public out of their cash will be exposed in a major upgrade of mobile networks.Home Office (GOV.UK)
reshared this
:" title="
:"/>
Google is rolling out a dedicated form to allow businesses listed on Google Maps to report threat actors who post bad reviews and demand ransoms to remove the negative comments.
blog.google/technology/safety-…
Our latest fraud and scams advisory
An overview from Google’s Trust & Safety teams on the most recent online scam trends.Laurie Richardson (Google)
reshared this
Five members of the Bai crime family were sentenced to death this week in China for their role in Myanmar scam compounds
spp.gov.cn/spp/zdgz/202511/t20…
11 Ming crime family members were sentenced to death in Sep.
spp.gov.cn/spp/zdgz/202509/t20…
Members of two other crime families are also in custody (Wei and Liu)
garwarner.blogspot.com/2025/10…
Scam Compound Operators: Members of The Four Great Families sentenced to death in China
A blog about cybercrime and fraud and the cases and criminals related to those crimes. BEC, scams, fraud, spam, phishing and malwaregarwarner.blogspot.com
reshared this
BPFDoor found on the network of hacked South Korean telco KT
en.yna.co.kr/view/AEN202511060…
(LEAD) Investigation shows KT concealed malware infections, security failures leading to hacking breach
SEOUL, Nov. 6 (Yonhap) -- KT Corp., South Korea's second-largest mobile carrier,...Chang Dong-woo (Yonhap News Agency)
reshared this
Four Pakistani senators have fallen victim to online scammers, losing between $1,700 and $3,000 to schemes requesting money for various projects.
The lawmakers blamed the country's cybercrime investigations agency for failing to act and investigate the cases.
tribune.com.pk/story/2576116/f…
Four senators reveal they were targeted by scammers
Multiple senators revealed they had been defrauded sensitive portions of agenda held privatelyNaeem Asghar (The Express Tribune)
reshared this
A South Korean activist specialized in North Korean human rights affairs has been hacked.
Hackers infected their PC with malware and then sent malicious links to the target's KakaoTalk contacts.
South Korean police suspect a North Korean APT group
koreajoongangdaily.joins.com/n…
Human rights activist's computer hacked — possibly by North Koreans
Police are investigating a suspected malware attack linked to a North Korean hacking group after a human rights activist reported their computer had been used to send an infected file to multiple contacts.Korea JoongAng Daily
reshared this
AhnLab looks at the new Cephalus ransomware, a strain first seen in August.
The group leverages RDP accounts for initial access and operates a dark web leak site that hasn't been updated in more than two months, suggesting the group might have disbanded already.
An Unerring Spear: Cephalus Ransomware Analysis - ASEC
An Unerring Spear: Cephalus Ransomware Analysis ASECATCP (AhnLab)
reshared this
Additional IOCs are available on AhnLab TIP.
Oh yeah, that's why they aren't in my RSS list anymore.
Proofpoint has spotted a new Iranian APT group—UNK_SmudgedSerpent.
The group's TTPs overlap with many other Iranian groups, showing some sort of collaboration, personnel movement, or similar training/contractors.
proofpoint.com/us/blog/threat-…
Crossed wires: a case study of Iranian espionage and attribution | Proofpoint US
Proofpoint would like to thank Josh Miller for his initial research on UNK_SmudgedSerpent and contribution to this report. Key findings Between June and August 2025,Proofpoint
reshared this
Two US senators have introduced a bill that would require US companies and federal agencies to report the number of workers they fired and replaced with AI technology.
The data would be compiled by the Dept. of Labor and released via a public report.
reshared this
1) This is not going to pass.
2) Even if it does pass, it is not going to achieve what it aims to achieve.
3) It will hurt companies that are innocent and companies that are guilty will get around it.
Typical US government job.
NVISO has linked VShell to UNC5174, a cyber contractor for the Chinese MSS
nviso.eu/blog/nviso-analyzes-v…
NVISO analyzes VShell post-exploitation tool
NVISO has actively tracked VShell for months, a Chinese-language intrusion tool used in espionage campaigns. NVISO has actively tracked VShell for months, a Chinese-language intrusion tool used in espionage campaigns.NVISO
reshared this
Repeat after me: Do not fill in and sync your government ID data to your Google account
blog.google/products/chrome/en…
Chrome now helps you fill in passport, driver’s license, vehicle information and more.
