Top News

• TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware

"Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks."

Link

TLP¹ : Green

• Google launches customizable Web Store for Enterprise extensions

"Google has officially launched its Chrome Web Store for Enterprises, allowing organizations to create a curated list of extensions that can be installed in employees' web browsers."

Link

TLP¹ : Green

• Hundreds of fake Reddit sites push Lumma Stealer malware

"Hackers are distributing close to 1,000 web pages mimicking Reddit and the WeTransfer file sharing service that lead to downloading the Lumma Stealer malware."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• Love and hate under war: The GamaCopy organization, which imitates the Russian Gamaredon, uses military — related bait to launch attacks on Russia

"Recently, our team discovered attack samples targeting Russian-speaking targets during threat hunting. In addition, another related sample was also identified. Both samples follow the same operation process and use the same bait theme."

Link

TLP¹ : Green

• FBI: North Korean IT workers steal source code to extort employers

"The FBI warned today that North Korean IT workers are abusing their access to steal source code and extort U.S. companies that have been tricked into hiring them."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• FBI Agents’ Call And Text Logs Potentially Stolen In Data Breach

"The FBI has raised alarm that hackers who breached AT&T’s system last year may have stolen months of agents’ call and text logs, which could potentially lead to the identities of anonymous informants connected to investigations, according to a document reviewed by Bloomberg."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• CVE-2025-0314: GitLab Releases Patch for XSS Exploit

"GitLab has issued a important security update addressing several vulnerabilities, including a high severity cross-site scripting (XSS) flaw."

Link

TLP¹ : Green

• RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations

"A group of academics has disclosed details of over 100 security vulnerabilities impacting LTE and 5G implementations that could be exploited by an attacker to disrupt access to service and even gain a foothold into the cellular core network."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Here's an affordable way to study for your Microsoft Certifications

"Microsoft Tech Certifications are a smart way to stand out from other candidates in the tech industry, but the tests are tough, and studying on your own doesn't always make it easier. If you want a little guidance, take a look at the Complete 2025 Microsoft Tech Certification Training Super Bundle."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Tracking a Malicious Blogspot Redirection Campaign to ApateWeb

"Browsing Twitter/X, I stumbled across something I’ve been seeing a lot of in the past two years: a suspicious Blogspot link. These have been weaponized to cater to the audience of specific posts, showing a preview that is usually related to the topic at hand, then redirecting to a plethora of different sites based on the specific campaign."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp