TechNadu

16.1K posts

TechNadu banner
TechNadu

TechNadu

@TechNadu

Cutting through tech noise, covering #Cybersecurity, #VPNs | Real insights. Expert reviews. Daily threats decoded. #InfoSec #Privacy

Tirupur Katılım Ocak 2017
1.3K Takip Edilen10.1K Takipçiler
TechNadu
TechNadu@TechNadu·
JFrog says the packages briefly deployed HTTP flood functionality before reverting to adware after public reporting. The investigation also details the remote code loading technique and the infrastructure behind the campaign. technadu.com/140-malicious-…
English
0
0
0
25
TechNadu
TechNadu@TechNadu·
148 malicious npm packages disguised as student web proxies reportedly turned visitors' browsers into a DDoS botnet. The campaign abused npm as a distribution platform while loading mutable remote code from GitHub. How should registries respond to campaigns like this?
TechNadu tweet media
English
1
0
0
84
TechNadu
TechNadu@TechNadu·
Researchers found the official extension contained a complete but inactive collection pipeline that could reportedly have been enabled through a routine update. The extension had about 1.6 million installs before being removed from both stores. technadu.com/google-follows…
English
0
0
0
18
TechNadu
TechNadu@TechNadu·
🛡️ @Google has removed ModHeader after @Microsoft did the same, following reports that the official signed extension contained dormant data-exfiltration capabilities. No evidence of active theft has surfaced - but the infrastructure was already there. Should trusted browser extensions face stricter review?
TechNadu tweet media
English
1
0
0
60
TechNadu
TechNadu@TechNadu·
The article breaks down each sanctioned organization, why VKontakte and MaxApp were included, which surveillance vendors were listed, and the GRU- and Lumma-related individuals and entities named by the EU and UK. technadu.com/eu-uk-sanction…
English
0
0
0
14
TechNadu
TechNadu@TechNadu·
The EU and UK have sanctioned VKontakte, firms tied to Russia's surveillance infrastructure, Lumma Stealer operators, and GRU-linked individuals. The move targets the broader cyber ecosystem - not just individual threat actors. Can sanctions materially disrupt cyber operations?
TechNadu tweet media
English
1
0
0
56
TechNadu
TechNadu@TechNadu·
Apple's complaint alleges the former engineer retained access weeks after leaving, using a previously unknown authentication bug to retrieve unreleased hardware information. The article also covers OpenAI's response and why the allegations raise broader questions about identity lifecycle management and post-employment access. technadu.com/apple-accuses-…
English
0
0
0
20
TechNadu
TechNadu@TechNadu·
🛡️ @Apple alleges a former engineer exploited a previously unknown authentication flaw after leaving the company to access internal systems and download confidential hardware files before joining @OpenAI. If proven, which is the bigger concern: the zero-day or the offboarding failure?
TechNadu tweet media
English
1
0
0
48
TechNadu
TechNadu@TechNadu·
The experts examine case-based investigations, threat-feed quality, explainable prioritization, SIEM limitations, and why AI must reduce analyst work rather than produce better summaries of the same noise. technadu.com/the-decision-b…
English
0
0
0
49
TechNadu
TechNadu@TechNadu·
SOC alert fatigue is not just a volume problem. @FalconFeedsio, Command Zero, @Intel_by_KELA, and @trendaisecurity argue that analysts are still being asked to assemble context, judge risk, and investigate fragmented signals manually. Should the next SOC optimize alerts - or remove decisions?
TechNadu tweet media
English
1
0
3
156
TechNadu
TechNadu@TechNadu·
The report breaks down the full intrusion chain, why researchers suspect the script was AI-generated, and how AI is accelerating established attacker workflows rather than creating entirely new ones. thehackernews.com/2026/07/attack…
English
0
0
0
42
TechNadu
TechNadu@TechNadu·
🛡️ @HuntressLabs says an attacker likely used an AI-generated PowerShell script to map Active Directory before stealing enterprise data. The tradecraft wasn't new - the speed and automation were. Will AI-assisted reconnaissance become the new normal?
TechNadu tweet media
English
1
0
0
103
TechNadu
TechNadu@TechNadu·
The article breaks down the incident timeline, affected services, the company's containment measures, and what investigators have confirmed so far. technadu.com/nihon-kotsu-co…
English
0
0
0
37
TechNadu
TechNadu@TechNadu·
Japan's Nihon Kotsu confirmed a malware incident after unauthorized access disrupted its phone-based taxi dispatch systems. The GO app remains operational, and no data leak has been confirmed so far. How should organizations prioritize resilience during operational disruptions?
TechNadu tweet media
English
1
0
0
101
TechNadu
TechNadu@TechNadu·
The full breakdown explains how the malicious releases evolved, why npm install protections weren't enough, the affected versions, and the mitigation guidance from Jscrambler and Socket Research. technadu.com/supply-chain-a…
English
0
0
0
36
TechNadu
TechNadu@TechNadu·
Jscrambler's npm package was compromised to deliver a Rust-based infostealer targeting crypto wallets, AI coding tools, cloud credentials, and messaging apps. Later variants even bypassed install-script protections. Which software supply chain defense do you trust most?
TechNadu tweet media
English
1
0
0
124
TechNadu
TechNadu@TechNadu·
The full roundup covers 13 major developments, including Microsoft's OAuth abuse, CAI cloud worm, Character. AI privacy fine, Mie Prefecture's USB malware response, INTERPOL's First Light operation, BlackCat insider sentencing, and emerging AI security trends. technadu.com/weekly-cyberse…
English
0
0
0
66
TechNadu
TechNadu@TechNadu·
Trusted identities - not zero-days - defined this week in cybersecurity. Microsoft Device Code phishing, Entra passkey abuse, cloud malware, malicious npm/PyPI packages, insider-assisted ransomware, INTERPOL's global crackdown, and more in this week's roundup.
TechNadu tweet media
English
1
0
0
131
TechNadu
TechNadu@TechNadu·
The review could lead some platforms to strengthen VPN detection while regulators assess whether they are taking "reasonable steps" to enforce age checks. technadu.com/vpn-age-checks…
English
0
0
0
25
TechNadu
TechNadu@TechNadu·
Australia's eSafety Commissioner is reviewing whether adult websites are doing enough to stop VPNs from bypassing new age verification rules. The focus isn't on banning VPNs - it's on how platforms detect and respond to location-based workarounds as compliance reviews continue.
TechNadu tweet media
English
1
0
1
95