Chrome already saves you time every day by securely filling in your addresses, passwords and payment information. Today, we’re making it even more helpful.Nico Jersch (Google)
reshared this
CISA's election day monitoring room was not stood up yesterday for the first time in years
According to Bloomberg, remaining CISA election security staff, who have not been fired, have been "prohibited" from contacting state election officials.
reshared this
-US indicts two rogue cybersecurity employees for ransomware attacks
-Hackers extort massage parlor visitors
-Balancer hacked for $128 million
-Cargo thieves use hackers to go after trucking and freight companies
-UPenn hack gets feisty
-Major breach in Poland, at SuperGrosz
-Australia expands kids social media ban to Reddit and Kick
-SMS blaster detained in Cambodia
-Scammers arrested in Europe
Podcast: risky.biz/RBNEWS500/
Newsletter: news.risky.biz/risky-bulletin-…
US indicts two rogue cybersecurity employees for deploying ransomware
In other news: Hackers extort massage parlor visitors; Balancer hacked for $128 million; cargo thieves use hackers to go after trucking and freight companies.Catalin Cimpanu (Risky.Biz)
reshared this
@GossiTheDog And on a post where you've double-spaced after the full stop like it's 1965.
How embarrassing.
-Twitter to show more user info
-US to face-scan all foreign travelers
-MrICQ arrested
-US sanctions DPRK money launderers
-India arrests CCTV hackers
-SesameOp malware abuses OpenAI API
-Curly COMrades APT returns
-AMD patches RDSEED failures
-Microsoft patches Teams bugs
-Android and Apple security updates
-KASLR not working on Android
-USENIX Security videos
Catalin Cimpanu reshared this.
the location can be changed to show the region / continent if you don't want to show the country.
Settings > Privacy and safety > About your account
- So, uhh... how's the laying off of so many infosec professionals turning out?
Some folks got security debt piling up?
iOS security updates: support.apple.com/en-us/100100
Android security updates: source.android.com/docs/securi…
Start patching!
Apple security releases - Apple Support
This document lists security updates and Rapid Security Responses for Apple software.Apple Support
reshared this
Chipmaker AMD has confirmed a major security bug in the RDSEED entropy generator impacting Zen 5 processors.
The RDSEED process has been failing to produce random numbers on Linux systems.
AMD is planning to release patches through November for all affected CPU models.
reshared this
How the fuck is this not caught in QA for something like this?
AMD was notified of a bug in “Zen 5” processors that may cause the RDSEED instruction to return 0 at a rate inconsistent with randomness while incorrectly signaling success (CF=1), indicating a potential misclassification of failure as success.
Cybersecurity engineer Aditya Tiwari has released SlopGuard, a tool to detect AI-hallucinated package dependencies and supply chain attacks
reshared this
KELA has published a profile on a hacker who goes online under multiple names, but is referenced in this report as 303, their username on the old BreachForums.
KELA believes the suspect, a prolific leaker, is a Spanish-speaking user based in Uruguay.
kelacyber.com/blog/threat-acto…
Threat Actor 303 Exposed: Many Faces, One Hacker
KELA reveals how a cybercriminal known as “303” used multiple aliases, forums, and Telegram channels to claim global breaches and build underground influence.KELA Cyber Intelligence Center (kelacyber)
reshared this
en.wikipedia.org/wiki/Kela_(in…
Open Measures looks at a VK spam campaign promoting EditaPapers, an essay-writing service that likely uses generative AI.
