Kevin Poireault
@leekthehack.bsky.social
Tech reporter https://linksta.cc/@kevinpoireault
🚨 𝐎𝐩. 𝐄𝐧𝐝𝐠𝐚𝐦𝐞 3.0 𝐃𝐢𝐬𝐦𝐚𝐧𝐭𝐥𝐞𝐬 𝐑𝐡𝐚𝐝𝐚𝐦𝐚𝐧𝐭𝐡𝐲𝐬, 𝐕𝐞𝐧𝐨𝐦𝐑𝐀𝐓 𝐚𝐧𝐝 𝐄𝐥𝐲𝐬𝐢𝐮𝐦
The third "season" of Operation Endgame resulted in:
🗄️ Over 1025 servers taken down or disrupted
🌐 20 domains seized
🚪 11 locations searched
👮 One arrest
📰 www.infosecurity-magazine.com/news/operati...
The third "season" of Operation Endgame resulted in:
🗄️ Over 1025 servers taken down or disrupted
🌐 20 domains seized
🚪 11 locations searched
👮 One arrest
📰 www.infosecurity-magazine.com/news/operati...
November 13, 2025 at 1:02 PM
🚨 𝐎𝐩. 𝐄𝐧𝐝𝐠𝐚𝐦𝐞 3.0 𝐃𝐢𝐬𝐦𝐚𝐧𝐭𝐥𝐞𝐬 𝐑𝐡𝐚𝐝𝐚𝐦𝐚𝐧𝐭𝐡𝐲𝐬, 𝐕𝐞𝐧𝐨𝐦𝐑𝐀𝐓 𝐚𝐧𝐝 𝐄𝐥𝐲𝐬𝐢𝐮𝐦
The third "season" of Operation Endgame resulted in:
🗄️ Over 1025 servers taken down or disrupted
🌐 20 domains seized
🚪 11 locations searched
👮 One arrest
📰 www.infosecurity-magazine.com/news/operati...
The third "season" of Operation Endgame resulted in:
🗄️ Over 1025 servers taken down or disrupted
🌐 20 domains seized
🚪 11 locations searched
👮 One arrest
📰 www.infosecurity-magazine.com/news/operati...
𝐏𝐎𝐃𝐂𝐀𝐒𝐓 - 𝐇𝐨𝐰 𝐏𝐫𝐢𝐯𝐚𝐭𝐞 𝐑𝐞𝐬𝐞𝐚𝐫𝐜𝐡𝐞𝐫𝐬 𝐀𝐫𝐞 𝐓𝐚𝐤𝐢𝐧𝐠 𝐃𝐨𝐰𝐧 𝐑𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬
I sat down with Matthew Maynard, a cybersecurity pro by day and a cyber ghost-buster by night, who doesn’t just hunt vulnerabilities, but haunts the hackers themselves.
🎧 Listen here: feeds.soundcloud.com/users/soundc...
I sat down with Matthew Maynard, a cybersecurity pro by day and a cyber ghost-buster by night, who doesn’t just hunt vulnerabilities, but haunts the hackers themselves.
🎧 Listen here: feeds.soundcloud.com/users/soundc...
November 5, 2025 at 11:02 AM
𝐏𝐎𝐃𝐂𝐀𝐒𝐓 - 𝐇𝐨𝐰 𝐏𝐫𝐢𝐯𝐚𝐭𝐞 𝐑𝐞𝐬𝐞𝐚𝐫𝐜𝐡𝐞𝐫𝐬 𝐀𝐫𝐞 𝐓𝐚𝐤𝐢𝐧𝐠 𝐃𝐨𝐰𝐧 𝐑𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞 𝐎𝐩𝐞𝐫𝐚𝐭𝐢𝐨𝐧𝐬
I sat down with Matthew Maynard, a cybersecurity pro by day and a cyber ghost-buster by night, who doesn’t just hunt vulnerabilities, but haunts the hackers themselves.
