DudeOnSecurity

Security First as Microsoft lies you! Mind blowing vulnerability in a functionality intentionally developed by Microsoft enabled compromise to all Azure tenants! dirkjanm.io/obtaining-gl...

20 Popular npm Packages With 2 Billion Weekly Downloads Compromised in Supply Chain Attack 20 npm packages with 2B weekly downloads compromised after maintainer phishing led to crypto-stealing malware.

It's time to secure your software supply chain. Popular npm packages with 20 billion weekly downloads have been compromised, and this isn't a single incident. thehackernews.com/2025/09/20-p...

Global operation targets NoName057(16) pro-Russian cybercrime network – The offenders targeted Ukraine and supporting countries, including many EU Member States | Europol The offenders targeted Ukraine and supporting countries, including many EU Member States. Between 14 and 17 July, a joint international operation, known as Eastwood and coordinated by Europol, targete...

Sometimes we need something else than just firewall rules. Way to go!
www.europol.europa.eu/media-press/...

Thousands of Asus routers are being hit with stealthy, persistent backdoors Backdoor giving full administrative control can survive reboots and firmware updates.

The attack is likely being carried out by a nation-state or another well-resourced threat actor, according to researchers.

Exclusive: Hegseth orders Cyber Command to stand down on Russia planning The secretary of Defense has ordered U.S. Cyber Command to stand down from all planning against Russia, including offensive digital actions, sources tell Recorded Future News.

Russian influence in the USA is intensifying. therecord.media/hegseth-orde...

Sad to see USA is now a state of Russia. #ukraine

Signals of Trouble: Multiple Russia-Aligned Threat Actors Actively Targeting Signal Messenger | Google Cloud Blog Russia state-aligned threat actors target Signal Messenger accounts used by individuals of interest to Russia's intelligence services.

Check your Signal settings for 𝐋𝐢𝐧𝐤𝐞𝐝 𝐃𝐞𝐯𝐢𝐜𝐞𝐬! cloud.google.com/blog/topics/...

Threat Actors Exploit a Critical Ivanti RCE Bug, Again New year, same story. Despite Ivanti's commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the nth time.

You can diminish simple buffer overflows from your C code. It is possible. It can be automated. Really. #softwaresecurity #cybersecurity www.darkreading.com/vulnerabilit...

Customer data from 800,000 electric cars and owners exposed online Volkswagen's automotive software company, Cariad, exposed data collected from around 800,000 electric cars. The info could be linked to drivers' names and reveal precise vehicle locations.

If your car is connected, it is being followed: www.bleepingcomputer.com/news/securit...

It seems every possible vendor is celebrating 100% coverage in MITRE ATT&CK evaluations. And each has their fanbase cheering like it’s New Year’s Eve. Who is lying? Guess we can all retire now. #mitre #mitreatt&ck #cybersecurity

Email phishing: still the king of digital crime. 👑 How long will this reign last? ⏳ #phishing #cybersecurity #neverlearn

Ivanti warns of maximum severity CSA auth bypass vulnerability Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution.

Ivanti keeps on giving (CVSS 10.0). I would seriously consider running these on enterprise or other environments. We should demand more! www.bleepingcomputer.com/news/securit...

New Red Teamers Tool to Execute System Command On Hosts Via Microsoft Teams A groundbreaking tool has emerged in the realm of red teaming, offering the ability to execute system commands on hosts via MS Teams.

Teams is malware (still)! cybersecuritynews.com/red-team-too...

Black Basta Ransomware Leverages Microsoft Teams To Attack Windows Users Black Basta ransomware operators have improved their tactics, leveraging Microsoft Teams to deploy Zbot, DarkGate, and Custom Malware.

Teams is malware! cybersecuritynews.com/black-basta-...

FBI, CISA say Chinese hackers are still lurking in US telecom systems In a call with reporters, senior officials at the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI said the agencies have been investigating the incident since late spring, and have...

For the attacker, persistency is the key. For the defender, you have to go deep deep down the rabbit hole to erade the attackers. therecord.media/fbi-cisa-chi...

I agree: ”In modern LLM systems, there is a lot of code between what you type and what the LLM receives, and between what the LLM produces and what you see. All of that code is exploitable, and I expect many more vulnerabilities to be discovered in the coming year.” www.schneier.com/blog/archive...

Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine Google's Big Sleep AI framework uncovers a zero-day vulnerability in SQLite, showcasing AI-driven security potential.

Google is doing very interesting work on AI-assisted vulnerability research. It's likely that other, less reputable actors are doing so as well. thehackernews.com/2024/11/goog...

cti-cmm A new Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) to empower your team and create lasting value

Great to see efforts on standardizing Cyber Threat Intel #cti activities in an industry with diverse practices. Take a look at the CTI-CMM maturity model. Are you using any other CTI maturity models? cti-cmm.org

Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails Russian actors exploit NTLM flaw in attacks on Ukraine, patched by Microsoft this week

It doesn’t need to be the most critical CVSS 9.8 vulnerability to be exploited. Is your vulnerability management program prioritizing vulnerabilities that can be exploited in your attack paths? thehackernews.com/2024/11/russ...

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign Palo Alto Networks urges fixes as 2,000 devices are hacked in exploits targeting critical flaws.

Where to start? Start from the basics. You do not connect your management interface to public network: thehackernews.com/2024/11/warn...