The campaign has posted a whopping 200,000 times since June by abusing the VK API.
blog.openmeasures.io/p/network…
Network of VK Pages Blitzes Platform with Posts Promoting AI Essay-Writing Services
The pages appear linked to a Cyprus company and posted more than 200,000 times last yearOpen Measures (Open Measures Newsletter)
reshared this
Talks from the USENIX Security 2025 security conference, which took place in August, are now available on YouTube
youtube.com/playlist?list=PLbR…
USENIX Security '25 (Paper Presentations)
Partagez vos vidéos avec vos amis, vos proches et le monde entierYouTube
reshared this
-Norway finds remote control features in its Chinese electric buses
-CyberCorps program freeze threatens students with huge loans
-Chrome gets a scareware blockers
-Conti member extradited to US
-BlueSky to test dislike button
-arXiv will block AI slop in its computer science cateogry
-Iranian hackers leak Israeli defense contractor data
-Garden hacked for $10.8m
-CFPB ends Meta investigation
Newsletter: news.risky.biz/risky-bulletin-…
Podcast: risky.biz/RBNEWS499/
Risky Bulletin: Norway skittish of its Chinese electric buses
In other news: CyberCorps program freeze threatens students with huge loans; Chrome and Edge get scareware blockers; Conti member extradited to US.Catalin Cimpanu (Risky.Biz)
reshared this
-Russia blocks new Telegram and WhatsApp registrations
-Russia may force companies to replace foreign software
-Thai police arrest fleeing scammers
-Cambodia raids scam compound
-Singapore seizes $115m of scam tycoon's funds
-764 group leader charged in US
-AFP stands up two cybercrime task forces
-Woman stuck in Mauritius for 5 years after cyber charge
-Couple loses fortune to scammers
-BadCandy flourishes in Australia
reshared this
-Open VSX rotate leaked creds
-ZeroAccess botnet dev is now a software dev
-New Katreus miner
-Malware reports on Aura Stealer, SectopRAT, SleepyDuck RAT, OysterLoader
-Operation SkyCloak targets Russian, Belarusian militaries
-DarkHotel was pretty active this summer
-Kimsuky's new HttpTroy backdoor
-Linux bug exploited by ransomware groups
-GameMaker IDE vulnerability
-New agent session smuggling attack
-Infosec drama, episode 28,311
A Canadian couple has lost CAD$1 million (USD$710,000) to online scammers.
The couple, in their 70s, fell victim to a tech support scam that showed error messages on their laptop and then got daily calls from the scammers until they ran out of money
ctvnews.ca/toronto/consumer-al…
‘We’re devastated’: Ontario seniors give away more than $1 million to scammers
Fraud and cybercrime cost Canadians more than $630 million last year, with many of the victims being seniors.Pat Foran (CTVNews)
reshared this
That's heartbreaking. And it can happen to anyone. Cashing out their retirement accounts and owing taxes on that really adds to the brutality of it all.
I hope they're able to trace and recover some of it, and that the perpetrators are caught.
Thai authorities have arrested 24 individuals working on online scams at a villa near Bangkok.
Officials say the scammers fled from Myanmar after the neighboring country began cracking down on scam compound operations last month.
reshared this
A Canadian woman has been stuck in Mauritius for the past five years after her former husband accused her of hacking his email and had her passport seized by the Canadian consul, which now refuses it to return it because of more mysterious hacking charges
theglobeandmail.com/world/arti…
Canadian woman stuck since 2021 in Indian Ocean country after passport withheld
Mauritian authorities have not released her passport even though a cybercrime charge against her was withdrawn in MarchGeoffrey York (The Globe and Mail)
reshared this
The author of the now-defunct ZeroAccess botnet appears to have reformed and is a legitimate software developer now
r136a1.dev/2025/10/28/zeroacce…
The ZeroAccess Developer and His Windows Kernel-Mode Debugger
You might remember ZeroAccess, one of the largest and most advanced P2P botnets that ever existed. It first appeared around 2009 in form of a kernel-mode rootkit focused on click fraud and was later used for bitcoin mining.R136a1
reshared this
Chrome and Edge v142 are out, both with new LLM-based systems for spotting scams and scareware
developer.chrome.com/release-n…
blogs.windows.com/msedgedev/20…
Chrome 142 | Release notes | Chrome for Developers
The :target-before and :target-after pseudo-classes, range syntax for container queries, and more.Chrome for Developers
reshared this
Russian telecom operators are blocking calls and SMS messages used by Telegram and WhatsApp two-factor authentication service.