🎧 Listen here: feeds.soundcloud.com/users/soundc...
I sat down with Matthew Maynard, a cybersecurity pro by day and a cyber ghost-buster by night, who doesn’t just hunt vulnerabilities, but haunts the hackers themselves.
🎧 Listen here: feeds.soundcloud.com/users/soundc...
𝘗𝘦𝘳𝘴𝘰𝘯𝘢𝘭 𝘰𝘱𝘪𝘯𝘪𝘰𝘯: 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐑𝐞𝐩𝐨𝐫𝐭𝐢𝐧𝐠 𝐒𝐡𝐨𝐮𝐥𝐝𝐧’𝐭 𝐉𝐮𝐦𝐩 𝐭𝐨 𝐆𝐞𝐨𝐩𝐨𝐥𝐢𝐭𝐢𝐜𝐚𝐥 𝐂𝐨𝐧𝐜𝐥𝐮𝐬𝐢𝐨𝐧𝐬 (𝐄𝐬𝐩𝐞𝐜𝐢𝐚𝐥𝐥𝐲 𝐖𝐢𝐭𝐡𝐨𝐮𝐭 𝐄𝐯𝐢𝐝𝐞𝐧𝐜𝐞)
The latest cyberattack on airports is a serious incident that warrants thorough investigation. (1/5)
www.infosecurity-magazine.com/news/airport...
The latest cyberattack on airports is a serious incident that warrants thorough investigation. (1/5)
www.infosecurity-magazine.com/news/airport...
Airport Chaos Enters Third Day After Supply Chain Attack
Heathrow, Brussels, Dublin and Berlin airports are among those disrupted by a cyber-attack on Collins Aerospace
www.infosecurity-magazine.com
September 22, 2025 at 7:30 PM
𝘗𝘦𝘳𝘴𝘰𝘯𝘢𝘭 𝘰𝘱𝘪𝘯𝘪𝘰𝘯: 𝐂𝐲𝐛𝐞𝐫𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐑𝐞𝐩𝐨𝐫𝐭𝐢𝐧𝐠 𝐒𝐡𝐨𝐮𝐥𝐝𝐧’𝐭 𝐉𝐮𝐦𝐩 𝐭𝐨 𝐆𝐞𝐨𝐩𝐨𝐥𝐢𝐭𝐢𝐜𝐚𝐥 𝐂𝐨𝐧𝐜𝐥𝐮𝐬𝐢𝐨𝐧𝐬 (𝐄𝐬𝐩𝐞𝐜𝐢𝐚𝐥𝐥𝐲 𝐖𝐢𝐭𝐡𝐨𝐮𝐭 𝐄𝐯𝐢𝐝𝐞𝐧𝐜𝐞)
The latest cyberattack on airports is a serious incident that warrants thorough investigation. (1/5)
www.infosecurity-magazine.com/news/airport...
The latest cyberattack on airports is a serious incident that warrants thorough investigation. (1/5)
www.infosecurity-magazine.com/news/airport...
EXCLUSIVE - Why Three Vendors Pulled Out of ‘Cybersecurity Olympics’
Microsoft, SentinelOne and Palo Alto Networks have decided not to take part in the 2025 edition of MITRE’s EDR test.
I spoke with MITRE CTO to understand what motivated these moves.
www.infosecurity-magazine.com/news/cyber-v...
Microsoft, SentinelOne and Palo Alto Networks have decided not to take part in the 2025 edition of MITRE’s EDR test.
I spoke with MITRE CTO to understand what motivated these moves.
www.infosecurity-magazine.com/news/cyber-v...
September 22, 2025 at 1:03 PM
EXCLUSIVE - Why Three Vendors Pulled Out of ‘Cybersecurity Olympics’
Microsoft, SentinelOne and Palo Alto Networks have decided not to take part in the 2025 edition of MITRE’s EDR test.
I spoke with MITRE CTO to understand what motivated these moves.
www.infosecurity-magazine.com/news/cyber-v...
