A major data breach involving USA Credit Control has exposed an estimated 9.1 million records containing personal and financial information. The incident highlights the risks faced by legacy debt collection firms handling sensitive healthcare and telecommunication data. #USA_Credit_Control #DataBreach…
Tag: COLLECTION
CyberEye, also known as TelegramRAT, is a modular .NET-based Remote Access Trojan that uses Telegram Bot API for command and control, enabling stealthy surveillance and data theft without requiring attacker infrastructure. Its capabilities include credential harvesting, defense evasion by disabling Windows Defender, clipboard hijacking, and persistence via scheduled tasks, making it a significant threat for users and organizations. #CyberEye #TelegramRAT #TelegramBotAPI
Check Point Research revealed a sophisticated campaign by the APT group Stealth Falcon exploiting a zero-day vulnerability (CVE-2025-33053) through malicious .url files to deliver custom malware implants such as the Horus Agent. The group targets government and defense sectors in the Middle East and Africa using spear-phishing, WebDAV exploitation, and customized post-exploitation tools including keyloggers and credential dumpers. #StealthFalcon #CVE2025-33053 #HorusAgent
Security researchers uncovered five zero-day vulnerabilities and 15 misconfigurations in Salesforce Industry Cloud, affecting numerous organizations across various sectors. Salesforce addressed some vulnerabilities quickly, but many misconfigurations remain exploitable, posing serious security risks. #SalesforceIndustryCloud #ZeroDayVulnerabilities…
A threat actor has leaked a large database from Ghana’s insurance sector containing sensitive personal information. This incident may significantly jeopardize customer privacy and compromise the security of the insurance industry in Ghana. #GhanaInsurance #DataLeak…
SentinelLABS detected and thwarted reconnaissance and intrusion operations linked to the PurpleHaze and ShadowPad activity clusters, attributed with high confidence to China-nexus threat actors targeting SentinelOne and related organizations. Despite multiple sophisticated attacks between 2024 and 2025, SentinelOne’s infrastructure remained uncompromised, underscoring persistent threats to cybersecurity vendors and global industries. #PurpleHaze #ShadowPad #GOREshell #APT15 #UNC5174
Blue Teams are essential in defending organizational IT environments by monitoring threats and responding with structured playbooks. Wazuh enhances these efforts by providing real-time detection, automation, and comprehensive incident management tools. #CredentialDumping #WebShells #DataExfiltration #BruteForceAttacks #Wazuh
Blue Teams are essential for defending organizational IT environments through incident detection, response, and operational continuity, often guided by structured playbooks. Wazuh enhances these efforts with real-time monitoring, automated responses, and threat detection, supporting various attack scenarios like credential dumping, web shells, and brute-force attacks. #Wazuh #BlueTeamPlaybook
Librarian Ghouls, an APT group targeting Russian and CIS entities, employs legitimate third-party software and scripting rather than custom malware for its attacks, focusing on credential theft and deploying a crypto miner. Their ongoing campaign features phishing emails, remote access tools, and complex infection stages, with hundreds of victims primarily in Russia and neighboring countries. #LibrarianGhouls #RareWerewolf #Rezet #XMRig #AnyDesk
Kazakh authorities dismantled a large illegal network involved in selling personal data stolen from government databases via Telegram, arresting over 140 suspects. This operation highlights ongoing efforts to combat illicit data trade, illegal call centers, and cross-border cybercrimes in Eastern Europe. #Telegram #DataTheft…
This week’s cybersecurity updates highlight ongoing threats, including the BadBox 2 botnet targeting IoT devices and fraud associated with Hedera Hashgraph NFTs. Major organizations like the FBI, NSO Group, and Microsoft announced actions and initiatives to combat cyber threats and improve security resilience. #BadBox2 #NSOGroup #HederaHashgraph #CISA #MicrosoftEuropeanSecurity…
Two malicious npm packages, express-api-sync and system-health-sync-api, contain backdoors designed to wipe out entire production environments when triggered. These packages use hidden endpoints, cross-platform destruction commands, and covert email communication channels to gather intelligence and execute system destruction. #express-api-sync #system-health-sync-api #botsailer #npm
This article provides a comprehensive pentesting roadmap for aspiring ethical hackers, emphasizing hands-on labs like Hack The Box retired machines and Pro Labs. It highlights the importance of structured practice, following curated lists like the TJ Null List, and copying walkthroughs to gain real-world skills. #HackTheBox #TJNullList
In 2024, ESET researchers identified BladedFeline, an Iran-aligned APT group active since 2017, targeting Kurdish and Iraqi government officials with advanced malware including the Whisper backdoor and PrimeCache IIS module. The group is assessed as a subgroup of OilRig, utilizing sophisticated tools and maintaining long-term access for cyberespionage purposes. #BladedFeline #Whisper #PrimeCache #OilRig
Infostealers have become a significant cyber threat, accounting for almost a quarter of all incidents detected by Huntress in 2024, by harvesting sensitive credentials and data that fuel ransomware, extortion, and identity theft attacks. The evolution of infostealers, their targeting of diverse information including corporate credentials and cloud keys, and the law enforcement takedowns of related marketplaces highlight both the risks and ongoing efforts to combat these threats. #Infostealers #LummaStealer #RedLine #BansheeStealer