Articles – Page 3

Thu. Mar 5th, 2026

Salesforce “Connected Apps” Supply-Chain Campaign (UNC6040 / UNC6395) — ShinyHunters & Scattered Spider Overlap

1. Executive Summary A widespread data-theft and extortion campaign has targeted organisations’ Salesforce environments by abusing trusted third-party integrations and malicious OAuth “Connected Apps”—rather than exploiting a core Salesforce software…

Articles

Scattered Spider Attacks on Airlines (Qantas, WestJet, Hawaiian Airlines)

20 October 2025 Threat Analyst

1. Executive Summary In late June to early July 2025, multiple airlines disclosed cybersecurity incidents affecting internal systems and/or customer data, with reporting and government/industry warnings pointing to activity consistent…

Articles

U.S. Telecom “Lawful Intercept” Systems Targeted in China-Linked Intrusions (Salt Typhoon)

20 September 2025 Threat Analyst

1. Executive Summary Public reporting indicates China-linked threat actors compromised multiple U.S. broadband/telecommunications providers, including AT&T, Verizon, and Lumen, with access potentially extending to systems and processes supporting court-authorised wiretapping…

Articles

Chinese Surveillance-Grade Data Exposure (631GB / ~4B records) — Threat Intelligence Brief

20 August 2025 Threat Analyst

1. Executive Summary In May 2025, security researcher Bob Dyachenko (SecurityDiscovery.com) and the Cybernews research team identified a publicly exposed database (~631GB) containing roughly 4 billion records, predominantly related to…

Articles

GitHub Actions supply chain attack: tj-actions/changed-files and reviewdog/action-setup

28 March 2025 Threat Analyst

Secrets leaked via compromised CI componentsGitHub Actions, CI/CD, Supply chain compromise, Secrets exposure, DevSecOps, CVE-2025-30066, CVE-2025-30154, tj-actions, reviewdog, Software supply chain security 1. Executive Summary A supply chain compromise impacted…

Articles

Nation-State Cyberattacks Escalate: Indian Government Systems and Romanian Elections Under Coordinated Digital Siege

9 January 2025 Threat Analyst

Introduction December 2024 marked a sharp escalation in nation-state cyber activity targeting democratic institutions and government infrastructure. Two developments stand out: a sustained rise in cyberattacks against Indian government entities…

Articles

Internet Archive Under Fire: 31 Million-Account Breach and Zendesk Token Exposure Amid Sustained DDoS Disruption

20 November 2024 Threat Analyst

1. Executive Summary In October 2024, the Internet Archive (IA) faced a compound cyber incident combining service-disrupting DDoS activity with a major compromise of user authentication data (31 million records)…

Articles

Lazarus (BlueNoroff) Abuses Chrome V8 Zero-Day (CVE-2024-4947) via Fake DeFi “DeTankZone” Game to Deliver Manuscrypt

20 November 2024 Threat Analyst

1. Executive Summary In a financially motivated campaign attributed to the Lazarus Group’s BlueNoroff ecosystem, attackers weaponised a Google Chrome zero-day in the V8 JavaScript engine to compromise victims who…

Articles Vulnerabilities_Exploits

Nation-State Adversaries Exploit Ivanti CSA Zero-Days: A Deep Dive into Targeted Attacks and Vulnerability History

15 October 2024 Threat Analyst

Overview Ivanti’s Cloud Services Appliance (CSA) has become a prime target for nation-state actors exploiting zero-day vulnerabilities to gain unauthorised access to critical infrastructure. Fortinet’s recent report unveils that these…

Articles Techniques_Tactics_Procedures

File Hosting Services Misused for Identity Phishing: Microsoft’s Analysis

9 October 2024 Threat Analyst

Microsoft’s latest threat intelligence report highlights an ongoing trend where threat actors exploit legitimate file-hosting services, such as OneDrive, SharePoint, and Dropbox, to deliver identity-focused phishing attacks. These services’ familiarity…

You missed

Articles

Salesforce “Connected Apps” Supply-Chain Campaign (UNC6040 / UNC6395) — ShinyHunters & Scattered Spider Overlap

Scattered Spider Attacks on Airlines (Qantas, WestJet, Hawaiian Airlines)

U.S. Telecom “Lawful Intercept” Systems Targeted in China-Linked Intrusions (Salt Typhoon)

Chinese Surveillance-Grade Data Exposure (631GB / ~4B records) — Threat Intelligence Brief

GitHub Actions supply chain attack: tj-actions/changed-files and reviewdog/action-setup

Nation-State Cyberattacks Escalate: Indian Government Systems and Romanian Elections Under Coordinated Digital Siege

Internet Archive Under Fire: 31 Million-Account Breach and Zendesk Token Exposure Amid Sustained DDoS Disruption

Lazarus (BlueNoroff) Abuses Chrome V8 Zero-Day (CVE-2024-4947) via Fake DeFi “DeTankZone” Game to Deliver Manuscrypt

Nation-State Adversaries Exploit Ivanti CSA Zero-Days: A Deep Dive into Targeted Attacks and Vulnerability History

File Hosting Services Misused for Identity Phishing: Microsoft’s Analysis

You missed

BadAudio and APT24: “good enough” OPSEC powering a multi-vector espionage chain

Iran crisis cyber risk rises as defacements and disruptive activity reported

OpenClaw “ClawJacked” chain: malicious websites can hijack local AI agents via localhost WebSockets

DPRK FAMOUS CHOLLIMA OPSEC failure exposes npm publisher IPs through public disposable inboxes