Microsoft, SentinelOne and Palo Alto Networks have decided not to take part in the 2025 edition of MITRE’s EDR test.
I spoke with MITRE CTO to understand what motivated these moves.
www.infosecurity-magazine.com/news/cyber-v...
Reposted by Kevin Poireault
Hackers calling themselves SafePay. carried out a ransomware attack on the five-star K Club resort in Co Kildare as it prepared to host some of the world’s top golfers at the Irish Open this past weekend.
www.thetimes.com/world/irelan...
www.thetimes.com/world/irelan...
Cyberattack on K Club before Irish Open
The five-star resort was hit by a ransomware attack, with leaked data including financial records, IT documentation and administrative information
www.thetimes.com
September 8, 2025 at 12:29 PM
Hackers calling themselves SafePay. carried out a ransomware attack on the five-star K Club resort in Co Kildare as it prepared to host some of the world’s top golfers at the Irish Open this past weekend.
www.thetimes.com/world/irelan...
www.thetimes.com/world/irelan...
Reposted by Kevin Poireault
Cybersecurity firm Netskope eyes up to $6.5 billion valuation in US IPO
www.reuters.com/business/cyb...
www.reuters.com/business/cyb...
Cybersecurity firm Netskope eyes up to $6.5 billion valuation in US IPO
Netskope is seeking a valuation of up to $6.5 billion in its initial public offering in the United States, the cloud-based cybersecurity firm said on Monday, signaling investors' appetite for new listings.
www.reuters.com
September 8, 2025 at 12:22 PM
Cybersecurity firm Netskope eyes up to $6.5 billion valuation in US IPO
www.reuters.com/business/cyb...
www.reuters.com/business/cyb...
Reposted by Kevin Poireault
Hackers are using security reports to translate technical problems into “partial malicious code” as part of the “vibe coding” trend.
www.trendmicro.com/vinfo/us/sec...
www.trendmicro.com/vinfo/us/sec...
Do Security Blogs Enable Vibe-Coded Cybercrime?
Security companies routinely publish detailed analyses of security incidents, making attacker tactics, techniques, and procedures (TTPs) widely known and visible. These reports often provide comprehen...
www.trendmicro.com
September 4, 2025 at 10:39 AM
Hackers are using security reports to translate technical problems into “partial malicious code” as part of the “vibe coding” trend.
www.trendmicro.com/vinfo/us/sec...
www.trendmicro.com/vinfo/us/sec...
𝐂𝐈𝐒𝐀 2015 𝐒𝐚𝐟𝐞 𝐇𝐚𝐫𝐛𝐨𝐫 𝐚𝐭 𝐑𝐢𝐬𝐤 𝐚𝐬 𝐒𝐞𝐩𝐭𝐞𝐦𝐛𝐞𝐫 30 𝐃𝐞𝐚𝐝𝐥𝐢𝐧𝐞 𝐍𝐞𝐚𝐫𝐬
⌛As the expiration date for the Cybersecurity Information Sharing Act of 2015 looms in the US, I spoke to experts about the provisions the Act offers and the debates surrounding the renewal and the consequences of non-renewal.
⌛As the expiration date for the Cybersecurity Information Sharing Act of 2015 looms in the US, I spoke to experts about the provisions the Act offers and the debates surrounding the renewal and the consequences of non-renewal.
September 2, 2025 at 11:04 AM
𝐂𝐈𝐒𝐀 2015 𝐒𝐚𝐟𝐞 𝐇𝐚𝐫𝐛𝐨𝐫 𝐚𝐭 𝐑𝐢𝐬𝐤 𝐚𝐬 𝐒𝐞𝐩𝐭𝐞𝐦𝐛𝐞𝐫 30 𝐃𝐞𝐚𝐝𝐥𝐢𝐧𝐞 𝐍𝐞𝐚𝐫𝐬
⌛As the expiration date for the Cybersecurity Information Sharing Act of 2015 looms in the US, I spoke to experts about the provisions the Act offers and the debates surrounding the renewal and the consequences of non-renewal.
