LightNews LightNews
psparrows.bsky.social
@psparrows.bsky.social
27 followers 4 following 46 posts
Posts Replies Media Videos
psparrows.bsky.social
Shai-Hulud 2.0 behaves like a #worm, not a single compromised package. It harvests and exfiltrates credentials and #cloud secrets to attacker-controlled GitHub repositories, spreading to new npm accounts. Here's the analysis from Netskope Threat Labs:

www.netskope.com/blog/shai-hu...
Shai-Hulud 2.0: Aggressive & Automated, One Of Fastest Spreading NPM Supply Chain Attacks Ever Observed
Shai-Hulud 2.0 is an aggressive, automated NPM supply chain attack. Get the full analysis on credential theft, GitHub backdoors, and IOCs.
www.netskope.com
November 27, 2025 at 1:28 PM
psparrows.bsky.social
Can large language models (LLMs) effectively generate malicious code?

Netskope Threat Labs explores the feasibility of fully agentic #malware. Read the testing results and learn what the future of LLM-powered threats looks like.

www.netskope.com/blog/the-fut...
The Future of Malware is LLM-powered
Summary Large language models (LLMs) have rapidly transformed industries, becoming invaluable tools for automation, coding assistance, and research.
www.netskope.com
November 26, 2025 at 11:29 AM
psparrows.bsky.social
The Netskope Threat Labs Report for #Manufacturing 2025 is out! 📢 🎺

⛈️ 18% of #malware download came from OneDrive
⛈️ 94% of manufacturing orgs use #GenAI apps
⛈️ 29% of #DLP violations for GenAI apps concern regulated data
⛈️ #ChatGPT is the top used app with 87%

www.netskope.com/resources/th...
November 12, 2025 at 3:16 PM
psparrows.bsky.social
Hard times for Gamers... After the Python RAT, Netskope Threat Labs discovered a new, open-source RedTiger #infostealer in the wild, primarily targeting victims’ Discord accounts, Roblox credentials, browser data , and cryptocurrency wallet files.

#CloudSecurity

www.netskope.com/blog/redtige...
RedTiger: New Red Teaming Tool in the Wild Targeting Gamers and Discord Accounts
Summary Gamers are a hot target for infostealers these days. This blog post is the second we have published this month about an infostealer targeting
www.netskope.com
October 24, 2025 at 2:14 PM
psparrows.bsky.social
Threat actors continue to exploit #vulnerabilities in #security appliances, such as #firewalls and #VPN concentrators, to gain initial access. Not only #zerodays disclosed in 2025, but also old vulnerabilities remediated years ago, but left unpatched

www.hackmageddon.com/2025/10/07/c...
October 7, 2025 at 8:27 AM
psparrows.bsky.social
The Netskope Threat Labs Report for #Retail 2025 is out! 📢

⛈️ 95% of organizations use #genAI apps
⛈️ 57% of DLP violations are for regulated data
⛈️ 81% #chatGPT is the most used genAI app
⛈️ 11% of #malware downloads come from OneDrive

#cloudsecurity

www.netskope.com/resources/th...
September 24, 2025 at 3:59 PM
psparrows.bsky.social
The 1-15 March 2025 #cyberattacks timeline is out with 116 events, a #threat landscape dominated by #malware and #ransomware, and the confirmation that #phishing emails and #vulnerabilities are the main initial access vectors

www.hackmageddon.com/2025/09/05/1...

#Infosecurity #Cybersecurity
September 5, 2025 at 9:58 AM
psparrows.bsky.social
The Netskope Threat Labs Report for Australia 🇦🇺 is out! 📣

⛈️ 9.9% of #malware come from GitHub
⛈️ Google most impersonated brand for #phishing
⛈️ 87% of organizations use #genAI apps
⛈️ 42% of data policy violations concern Intellectual property

netskope.com/resources/th...
September 2, 2025 at 10:03 AM
psparrows.bsky.social
The @Netskope Threat Labs Report focused on #ShadowAI and #AgenticAI is out!

⛈️ 89% of orgs use at least one #genAI app
⛈️ 7.6% of people use at least one app
⛈️ 7 apps are used in the typical org
⛈️ 8.2GB of data is uploaded on average to genAI apps

www.netskope.com/resources/re...
August 11, 2025 at 1:36 PM
psparrows.bsky.social
After the timelines, here we go with the #cyberattacks statistics for February 2025 where I analyzed 231 events, in a #threat landscape where the majority of #attacks were driven by #cybercrime, carried out via #malware, and initiated through #phishing #cybersec

www.hackmageddon.com/2025/08/07/f...
August 7, 2025 at 2:51 PM
psparrows.bsky.social
The 16-28 February 2025 #Cyberattacks timeline is out with 167 events and a #threat landscape dominated by #malware and #ransomware.

In terms of initial access #phishing and exploitation of #vulnerabilities remain the preferred weapons of threat actors.

www.hackmageddon.com/2025/08/05/1...
August 5, 2025 at 2:07 PM
psparrows.bsky.social
After the September 2024 campaign, Netskope Threat Labs discovered a new version of the XWorm #malware, introducing new features such as process protection and enhanced anti-analysis capabilities.

www.netskope.com/blog/xworm-v...
XWorm V6: Advanced Evasion and AMSI Bypass Capabilities Revealed
Summary In September 2024, Netskope Threat Labs reported on the XWorm malware and its infection chain. We revealed new XWorm command and control (C2)
www.netskope.com
July 29, 2025 at 12:27 PM
psparrows.bsky.social
Against all odds, I continue to (not so) regularly update my blog hackmageddon.com. I have been quite busy lately, but hope to catch up during the Summer break.

