Fr.O So

@peer_rich @nylas They are incredibly good these attackers

OAuth scams are becoming more and more popular this time a malicious @nylas OAuth client is being used to attack one of our employees (who immediately understood its a scam and has reported it) the playbook is simple: 1. obtain a Google OAuth client 2. pretend to send a .docx 3. immediately open the Google OAuth splash screen 4. Attacker gains full access to Email, Calendar and more officially it falls under phishing, however attackers no longer make fake login forms but instead show official google log in screens most people fall for it because they check the website, see google.⁠com AND nylas.⁠com (which is also legit) and think its safe. signing into google to view a document is also very common

This week didn’t break anything. It bent everything: ⚡ Vercel hacked 🌐 DDoS busted 🤖 PowMix botnet 📢 Push fraud 📝 Obsidian RAT ⬇️ CPUID trojan 🧩 Chrome spyware 🧠 AI cyber 💰 Vect ransomware 💬 Teams trap 🗂️ CGrabber steal 📧 Mail breach 🔑 Access trade 🛠️ Adaptix C2 🧬 Adware backdoor 💉 SQL attacks 🖥️ VM stealth 🎭 Fake installer 🔗 Scroll through the full recap → thehackernews.com/2026/04/weekly…

Source : infosecurity-magazine.com/news/zionsipho…

ZionSiphon targets water infrastructure Darktrace researchers identified. ZionSiphon malware targeting water treatment and desalination systems that activates under certain geographic and environmental conditions. The malware can scan ICS networks, interact with industrial protocols, and attempt to manipulate chlorine dosing and pressure settings. Key components are still incomplete and a coding flaw can prevent execution. So while not fully operational, the tool highlights growing attacker interest in developing malware against critical infrastructure #attack #malware

🔐 𝗛𝗼𝘄 𝗗𝗼𝗲𝘀 𝗗𝗠𝗔𝗥𝗖 𝗔𝗰𝘁𝘂𝗮𝗹𝗹𝘆 𝗪𝗼𝗿𝗸? (𝗔𝗻𝗱 𝗪𝗵𝘆 𝗜𝘁 𝗠𝗮𝘁𝘁𝗲𝗿𝘀 𝗠𝗼𝗿𝗲 𝗧𝗵𝗮𝗻 𝗘𝘃𝗲𝗿) Email remains one of the biggest entry points for cyberattacks, and domain spoofing is still a major risk. That’s where DMARC helps. 📩 What is DMARC? DMARC (Domain-based Message Authentication, Reporting & Conformance) protects your domain from phishing and spoofing by working with SPF and DKIM. 🖥️ How it works: 📤 An email is sent 🛡️ The receiving server evaluates it ✅ SPF checks whether the sender is authorized 🔑 DKIM verifies the message integrity 📥 If both pass, the email lands in the inbox 🚫 If either fails, the DMARC policy is applied: None, Quarantine, or Reject 📊 Added benefit: DMARC also provides reporting, giving organizations visibility into who is sending emails on behalf of their domain. 💡 Why it matters: 🛡️ Protects brand reputation 📬 Improves email deliverability 🚨 Reduces phishing risk 👀 Increases visibility into email activity 🚀 Best practice: Start with p=none for monitoring, then move toward quarantine or reject as enforcement matures. 🔍 If your organization has not implemented DMARC yet, this is a strong place to start closing a critical security gap. #CyberSecurity #EmailSecurity #DMARC #SPF #DKIM #Infosec #Phishing #ITSecurity #CloudSecurity

🐞 [+] Data Validation Checklist for Bug Hunters & Pentesters If you're not testing these, you're missing real attack surface: • Reflected XSS • Stored XSS • DOM-based XSS • Cross-Site Flashing • HTML Injection Injection vectors you should never ignore: • SQL Injection • LDAP Injection • ORM Injection • XML Injection / XXE • SSI Injection • XPath / XQuery Injection • IMAP/SMTP Injection Execution & system-level risks: • Code Injection • Expression Language Injection • Command Injection Memory & low-level flaws: • Stack / Heap / Integer Overflow • Format String Bugs Web-layer weaknesses: • HTTP Request Smuggling / Splitting • HTTP Verb Tampering • Open Redirect • HTTP Parameter Pollution File handling issues: • Local File Inclusion (LFI) • Remote File Inclusion (RFI) Logic & misconfig: • Client-side vs Server-side validation gaps • NoSQL Injection • Auto-binding issues • Mass Assignment Session flaws: • NULL / Invalid Session Cookies + Always look for “incubated” or chained vulnerabilities. Most people test basics. Skilled attackers test depth. #BugBounty #CyberSecurity #AppSec #Pentesting #InfoSec