⌛As the expiration date for the Cybersecurity Information Sharing Act of 2015 looms in the US, I spoke to experts about the provisions the Act offers and the debates surrounding the renewal and the consequences of non-renewal.
Reposted by Kevin Poireault
𝐕𝐨𝐭𝐫𝐞 𝐕𝐏𝐍 𝐞𝐬𝐭-𝐢𝐥 𝐮𝐧 𝐜𝐡𝐞𝐯𝐚𝐥 𝐝𝐞 𝐓𝐫𝐨𝐢𝐞 𝐜𝐡𝐢𝐧𝐨𝐢𝐬 ? 🇨🇳
D’après 3 études, des dizaines d’applis VPN (Google Play Store/Apple App Store) sont liées entre elles… et certaines appartiennent à Qihoo 360, proche de l’armée chinoise.
🔗 Nouvelle édition de Coupe-Circuit : open.substack.com/pub/coupecir...
D’après 3 études, des dizaines d’applis VPN (Google Play Store/Apple App Store) sont liées entre elles… et certaines appartiennent à Qihoo 360, proche de l’armée chinoise.
🔗 Nouvelle édition de Coupe-Circuit : open.substack.com/pub/coupecir...
August 31, 2025 at 3:29 PM
𝐕𝐨𝐭𝐫𝐞 𝐕𝐏𝐍 𝐞𝐬𝐭-𝐢𝐥 𝐮𝐧 𝐜𝐡𝐞𝐯𝐚𝐥 𝐝𝐞 𝐓𝐫𝐨𝐢𝐞 𝐜𝐡𝐢𝐧𝐨𝐢𝐬 ? 🇨🇳
D’après 3 études, des dizaines d’applis VPN (Google Play Store/Apple App Store) sont liées entre elles… et certaines appartiennent à Qihoo 360, proche de l’armée chinoise.
🔗 Nouvelle édition de Coupe-Circuit : open.substack.com/pub/coupecir...
D’après 3 études, des dizaines d’applis VPN (Google Play Store/Apple App Store) sont liées entre elles… et certaines appartiennent à Qihoo 360, proche de l’armée chinoise.
🔗 Nouvelle édition de Coupe-Circuit : open.substack.com/pub/coupecir...
🔎 VulnWatch Friday: CVE-2025-57819 🔓
The Sangoma FreePBX Security Team has warned of a vulnerability being exploited in the wild.
FreePBX is an open-source graphical user interface (GUI) for managing Asterisk, the popular open-source Private Branch Exchange (PBX) and telephony platform.
The Sangoma FreePBX Security Team has warned of a vulnerability being exploited in the wild.
FreePBX is an open-source graphical user interface (GUI) for managing Asterisk, the popular open-source Private Branch Exchange (PBX) and telephony platform.
August 29, 2025 at 2:53 PM
🔎 VulnWatch Friday: CVE-2025-57819 🔓
The Sangoma FreePBX Security Team has warned of a vulnerability being exploited in the wild.
FreePBX is an open-source graphical user interface (GUI) for managing Asterisk, the popular open-source Private Branch Exchange (PBX) and telephony platform.
The Sangoma FreePBX Security Team has warned of a vulnerability being exploited in the wild.
FreePBX is an open-source graphical user interface (GUI) for managing Asterisk, the popular open-source Private Branch Exchange (PBX) and telephony platform.
🧐 VulnWatch Wednesday: CVE-2025-7775 🔓
Citrix has released patches for three critical zero days in NetScaler ADC and Gateway, one of which was already being exploited by attackers.
According to Kevin Beaumont, exploit campaigns 🎯CVE-2025-7775 began before the patches were made available.
Citrix has released patches for three critical zero days in NetScaler ADC and Gateway, one of which was already being exploited by attackers.
According to Kevin Beaumont, exploit campaigns 🎯CVE-2025-7775 began before the patches were made available.