The blocking is also affecting new user account registrations
kod.ru/telegram-i-whatsapp-bez…
Эксклюзив: в России ограничили регистрацию пользователей в Telegram и WhatsApp*
От российских операторов потребовали прекратить передачу SMS и звонков со стороны Telegram и WhatsApp*Влад Войтенко (Код Дурова)
reshared this
They are blocking Delta Chat registrations as well.
chaos.social/@delta/1154338544…
We are aware of roskomnadzor just having ramped up their blocking efforts in #russia against #deltachat 's default onboarding chatmail relay. Signal, Whatsapp are degraded/blocked for a longer time already.1) Delta Chat has first class shadow-socks proxy support (try ss:// links you can find ... Delta has management-proxy UX)
2) many other chatmail relays work fine and inter-chatmail/email server traffic continues unimpeded
3) if you can help with analyzing please drop into our DMs.
Interesting. Telegram founder Pavel Durov has been avoiding Russia for years now, but the last thing I heard about him was that it was suggested he switched sides and that he was now in league with Putin. But with Telegram authentication being blocked, we have to assume that this is not (or no longer) the case.
The Eclipse Foundation says it contained the GlassWorm that was spreading on OpenVSX.
It also rotated creds for a bunch of developers that leaked their OpenVSX publishing tokens.
blogs.eclipse.org/post/mika%C3…
Open VSX security update, October 2025
Over the past few weeks, the Open VSX team and the Eclipse Foundation have been responding to reports of leaked tokens and related malicious activity involving certain extensions hosted on the Open VSX Registry.Eclipse Foundation Staff Blogs
reshared this
The Garden DeFi platform, which launders funds hacked from other crypto platforms, has been hacked
Investigations by ZachXBT
Garden Finance was likely exploited for $10.8M+ on multiple chains. An address related to the team sent a message onchain to the alleged exploiter offering a 10% whitehat bounty but has yet to comment publicly on the incident.Telegram
reshared this
informapirata ⁂ likes this.
informapirata ⁂ reshared this.
[ITA] Denis Roio - Codice 22/08/2025
Imprenditore e hacktivist, Denis Roio, sull'origine delle culture digitali
raiplay.it/programmi/codice-la…
Originally published on
Codice - La vita è digitale - RaiPlay
Quali sono le rotte del mondo connesso e qual è il progetto umano nell'Era digitale?RaiPlay
Lorenzo likes this.
reshared this
Öcalan: il Rojava è la mia linea rossa
Pervin Buldan, esponente della delegazione di Imralı, ha affermato che Öcalan ha ripetutamente sottolineato che “il Rojava è la mia linea rossa”, aggiungendo: “Escludere i curdi ed eliminare i loro successi non porterà alcun beneficio alla Turchia”. Pervin Buldan della delegazione di Imralı del partito DEM, ha parlato a JINTV del processo di pace e della società democratica e dell’ultimo incontro con Öcalan.
Öcalan: il Rojava è la nostra linea rossa
Pervin Buldan ha affermato che Abdullah Öcalan ha espresso valutazioni sulla Siria settentrionale e orientale e sugli sviluppi in Siria. Ha spiegato che Öcalan ha discusso di questi temi con la delegazione statale, aggiungendo: “Con noi, con la delegazione del DEM, ha parlato solo di politica turca, ma so che lo ha ripetuto più volte: ‘Siria e Rojava sono la mia linea rossa. Per me, quel posto è diverso'”.
Ha sollevato questo punto sulla Siria più volte. Oltre a ciò, tuttavia, vorrei sottolineare che non ha espresso con noi valutazioni sulla Siria e sul Rojava. Ne ha discusso principalmente con la delegazione statale, ha dibattuto la questione lì e ha persino affermato che, se si fossero presentate l’opportunità e le circostanze avrebbe ritenuto importante stabilire una comunicazione anche con loro.