@VivekIntel Great ones

@DailyDarkWeb A lot of PII breached then

🇨🇦 Canada: timbermart.ca Customer Database Allegedly for Sale A threat actor claims to have breached timbermart.ca, offering a dataset containing ~485,000 customer records along with operational data. 📊 Key Details: • Target: timbermart.ca • Volume: ~485K records • Type: Customer + operational database • Status: Listed for sale on cybercrime forum 🧠 Dataset Structure (per post): • Customer data: Customer ID, name Email, phone Loyalty ID • Store data: Store ID, location, province • Product data: SKU, category, pricing • Transactions: Dates, payment methods Totals (subtotal, tax, total CAD) • Inventory: Stock levels, updates 🧠 Threat Intelligence Insight: • This is a multi-table relational dataset, not just a user dump • Combines: PII + purchase history + financial metadata • High-risk use cases: Targeted phishing using purchase context Fraud leveraging transaction patterns Business intelligence abuse ⚠️ Assessment: • Medium–High credibility Detailed schema and realistic sample shown Structured enterprise dataset format Full breach not independently confirmed ⚠️ Potential Impact: • Customer privacy exposure • Transaction-based fraud campaigns • Competitive intelligence leakage 📊 Status: Unverified — but high-value dataset if confirmed #CyberSecurity #DataBreach #Canada #ThreatIntel #RetailSecurity #DDW

@levelsio Chrome browser these times really sucks but the main problem is the open source search engine Chromium. So all the browsers with this engine are suffering from a lot of attacks

Another Chrome extension allegedly sold to mine your personal information This is an entire black market you'd have no idea existed but it does! Your best bet is to use no Chrome extensions at all, except uBlock Origin for ad block Or better: just vibe code your own so you know what is running in your browser

🎂 𝗧𝗵𝗲 𝗢𝗦𝗜 𝗠𝗼𝗱𝗲𝗹... 𝗘𝘅𝗽𝗹𝗮𝗶𝗻𝗲𝗱 𝗟𝗶𝗸𝗲 𝗮 𝗖𝗮𝗸𝗲 🍰 Networking concepts can feel overwhelming—but sometimes, all you need is the right analogy. Think of the OSI Model as a layered cake 👇 🔝 Application Layer Where users interact with applications (your browser, email, etc.) 🎨 Presentation Layer Handles data formatting, encryption, and decryption 🔗 Session Layer Manages connections between systems 🚚 Transport Layer Ensures reliable delivery (flow control & error handling) 🧭 Network Layer Handles routing and logical addressing (IP) 🔌 Data Link Layer Manages physical addressing (MAC) and data transfer between nodes ⚡ Physical Layer The actual transmission of bits over cables, signals, and hardware 💡 Why this matters: Understanding the OSI model helps you troubleshoot faster, design better systems, and communicate clearly across technical teams.

@IntCyberDigest Interesting

‼️🇫🇷 The threat actor behind the ANTS breach told us he doesn't want any money, he just wanted to prove government systems are easy to hack. ANTS was breached via an IDOR access control flaw. 80GB of passwords, source code, logs, and PII stolen. We've seen the samples...

@LePoint C’est déjà sa d’en parler

Dans la foulée des services secrets allemands, néerlandais et américains, les agences françaises mettent en garde contre une vaste offensive de piratage ciblée. 👀 DÉCLASSIFIÉ ➡️ l.lepoint.fr/jJ1 #DGSE #DGSI #piratage

🌍 April Ransomware Surge: Top Targeted Nations (MTD) Verified Extortion Attacks by Country: 🇺🇸 United States: 237 🇩🇪 Germany: 23 🇬🇧 United Kingdom: 20 🇫🇷 France: 18 🇮🇹 Italy: 18 🇨🇦 Canada: 17 🇪🇸 Spain: 15 🇦🇺 Australia: 12 🇮🇳 India: 10 🇹🇭 Thailand: 9 More:👉 darkfeed.io #CyberSecurity #Ransomware #ThreatIntelligence #InfoSec

@ido_cohen2 Of course US is most targeted because they think they can earn more ransom money there.

@osintnewsletter Great OSINT workflow to fight fake news

When conflict breaks out, misinformation spreads fastest. ⚡ Kirby Plessas breaks down the OSINT workflows investigators use to verify viral content in real time. Watch it here: youtube.com/watch?v=Q7mVKC…

@The_Cyber_News Architectural that really dangerous but that’s the problem when MCP is open sourced, it’s easy for attackers to try compromise the MCP.