August 27, 2025 at 10:55 AM
🧐 VulnWatch Wednesday: CVE-2025-7775 🔓
Citrix has released patches for three critical zero days in NetScaler ADC and Gateway, one of which was already being exploited by attackers.
According to Kevin Beaumont, exploit campaigns 🎯CVE-2025-7775 began before the patches were made available.
Citrix has released patches for three critical zero days in NetScaler ADC and Gateway, one of which was already being exploited by attackers.
According to Kevin Beaumont, exploit campaigns 🎯CVE-2025-7775 began before the patches were made available.
🧐 VulnWatch Wednesday: CVE-2025-31324 🔓
A critical vulnerability in SAP NetWeaver is now being widely exploited following the release of public exploit tooling.
🆕 The public availability of the full source code makes the exploit easy to use even for attackers with little technical expertise.
A critical vulnerability in SAP NetWeaver is now being widely exploited following the release of public exploit tooling.
🆕 The public availability of the full source code makes the exploit easy to use even for attackers with little technical expertise.
August 20, 2025 at 4:10 PM
🧐 VulnWatch Wednesday: CVE-2025-31324 🔓
A critical vulnerability in SAP NetWeaver is now being widely exploited following the release of public exploit tooling.
🆕 The public availability of the full source code makes the exploit easy to use even for attackers with little technical expertise.
A critical vulnerability in SAP NetWeaver is now being widely exploited following the release of public exploit tooling.
🆕 The public availability of the full source code makes the exploit easy to use even for attackers with little technical expertise.
𝐋𝐞𝐠𝐢𝐭𝐢𝐦𝐚𝐭𝐞 𝐂𝐡𝐫𝐨𝐦𝐞 𝐕𝐏𝐍 𝐄𝐱𝐭𝐞𝐧𝐬𝐢𝐨𝐧 𝐓𝐮𝐫𝐧𝐬 𝐭𝐨 𝐁𝐫𝐨𝐰𝐬𝐞𝐫 𝐒𝐩𝐲𝐰𝐚𝐫𝐞
FreeVPN.One, a popular Google-featured browser VPN extension, recently turned malicious and is now spying on users’ every move online.
A good read from Koi Security on 𝑰𝒏𝒕𝒆𝒓𝒏𝒂𝒕𝒊𝒐𝒏𝒂𝒍 𝑽𝑷𝑵 𝑫𝒂𝒚
www.infosecurity-magazine.com/news/chrome-...
FreeVPN.One, a popular Google-featured browser VPN extension, recently turned malicious and is now spying on users’ every move online.
A good read from Koi Security on 𝑰𝒏𝒕𝒆𝒓𝒏𝒂𝒕𝒊𝒐𝒏𝒂𝒍 𝑽𝑷𝑵 𝑫𝒂𝒚
www.infosecurity-magazine.com/news/chrome-...
August 19, 2025 at 1:01 PM
𝐋𝐞𝐠𝐢𝐭𝐢𝐦𝐚𝐭𝐞 𝐂𝐡𝐫𝐨𝐦𝐞 𝐕𝐏𝐍 𝐄𝐱𝐭𝐞𝐧𝐬𝐢𝐨𝐧 𝐓𝐮𝐫𝐧𝐬 𝐭𝐨 𝐁𝐫𝐨𝐰𝐬𝐞𝐫 𝐒𝐩𝐲𝐰𝐚𝐫𝐞
FreeVPN.One, a popular Google-featured browser VPN extension, recently turned malicious and is now spying on users’ every move online.
A good read from Koi Security on 𝑰𝒏𝒕𝒆𝒓𝒏𝒂𝒕𝒊𝒐𝒏𝒂𝒍 𝑽𝑷𝑵 𝑫𝒂𝒚
www.infosecurity-magazine.com/news/chrome-...
FreeVPN.One, a popular Google-featured browser VPN extension, recently turned malicious and is now spying on users’ every move online.
