Vivek | Cybersecurity

Blue Teaming Roadmap 🔵🛡️ Everything you need to learn for Blue Team roles: • Security Monitoring • Threat Detection • Incident Response • Log Management • Endpoint Security • Network Security • Vulnerability Management • Threat Intelligence • Security Tools • Identity Security • Compliance & Governance Save this and learn step-by-step.

OpenAI rolls out ChatGPT “Library” feature that automatically stores uploaded files in account-linked cloud storage for reuse across chats, with manual deletion required and data removed from servers within 30 days. #OpenAI #ChatGPT #AI #Privacy bleepingcomputer.com/news/artificia…

Former NSA cyber chief warns AI agents are already automating real-world attacks, mapping targets, finding vulnerabilities, and developing exploits at machine speed, signaling a shift toward scalable AI-driven offensive operations. #CyberSecurity #AI #ThreatIntel theregister.com/2026/03/23/cla…

The FCC is banning imports of new foreign-made consumer routers over cybersecurity risks, citing exploitation by China-linked groups like Volt Typhoon and Salt Typhoon, while existing devices remain unaffected. #USA #CyberSecurity #China #TechPolicy reuters.com/sustainability…

CanisterWorm spreads via compromised npm packages, hijacks developer accounts, and deploys a “Kamikaze” wiper on Kubernetes clusters in Iran while installing persistent backdoors elsewhere, using blockchain-based C2 to evade takedowns. #CyberSecurity #Kubernetes #SupplyChain #Iran #Malware hackread.com/canisterworm-k…

Security leaders warn stronger public-private collaboration is critical to counter China-linked Typhoon campaigns, as incidents targeting telecom and critical infrastructure rely heavily on intelligence sharing between industry and government. #CyberSecurity #China #ThreatIntel #RSAC theregister.com/2026/03/23/rsa…

Tycoon2FA phishing-as-a-service platform has returned to full operation days after Europol’s disruption, with attackers rapidly rebuilding infrastructure and continuing AiTM campaigns to bypass MFA and hijack Microsoft 365 and Gmail accounts. #CyberSecurity #Phishing #PhaaS #ThreatIntel bleepingcomputer.com/news/security/…

RuneScape Boards breach from 2011 resurfaces after 223K accounts including emails, usernames, IP addresses, and salted MD5 password hashes were added to Have I Been Pwned, highlighting ongoing risks from legacy forum data leaks. #DataBreach #CyberSecurity #HIBP haveibeenpwned.com/Breach/RSBoards

Unit 42 reveals Google Authenticator’s synced passkey architecture introduces new attack surface, highlighting cloud-based key handling, device enrollment secrets, and OAuth-backed sessions that could create emerging risks in passwordless authentication deployments. #CyberSecurity #Google #Passkeys #IdentitySecurity unit42.paloaltonetworks.com/passwordless-a…

Mazda disclosed a security breach after attackers exploited a warehouse management system vulnerability, exposing 692 employee and partner records including names, emails, and IDs, with no customer data impacted but phishing risks remain. #Japan #CyberSecurity #DataBreach #Mazda bleepingcomputer.com/news/security/…

Cisco Talos warns attackers are weaponizing vulnerabilities almost immediately after disclosure, with phishing driving 40% of intrusions and identity infrastructure becoming prime targets — shrinking defender response time and forcing organizations to patch faster. #CyberSecurity #ThreatIntel #Phishing theregister.com/2026/03/23/cis…

What is the purpose of a CAPTCHA? A) prevent automated bots from accessing websites B )To encrypt sensitive data C) To scan for viruses D) To detect phishing attempts

FCC blocks new foreign-made routers over China-linked cyber threats Move targets risks tied to groups like Volt Typhoon, Salt Typhoon, and Flax Typhoon exploiting network devices. Existing routers unaffected. #USA #CyberSecurity #China #TechPolicy cybernews.com/security/fcc-b…

FriendlyDealer scam mimics Google Play and Apple App Store Campaign uses 1,500+ domains, fake reviews, and PWAs to redirect users to gambling sites for affiliate fraud. No malware — pure social-engineering monetization. #CyberSecurity #Scam #ThreatIntel malwarebytes.com/blog/scams/202…

Over 500,000 end-of-life Windows IIS servers exposed online 511K publicly accessible systems running unsupported Windows versions increase risk of exploitation. Most exposures found in China, U.S., and Europe. cybernews.com/security/expos… #CyberSecurity #Windows #IIS #ThreatIntel

DPRK IT worker fraud used AI hiring and PiKVM-controlled laptop farm in the U.S. Operation leveraged stolen identities, remote-controlled devices, and VPN infrastructure to infiltrate companies via fake employees. ~40 systems tied to the scheme. #CyberSecurity #DPRK #ThreatIntel #Fraud nisos.com/blog/dprk-it-w…

Al-Qaeda-linked CJM joins Iran-aligned cyber ecosystem, indicating cross-ideology hacktivist collaboration and hybrid operations. #CyberSecurity #Iran #ThreatIntel gnet-research.org/2026/03/23/al-…

Singapore’s cyber threat landscape is evolving with rising activity across critical infrastructure, emerging technologies, and multi-vector attacks. Researchers highlight increasing complexity and need for adaptive defenses across the region. cyfirma.com/research/singa… #CyberSecurity #Singapore #APAC #ThreatIntel

Iran MOIS uses Telegram as C2 to target dissidents and journalists Fake apps deliver multi-stage malware enabling surveillance, credential theft, and data exfiltration via Telegram. Persistence achieved through registry and PowerShell abuse. securityaffairs.com/189820/malware… #CyberSecurity #Iran #Telegram #ThreatIntel

Windows has no greater enemy than itself...

Deep Eye: An advanced Al-driven vulnerability scanner and penetration testing tool that integrates multiple Al providers (OpenAl, Grok, OLLAMA, Claude) with comprehensive security testing modules for automated bug hunting, intelligent payload generation, and professional reporting. github.com/zakirkun/deep-…