⚠️ Critical Anthropic’s MCP Vulnerability Enables Remote Code Execution Attacks Source: cybersecuritynews.com/anthropics-mcp… A critical flaw in Anthropic’s Model Context Protocol (MCP) exposes over 150 million downloads to potential compromise. The vulnerability could enable full system takeover across up to 200,000 servers. Unlike a traditional coding bug, this vulnerability is architectural, meaning any developer building on Anthropic's MCP foundation unknowingly inherits the exposure from the ground up. The flaw enables Arbitrary Command Execution (RCE) on any system running a vulnerable MCP implementation. Successful exploitation grants attackers direct access to sensitive user data, internal databases, API keys, and chat histories, effectively handing over complete control of the affected environment. #cybersecuritynews

搞安全渗透的注意了！据说朝鲜黑客盗取加密货币就使用了这些工具！ GitHub上有个神器叫HackingTool，一个工具集成了185+个黑客工具，覆盖20个分类——信息收集、SQL注入、钓鱼攻击、云安全、移动安全全都有。 输入/直接搜索，输入r说"我想扫描网络"它帮你推荐工具，一行命令装完，不用手动配置任何东西。搞渗透测试的人手必备。 🔗 github.com/Z4nzu/hackingt… ---------------- 全网征集AI超级个体、一人公司(OPC)真实创业案例，带项目、收入截图私信投递，优质项目及个体将在我的X同步曝光，给与流量支持，个人IP指导！

@Emilien57686974 @SouveraineTech @reveal Hahaha

@FrOSo49 @SouveraineTech @reveal On te laisse porté plainte 😂

💥 Une enquête d’envergure de @reveal révèle l’existence d’un système de surveillance mobile qui a opéré pendant près de vingt ans dans plus de 160 pays, y compris aux États-Unis. Baptisé Altamides, ce dispositif développé par l’entreprise #FirstWap exploite les protocoles de signalisation des réseaux télécoms pour localiser en temps réel n’importe quel numéro de téléphone, intercepter appels et messages, ou encore mettre en place des géofencing autour de manifestations ou de réunions. Le tout sans laisser la moindre trace sur l’appareil ciblé. Les données fuitées, découvertes en 2024, documentent plus d’un million d’opérations de pistage entre 2007 et 2015. Parmi les personnes suivies : des journalistes d’investigation, des activistes des droits humains, des dirigeants politiques, des exilés, mais aussi des citoyens ordinaires. Cette affaire met en lumière la persistance de vulnérabilités structurelles dans les réseaux mobiles mondiaux et les risques de surveillance transnationale. À l’heure où la cybersécurité et la protection de la vie privée sont devenues des enjeux stratégiques pour les entreprises comme pour les institutions, ce type de révélations nous rappelle l’urgence de repenser notre dépendance aux infrastructures télécoms actuelles.

Core commands for navigation and reading files in linux you should know as a cybersecurity aspirant: Filesystem Hierachy Standard (FHS): The component of the Linux OS that organizes data. Root Directory: is the highest level directory in linux. It's designated by a single slash. Pwd: prints the working directory on to screen (Outputs tells you which directory you're currently in). ls: display the name of the files and directory in the current working directory. Cat: displays the content of a file. head: displays just the beginning of a file, by default.

🔐 All Network Protocols in Cybersecurity — One Complete Mind Map! 🌏 In today’s digital world, understanding network protocols is not optional , it’s essential for anyone in cybersecurity. 👉 From core networking to Zero Trust architectures, this comprehensive mind map covers everything you need to know: ✅ Core protocols (TCP/IP, UDP, ICMP) ✅ Routing protocols (OSPF, BGP, RIP) ✅ Secure communication (TLS, HTTPS, SSH) ✅ Authentication & identity (Kerberos, LDAP, SAML, OAuth) ✅ VPNs & tunneling (IPSec, OpenVPN, Wire Guard) ✅ Cryptography & key exchange (AES, RSA, Diffie-Hellman) ✅ Wireless security (WPA2, WPA3, EAP) ✅ IoT & industrial protocols (MQTT, CoAP, Modbus) ✅ Zero Trust & modern security (mTLS, JWT, FIDO2) 📌 Whether you're preparing for cybersecurity roles, certifications, or strengthening your fundamentals — this serves as a powerful quick-reference guide. 💡 Key Takeaway: Always prefer secure, modern protocols over outdated ones. Security is not just about tools — it's about choosing the right protocols. 🚀 Save this for future reference 🔁 Share with your network 💬 Comment your favorite or most-used protocol