A good read from Koi Security on 𝑰𝒏𝒕𝒆𝒓𝒏𝒂𝒕𝒊𝒐𝒏𝒂𝒍 𝑽𝑷𝑵 𝑫𝒂𝒚
www.infosecurity-magazine.com/news/chrome-...
👀 VulnWatch Monday: CVE-2025-25256 🔓
WatchTowr Labs has published a technical analysis of CVE-2025-25256, a critical pre-auth command injection vulnerability in Fortinet's FortiSIEM, as well as a detection artifact generator.
🔧 Fix? Yes (see Fortinet's security advisory)
WatchTowr Labs has published a technical analysis of CVE-2025-25256, a critical pre-auth command injection vulnerability in Fortinet's FortiSIEM, as well as a detection artifact generator.
🔧 Fix? Yes (see Fortinet's security advisory)
August 18, 2025 at 5:42 PM
👀 VulnWatch Monday: CVE-2025-25256 🔓
WatchTowr Labs has published a technical analysis of CVE-2025-25256, a critical pre-auth command injection vulnerability in Fortinet's FortiSIEM, as well as a detection artifact generator.
🔧 Fix? Yes (see Fortinet's security advisory)
WatchTowr Labs has published a technical analysis of CVE-2025-25256, a critical pre-auth command injection vulnerability in Fortinet's FortiSIEM, as well as a detection artifact generator.
🔧 Fix? Yes (see Fortinet's security advisory)
NEW 🏆Team Atlanta is the winner of DARPA’s and ARPA-H’s AI Cybersecurity Challenge (AIxCC)
🥇 They performed top in all but one category
💰 They will receive a prize of $4m
🥇 They performed top in all but one category
💰 They will receive a prize of $4m
August 8, 2025 at 7:13 PM
NEW 🏆Team Atlanta is the winner of DARPA’s and ARPA-H’s AI Cybersecurity Challenge (AIxCC)
🥇 They performed top in all but one category
💰 They will receive a prize of $4m
🥇 They performed top in all but one category
💰 They will receive a prize of $4m
NEW 🏆Team Atlanta is the winner of DARPA’s and ARPA-H’s AI Cybersecurity Challenge (AIxCC)
🥇 They performed top in all but one category
💰 They will receive a prize of $4m
🥇 They performed top in all but one category
💰 They will receive a prize of $4m
August 8, 2025 at 7:13 PM
NEW 🏆Team Atlanta is the winner of DARPA’s and ARPA-H’s AI Cybersecurity Challenge (AIxCC)
🥇 They performed top in all but one category
💰 They will receive a prize of $4m
🥇 They performed top in all but one category
💰 They will receive a prize of $4m
🔴 CISA Update Session at @BlackHatEvents
USA 2025 🔴
Robert Costello, CIO of CISA, believes reports of the agency's demise are greatly exaggerated. He quoted Ernest Hemingway: "We're not retrieving, we're advancing to a new direction."
USA 2025 🔴
Robert Costello, CIO of CISA, believes reports of the agency's demise are greatly exaggerated. He quoted Ernest Hemingway: "We're not retrieving, we're advancing to a new direction."
August 7, 2025 at 10:35 PM
🔴 CISA Update Session at @BlackHatEvents
USA 2025 🔴
Robert Costello, CIO of CISA, believes reports of the agency's demise are greatly exaggerated. He quoted Ernest Hemingway: "We're not retrieving, we're advancing to a new direction."
USA 2025 🔴
Robert Costello, CIO of CISA, believes reports of the agency's demise are greatly exaggerated. He quoted Ernest Hemingway: "We're not retrieving, we're advancing to a new direction."