Sì, ha sottolineato più volte l’importanza della comunicazione con il Rojava. Ha espresso il desiderio di parlare con loro, dibattere con loro e valutare insieme quale percorso intraprendere e quale decisione prendere. “Questo non è ancora avvenuto, ma se in futuro si faranno progressi e si creerà un’opportunità del genere, magari attraverso incontri e contatti con i funzionari del Rojava, crediamo che la questione sarà risolta più facilmente”.
Pervin Buldan ha anche richiamato l’attenzione sulle dichiarazioni del governo sulla Siria settentrionale e orientale, commentando: “La Turchia, in questo senso, sulla questione del Rojava e della Siria, deve schierarsi dalla parte del popolo curdo”.
Escludere i curdi, lanciare un’operazione contro di loro o vanificare i successi del popolo curdo non porta alcun vantaggio alla Turchia, e nemmeno i curdi in Turchia lo accetteranno. Questo deve essere compreso chiaramente e credo che sia necessario pensare in modo più razionale e prendere decisioni corrette per risolvere la questione attraverso il giusto percorso e metodo.
Pertanto, anche la Turchia monitora attentamente gli sviluppi in Siria, gli accordi, i negoziati con il governo di Damasco, ecc. Ma i curdi sono estremamente sensibili a questo tema. Il Rojava è la zona più sensibile del popolo curdo. Quindi, non importa quanti passi facciamo verso la democratizzazione in Turchia, anche la più piccola perdita in Rojava, o un’operazione militare in quella zona, causerebbe una grande devastazione tra il popolo curdo. Un simile approccio non sarebbe accettato. Nessuno lo accetterebbe. Soprattutto, il signor Öcalan non lo accetterebbe. Quindi non importa quanti passi facciamo verso la democratizzazione in Turchia, anche la più piccola perdita in Rojava, o un’operazione militare in quella zona, causerebbe una grande devastazione tra il popolo curdo. Un simile approccio non sarebbe accettato. Nessuno lo accetterebbe. Soprattutto, il signor Öcalan non lo accetterebbe.
Credo che se la Turchia affronta questa questione con un’intesa che la vede al fianco del popolo curdo, ne rispetta i successi e ne riconosce il diritto a vivere in ogni regione con le proprie conquiste, la propria lingua, identità e cultura, e cerca di risolvere la questione su basi democratiche, legali e costituzionali, allora sarà la Turchia stessa a guadagnarci. In questo modo, non partendo da una situazione di perdita o di perdita, ma partendo da una situazione di vittoria e di aiuto agli altri, una comprensione e un consenso comuni possono effettivamente risolvere questa questione.
Tre concetti chiave
Pervin Buldan ha affermato che Öcalan ha sottolineato tre concetti chiave: “Possiamo pensare alle questioni della società democratica, della pace e dell’integrazione come a un unico pacchetto. Considerarle separatamente o scollegate l’una dall’altra sarebbe un errore, sarebbe sbagliato. Öcalan ha sottolineato l’importanza di adottare misure rapide e sincronizzate che possano intrecciare tutti questi aspetti e di garantire che l’integrazione diventi finalmente realtà”.
Mettiamola così: è stata istituita una commissione. Questa commissione ha iniziato i suoi lavori e il suo vero scopo è quello di approvare le leggi il più rapidamente possibile. Perché senza leggi sull’integrazione, nulla può essere attuato. Certo, possiamo parlare di pace, possiamo parlare di democratizzazione, possiamo certamente discutere delle ingiustizie e dell’illegalità in Turchia e di come si possano approvare nuove leggi per affrontarle. Ma l’integrazione è qualcosa di molto diverso.
Oggi ci sono migliaia di persone sulle montagne con le armi in mano. Sì, simbolicamente si è svolta una cerimonia di scioglimento. Il PKK ha dichiarato il suo scioglimento. Ma ci sono ancora persone armate. Ora, queste persone armate devono deporre le armi e tornare in Turchia, e le barriere che impediscono loro di partecipare alla politica democratica devono essere rimosse. Questo può diventare realtà solo attraverso le leggi che emergeranno dalla commissione.
like this
reshared this
Wulfy—Speaker to the machines
in reply to Catalin Cimpanu • • •Russian Government slurps all of the internet traffic for #censored content
GG #cisco!