Adnan (xanda) Mohd Shukor

Fake Base Transceiver Station atau Fake BTS adalah sebuah peranti yang menyamar sebagai stesen pangkalan telefon bimbit sebenar. Di Malaysia, ia selalunya bertujuan untuk menyebarkan SMS phishing. Lagi best, nama penghantar SMS pun boleh di spoof!

We’re taking down insidious scam centers who prey on Americans. $10 MILLION REWARD for information that disrupts the Tai Chang scam centers in Burma. Have a tip? Contact the FBI at TaiChangTIPS@fbi.gov. state.gov/releases/offic…

PDRM Serbu Operasi Menipu Warga Sepanyol Menggunakan AI Oleh Warga China Di Johor amanz.my/2026565718

@xanda big if true

In a Facebook post tonight, Onn Hafiz said he received a warning notification from Apple about an attempted mercenary spyware attack targeting his phone and Apple account. freemalaysiatoday.com/category/natio…

🚨Data Breach Alert ‼️ 𝗧𝗲𝗮𝗺𝗣𝗖𝗣 𝗖𝗹𝗮𝗶𝗺𝘀 𝗦𝗮𝗹𝗲 𝗼𝗳 𝗚𝗶𝘁𝗛𝘂𝗯 𝗜𝗻𝘁𝗲𝗿𝗻𝗮𝗹 𝗦𝗼𝘂𝗿𝗰𝗲 𝗖𝗼𝗱𝗲 TeamPCP hacking group claimed the compromise and sale of GitHub internal data, allegedly including around 4,000 private repositories containing source code related to GitHub’s main platform and internal organizations. Threat actor: TeamPCP Sector: ICT Data exposure (claimed): Approximately 4,000 private repositories Data type: Source code Observed: May 19, 2026 Status: Pending verification ESIX©: 7.96 Full details and impact assessment on HackRisk.io

We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.

MASSA app by @mycert is seeing rapid updates! It now features app recognition via certificate signatures and deep scanning for suspicious APK/XAPK/ZIP files. Detecting apps removed from the Play Store, enhanced app list sorting, and major stability fixes play.google.com/store/apps/det…

Update: The dev team informed me that the latest version is not open source. The source code available on GitHub is for the previous version

Go-Gov-MY is the Malaysian government’s official tool for building secure forms with gov.my links and QR codes. Clean, secure, and open source 🇲🇾 Government agencies, this one’s for you go.gov.my

@kheirulnaim Aku pun tak tahu kalau dah launch. Hahaha. Aku jumpa je pagi tadi

Finally launch by our own GovTech

@_aprillicious Kalau tengok based on github repo, yes

@xanda Ni sama efort dengan MyDS tu ke? Confuse sikit

@bytebot "you" as in, me? I'm not the author and neither working for the gov/vendor

landing page souvereign did not appear, so could not fix opened a PR regardless for other errors github.com/govtechmy/go-g… btw, you might want to check - next needs updating (you use 14.2.17, middleware auth stuff fixed in 14.2.25), api tokens exposed after creation, there is some api key logging/header confusion, /api/metatags accepts a user controlled url, then fetches it serverside, also apps/web/lib/auth/requestToken.ts is just plain sha-256, no hmac? won't be opening github issues for all of them, but good luck fixing them!

@bytebot Not updated with the form part yet it seems github.com/govtechmy/go-g…

@xanda Kudos, it actually looks clean. Where is the source, to qualify as open source? Also, s/souvereign/sovereign/

After Budi95, now I’m wondering what budirakyat.gov.my is all about 👀

Reporter: Did you talk to Xi about the cyber attacks that he's done in the United States? Trump: I did. And he talked about attacks that we did in China. What they do, we do too.

Ops Teguh 2.0 - Major crackdown on scams leads to RM57.68mil seized, 187 suspects nabbed thestar.com.my/news/nation/20…

@JoelEsler Opsss.. My bad

@xanda I’m sorry. I haven’t worked at Cisco in 5 years.

Phishtank is back online

All items listed under the "impact" section in the @mycert advisory are inaccurate for this campaign. The fraudster are only looking gift cards or Razor Gold PINs 😆 mycert.org.my/portal/advisor…

Can anyone connect me to TI/IR team of BDO Unibank ?