Reposted by Kevin Poireault
#ESETresearch joins Europol’s Cyber Intelligence Extension Programme (CIEP) 🤝 We are proud to announce ESET’s participation in the pilot phase of CIEP, a new initiative launched by Europol 's European Cybercrime Centre (EC3). 1/5
August 7, 2025 at 1:38 PM
#ESETresearch joins Europol’s Cyber Intelligence Extension Programme (CIEP) 🤝 We are proud to announce ESET’s participation in the pilot phase of CIEP, a new initiative launched by Europol 's European Cybercrime Centre (EC3). 1/5
🔍 APT28’s ‘Lamehug’ is the first LLM-powered malware
🧪 MITRE's Gianpaolo Russo and Marissa Dotter broke it down at @blackhatevents.bsky.social USA, showing how this shifts cyber threats. Their OCCULT suite tests these threats.
🔜 Stay tuned for deeper insights on Infosecurity Magazine
🧪 MITRE's Gianpaolo Russo and Marissa Dotter broke it down at @blackhatevents.bsky.social USA, showing how this shifts cyber threats. Their OCCULT suite tests these threats.
🔜 Stay tuned for deeper insights on Infosecurity Magazine
August 7, 2025 at 1:59 PM
🔍 APT28’s ‘Lamehug’ is the first LLM-powered malware
🧪 MITRE's Gianpaolo Russo and Marissa Dotter broke it down at @blackhatevents.bsky.social USA, showing how this shifts cyber threats. Their OCCULT suite tests these threats.
🔜 Stay tuned for deeper insights on Infosecurity Magazine
🧪 MITRE's Gianpaolo Russo and Marissa Dotter broke it down at @blackhatevents.bsky.social USA, showing how this shifts cyber threats. Their OCCULT suite tests these threats.
🔜 Stay tuned for deeper insights on Infosecurity Magazine
🚨 A US defense contractor’s domain was compromised by ethical hackers in just 77 seconds
Part of the NSA's CAPT program, which offers free pentesting for DIB suppliers, this test was run by @horizon3ai.bsky.social.
🔜 More to come on Infosecurity Magazine
Part of the NSA's CAPT program, which offers free pentesting for DIB suppliers, this test was run by @horizon3ai.bsky.social.
🔜 More to come on Infosecurity Magazine
August 7, 2025 at 1:44 PM
🚨 A US defense contractor’s domain was compromised by ethical hackers in just 77 seconds
Part of the NSA's CAPT program, which offers free pentesting for DIB suppliers, this test was run by @horizon3ai.bsky.social.
🔜 More to come on Infosecurity Magazine
Part of the NSA's CAPT program, which offers free pentesting for DIB suppliers, this test was run by @horizon3ai.bsky.social.
🔜 More to come on Infosecurity Magazine
Reposted by Kevin Poireault
Appli bloquée en Éthiopie = indisponible en Palestine
Saviez-vous qu'une application Android bloquée en Afghanistan le sera aussi en Mauritanie ? Et qu'une application qui disparaît du Google Play Store à Madagascar sera indisponible au Kosovo ?
L'explication ici: open.substack.com/pub/coupecir...
Saviez-vous qu'une application Android bloquée en Afghanistan le sera aussi en Mauritanie ? Et qu'une application qui disparaît du Google Play Store à Madagascar sera indisponible au Kosovo ?
L'explication ici: open.substack.com/pub/coupecir...
🌍 Bloquer une app en Éthiopie la bloque aussi en Palestine
Grâce au Google Play Store 'Rest of the world'
open.substack.com
July 28, 2025 at 3:19 PM
Appli bloquée en Éthiopie = indisponible en Palestine
Saviez-vous qu'une application Android bloquée en Afghanistan le sera aussi en Mauritanie ? Et qu'une application qui disparaît du Google Play Store à Madagascar sera indisponible au Kosovo ?
L'explication ici: open.substack.com/pub/coupecir...
Saviez-vous qu'une application Android bloquée en Afghanistan le sera aussi en Mauritanie ? Et qu'une application qui disparaît du Google Play Store à Madagascar sera indisponible au Kosovo ?
L'explication ici: open.substack.com/pub/coupecir...
