UNC1549 Campaign Compromises 34 Devices at 11 European Telecom Firms Using LinkedIn Job Lures and MINIBIKE Malware

News

UNC1549 Campaign Compromises 34 Devices at 11 European Telecom Firms Using LinkedIn Job Lures and MINIBIKE Malware Summary Security researchers have attributed a recent espionage campaign targeting European telecommunications companies to the cluster known as UNC1549. According to reporting by thehackernews.com and tracking by Swiss cybersecurity firm PRODAFT, the actor (tracked by PRODAFT as “Subtle…

Automating Alert Triage with AI Agents and Confluence SOPs Using Tines

News

Automating Alert Triage with AI Agents and Confluence SOPs Using Tines Summary of the workflow The workflow highlighted by Tines automates security alert triage by using AI-driven agents to identify the correct Standard Operating Procedures (SOPs) documented in Confluence, and then executing the appropriate response steps through the platform. The underlying Tines library — maintained…

SonicWall Urges Password Resets After Cloud Backup Files Accessed in MySonicWall Breach

News

SonicWall Urges Password Resets After Cloud Backup Files Accessed in MySonicWall Breach Incident summary SonicWall has notified customers that it detected suspicious activity targeting its cloud backup service for firewalls and that unknown threat actors accessed firewall configuration backup files stored in the cloud for less than 5% of MySonicWall accounts. The vendor has urged…

CountLoader: New Multi‑Version Loader Fuels Russian Ransomware Operations

News

CountLoader: New Multi‑Version Loader Fuels Russian Ransomware Operations Overview of the discovery Security researchers have identified a new malware loader, tracked as “CountLoader,” that is being used by Russian-affiliated threat actors to deliver post‑exploitation tools and remote access malware. According to published reporting, CountLoader has been observed distributing Cobalt Strike, AdaptixC2, and a remote access…

TA558 Deploys Venom RAT Using AI-Generated Scripts Against Hotels in Brazil and Spanish-Speaking Markets

News

TA558 Deploys Venom RAT Using AI-Generated Scripts Against Hotels in Brazil and Spanish-Speaking Markets Overview Russian security vendor Kaspersky has attributed a fresh campaign to the threat actor tracked as TA558 that delivered multiple remote access trojans (RATs), including Venom RAT, to breach hotels in Brazil and other Spanish-speaking markets. Kaspersky observed the activity in…

Microsoft and Cloudflare Disrupt RaccoonO365 Phishing-as-a-Service That Stole Thousands of Microsoft 365 Credentials

News

Microsoft and Cloudflare Disrupt RaccoonO365 Phishing-as-a-Service That Stole Thousands of Microsoft 365 Credentials Incident summary Microsoft and Cloudflare have jointly disrupted a large-scale Phishing-as-a-Service (PhaaS) operation known as RaccoonO365. According to reporting, the service enabled cybercriminals to run tailored Microsoft 365 credential-harvesting campaigns and helped steal thousands of Microsoft 365 credentials. The action targeted the…

BreachForums Admin Conor Fitzpatrick Resentenced to Three Years Following Appeals Court Reversal

News

BreachForums Admin Conor Fitzpatrick Resentenced to Three Years Following Appeals Court Reversal Summary of the ruling On September 16, 2025, Conor Brian Fitzpatrick, a 22-year-old identified as the administrator of the BreachForums hacking forum, was resentenced to three years in prison after a federal appeals court overturned his prior sentence of time served and 20…

Chaos Mesh GraphQL Flaws Could Enable RCE and Full Kubernetes Cluster Takeover

News

Chaos Mesh GraphQL Flaws Could Enable RCE and Full Kubernetes Cluster Takeover Disclosure summary Cybersecurity researchers have disclosed multiple critical vulnerabilities in Chaos Mesh — an open‑source chaos engineering platform for Kubernetes — that, if exploited, could allow remote code execution (RCE) and full takeover of Kubernetes clusters. The published advisory indicates attackers require only…