In the meantime enjoy the 1-15 February 2025 #cyberattacks timeline

www.hackmageddon.com/2025/07/23/1...

#cybersecurity
July 23, 2025 at 11:03 AM
psparrows.bsky.social
Netskope Threat Labs has discovered a campaign from the Silver Fox threat actor, using fake installers disguised as legitimate software, including WPS Office, Sogou, and DeepSeek, to deliver the Sainbox RAT and Hidden #rootkit to Chinese-speaker users.

www.netskope.com/blog/deepsee...
June 27, 2025 at 7:44 AM
psparrows.bsky.social
The @Netskope Threat Labs Report #Brazil 2025 is out! 🇧🇷

🌨️ #OneDrive most abused #cloud app for #malware
🌨️ #Microsoft most impersonated brand for #phishing
🌨️ 62% of policy violations concern regulated data
🌨️ 96% of organizations use #genAI apps

www.netskope.com/resources/th...
June 11, 2025 at 4:04 PM
psparrows.bsky.social
The 16-30 January #cyberattacks timeline is out with 107 events and a #threat landscape dominated by #malware and #ransomware. #phishing emails continued to lead the initial access techniques.

www.hackmageddon.com/2025/06/04/1...

#cybersecurity #infosecurity #cloudsecurity
June 4, 2025 at 3:48 PM
psparrows.bsky.social
#Threat actors continue to exploit legitimate #cloud apps. In this campaign discovered by the Netskope Threat Labs, #phishing pages are hosted on Glitch, and Telegram is abused to exfiltrate credentials and bypass MFA.

www.netskope.com/blog/glitch-...

#cloudsecurity
June 2, 2025 at 5:45 PM
psparrows.bsky.social
The @Netskope Threat Labs for Europe 2025 🇪🇺 is out!

🌩️ #GitHub is the top #cloud app for #malware downloads (16%)
🌩️ Adobe is the most impersonated brand for #phishing (29%)
🌩️ 57% of #DLP violations concern regulated data
🌩️ 91% of orgs use #GenAI apps

www.netskope.com/resources/th...

#CloudSecurity
May 28, 2025 at 7:52 AM
psparrows.bsky.social
One of the most surprising trends from the Netskope Cloud and Threat Report 2025 is that #GitHub has surpassed Microsoft #OneDrive as the most exploited #cloud app for delivering #malware.

I summarised the findings in a blog post for Infosec Magazine.

www.infosecurity-magazine.com/opinions/cur...
May 16, 2025 at 4:03 PM
psparrows.bsky.social
The Netskope Threat Labs Report for #Healthcare 2025 is out!

⛈️ 13% of #malware downloads come from GitHub
⛈️ 88% of organizations use #genAI apps
⛈️ #ChatGPT is the most used app with 81%
⛈️ 81% of data policy violations are related to regulated data

www.netskope.com/resources/th...

#CloudSecurity
May 9, 2025 at 12:37 PM
psparrows.bsky.social
The 1-15 January 2025 #cyberattacks timeline is out!

💀 #cybercrime dominated the #threat landscape
💀 #malware was the top attack vector the #threat landscape
💀 #phishing emails were the main initial access vector.

#cybersecurity #infosec

www.hackmageddon.com/2025/05/06/1...
May 6, 2025 at 2:10 PM
psparrows.bsky.social
The #cyberattacks statistics for Q4 2024 are out!

💀 #Cybercrime accounted for 70% of the events
💀 #Malware continued to lead the Attack Techniques chart with 28%
💀 #Phishing led the Initial Attack Vectors with 17%

www.hackmageddon.com/2025/04/24/q...

#CyberSec #CloudSecurity
April 24, 2025 at 10:15 AM
psparrows.bsky.social
The #cyberattacks statistics for December 2024 are out! (Better late than never...).

💀 #Cybercrime continued to lead the Motivations
💀 #Malware led the Attack Techniques
💀 #Phishing Emails led the Initial Access

hackmageddon.com/2025/04/22/d...

#cybersecurity #infosec #cloudsecurity
April 22, 2025 at 1:55 PM
psparrows.bsky.social
And finally the last #cyberattacks timeline for 2024 is out! (December H2 - I know I am a little late!). #Malware continued to dominate the #threat landscape and #phishing was, once again, the preferred method for initial access.

www.hackmageddon.com/2025/04/18/1...

#cybersecurity #infosec
April 18, 2025 at 10:55 AM
psparrows.bsky.social
The 1-15 December 2024 #cyberattacks timeline is out with 115 events and a #threat landscape dominated by #malware. #Cybercrime continues to be the main motivation, and #phishing the main initial access vector.

www.hackmageddon.com/2025/04/04/1...

#CyberSecurity #Cloudsecurity #InfoSecurity
April 4, 2025 at 10:11 AM