🔎 VulnWatch Friday: CVE-2025-7624 🔓
In a July 21 security advisory, Sophos shared the patches for 5️⃣ vulnerabilities affecting its products.
One of the two critical vulnerabilities, tracked as CVE-2025-7624 is an SQL injection in the legacy SMTP proxy of some Sophos Firewall versions.
In a July 21 security advisory, Sophos shared the patches for 5️⃣ vulnerabilities affecting its products.
One of the two critical vulnerabilities, tracked as CVE-2025-7624 is an SQL injection in the legacy SMTP proxy of some Sophos Firewall versions.
July 25, 2025 at 3:47 PM
🔎 VulnWatch Friday: CVE-2025-7624 🔓
In a July 21 security advisory, Sophos shared the patches for 5️⃣ vulnerabilities affecting its products.
One of the two critical vulnerabilities, tracked as CVE-2025-7624 is an SQL injection in the legacy SMTP proxy of some Sophos Firewall versions.
In a July 21 security advisory, Sophos shared the patches for 5️⃣ vulnerabilities affecting its products.
One of the two critical vulnerabilities, tracked as CVE-2025-7624 is an SQL injection in the legacy SMTP proxy of some Sophos Firewall versions.
🧐 VulnWatch Wednesday: CVE-2025-54309 🔓
At least 10,000 CrushFTP instances are vulnerable to a critical flaw, which is currently being exploited by attackers, affecting the file transfer solution, according to @shadowserver.bsky.social and @rapid7.com.
www.infosecurity-magazine.com/news/crushft...
At least 10,000 CrushFTP instances are vulnerable to a critical flaw, which is currently being exploited by attackers, affecting the file transfer solution, according to @shadowserver.bsky.social and @rapid7.com.
www.infosecurity-magazine.com/news/crushft...
July 23, 2025 at 4:13 PM
🧐 VulnWatch Wednesday: CVE-2025-54309 🔓
At least 10,000 CrushFTP instances are vulnerable to a critical flaw, which is currently being exploited by attackers, affecting the file transfer solution, according to @shadowserver.bsky.social and @rapid7.com.
www.infosecurity-magazine.com/news/crushft...
At least 10,000 CrushFTP instances are vulnerable to a critical flaw, which is currently being exploited by attackers, affecting the file transfer solution, according to @shadowserver.bsky.social and @rapid7.com.
www.infosecurity-magazine.com/news/crushft...
𝐍𝐄𝐖 ⚖️ The Clorox Company 𝐒𝐮𝐞𝐬 Cognizant 𝐟𝐨𝐫 𝐂𝐚𝐮𝐬𝐢𝐧𝐠 2023 𝐂𝐲𝐛𝐞𝐫-𝐀𝐭𝐭𝐚𝐜𝐤
Clorox, a leading US producer of cleaning products, is suing its former IT service desk provider, London-based Cognizant, over the August 2023 cyber-attack. [1/4]
www.infosecurity-magazine.com/news/clorox-...
Clorox, a leading US producer of cleaning products, is suing its former IT service desk provider, London-based Cognizant, over the August 2023 cyber-attack. [1/4]
www.infosecurity-magazine.com/news/clorox-...
July 23, 2025 at 3:34 PM
𝐍𝐄𝐖 ⚖️ The Clorox Company 𝐒𝐮𝐞𝐬 Cognizant 𝐟𝐨𝐫 𝐂𝐚𝐮𝐬𝐢𝐧𝐠 2023 𝐂𝐲𝐛𝐞𝐫-𝐀𝐭𝐭𝐚𝐜𝐤
Clorox, a leading US producer of cleaning products, is suing its former IT service desk provider, London-based Cognizant, over the August 2023 cyber-attack. [1/4]
www.infosecurity-magazine.com/news/clorox-...
Clorox, a leading US producer of cleaning products, is suing its former IT service desk provider, London-based Cognizant, over the August 2023 cyber-attack. [1/4]
www.infosecurity-magazine.com/news/clorox-...