Lightnews — Scholar-powered news

Reposted by Julian-Ferdinand Vögele

Lorenzo Franceschi-Bicchierai @lorenzofb.bsky.social · 9h

SCOOP: Spyware maker NSO Group confirmed to us that the company has been acquired by a U.S. investment group.

NSO's spokesperson said the group "has invested tens of millions of dollars in the company and has acquired controlling ownership," but declined to say who is behind the investment.

Spyware maker NSO Group confirms acquisition by US investors | TechCrunch

NSO Group confirmed to TechCrunch that an unnamed group of American investors has taken “controlling ownership” of the surveillance tech maker.

techcrunch.com

2 64 68

Reposted by Julian-Ferdinand Vögele

Lily Hay Newman @lhn.bsky.social · 11h

As Apple expands its bug bounty, I spoke with VP Ivan Krstić about the significance + recent big swings like Memory Integrity Enforcement. These steps protect all users, but particularly those targeted by spyware: “We feel a great moral obligation to defend those users” www.wired.com/story/apple-...

Apple Announces $2 Million Bug Bounty Reward for the Most Dangerous Exploits

With the mercenary spyware industry booming, Apple VP Ivan Krstić tells WIRED that the company is also offering bonuses that could bring the max total reward for iPhone exploits to $5 million.

www.wired.com

8 20

Reposted by Julian-Ferdinand Vögele

John Scott-Railton @jsrailton.bsky.social · 13h

NEW: Pegasus spyware coming to America?

An ex-Adam Sandler producer with ties to China is trying to acquire NSO Group.

Again.

Simonds fronted this before in 2023 & failed. But the backers haven't given up. Why?

Where is the money coming from? 1/

www.globes.co.il/news/article...

6 38 66

Reposted by Julian-Ferdinand Vögele

Catalin Cimpanu @campuscodi.risky.biz · 16h

-EU scraps Chat Control vote
-Ukraine establishes a Cyber Force
-CISA workers reassigned to immigration enforcement
-Teenagers arrested for Kido hack
-Salesforce will not pay the ransom
-US Court halts FCC data breach rules

Newsletter: news.risky.biz/risky-bullet...
Podcast: risky.biz/RBNEWS489/

1 9 19

Reposted by Julian-Ferdinand Vögele

The Insider @theins.press · 17h

Germany’s AfD expels Hamburg lawmaker Robert Risch over participation in far-right congress in St. Petersburg

The Sept. 12 congress at the Mariinsky Palace brought together radical nationalists and neo-Nazis from 14 countries, from Hungary to Argentina.

Germany’s AfD expels Hamburg lawmaker Robert Risch over participation in far-right congress in St. Petersburg

Germany’s far-right Alternative for Germany (AfD) party has expelled Hamburg state lawmaker Robert Risch from its parliamentary group after he attended an international gathering of radical nationalis...

theins.press

2 6 24

Reposted by Julian-Ferdinand Vögele

Catalin Cimpanu @campuscodi.risky.biz · 1d

The hack against software giant Red Hat is part of a larger campaign that is targeting AWS cloud accounts.

A group named the Crimson Collective is using compromised IAM accounts to access and pilfer corporate AWS environments.

www.rapid7.com/blog/post/tr...

2 9 22

Reposted by Julian-Ferdinand Vögele

hakan @hatr.bsky.social · 1d

Hungary uses spies within the EU to close an information gap due to their public positioning in political matters that often is at odds with what the bloc is doing/saying

www.spiegel.de/ausland/eu-w...

(S+) EU: Wie Ungarns Agenten in Brüssel Informanten anzuwerben versuchten

Ungarische Spione trieben wohl jahrelang ihr Unwesen in Brüssel. Recherchen zeigen erstmals, dass sie sogar EU-Beamte rekrutieren wollten.

www.spiegel.de

1 3

Reposted by Julian-Ferdinand Vögele

Vas Panagiotopoulos @vaspanagiotopoulos.com · 1d

According to reconstructions, in Dec 2024 the ☎️number used by Caltagirone was added to a WhatsApp chat with contacts known to him, within which a PDF file had been shared. Shortly afterwards, the chat & the PDF disappeared.

✍️ @faffa42.bsky.social & Gianluca Paolucci.
www.lastampa.it/economia/202...

Il caso Paragon si allarga agli imprenditori: anche Caltagirone spiato

Il telefono del finanziere romano tra i protagonisti del riassetto del sistema bancario sarebbe stato attaccato con lo spyware che ha colpito anche giornalisti…

www.lastampa.it

1 1 3

Reposted by Julian-Ferdinand Vögele

Vas Panagiotopoulos @vaspanagiotopoulos.com · 1d

🚨 According to @irpimedia.eu & @lastampa.bsky.social, prominent 🇮🇹 Italian businessman Francesco Gaetano Caltagirone has been added to the list of people who last January received a message from WhatsApp informing them that they had been targeted with Paragon's Graphite #spyware.

1 5 5

Reposted by Julian-Ferdinand Vögele

Brad @malware-traffic-analysis.net · 1d

2025-10-08 (Wednesday): #Kongtuke campaign fake CAPTCHA page with #ClickFix instructions. Got a full infection chain, this time. A 205MB zip download makes the #pcap take a while to load in Wireshark. Some IOCs and associated malware/artifacts at www.malware-traffic-analysis.net/2025/10/08/i...

Traffic from the infection filtered in Wireshark.

Page from a compromised site with injected Kongtuke script.

Fake CAPTCHA page, courtesy of the Kongtuke campaign.

Following instructions from the Kongtuke campaign's fake CAPTCHA page.

1 3

Reposted by Julian-Ferdinand Vögele

Sean Lyngaas @snlyngaas.bsky.social · 2d

Prominent American law firms continue to be breached by suspected Chinese intelligence operatives: www.cnn.com/2025/10/08/p...

US law firm with major political clients hacked in spying spree linked to China | CNN Politics

Suspected Chinese government-backed hackers have breached computer systems of US law firm Williams & Connolly, which has represented some of America’s most powerful politicians, as part of a larger sp...

www.cnn.com

2 2

Reposted by Julian-Ferdinand Vögele

Alexander Martin @alexmartin.bsky.social · 2d

Russia is behind a campaign of cyberattacks, sabotage and provocation across Europe, according to the president of the European Commission, who warned on Wednesday morning: “It is time to call it by its name. This is hybrid warfare, and we have to take it very seriously.”

Russia is at ‘hybrid war’ with Europe, warns EU chief, calling for members ‘to take it very seriously’

European Commission President Ursula Von der Leyen urged the EU to “urgently equip itself with a strategic capacity to respond” to Russian hybrid warfare.

therecord.media

4 15 25

Reposted by Julian-Ferdinand Vögele

BrianKrebs @briankrebs.infosec.exchange.ap.brid.gy · 2d

New, by me: A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse […]

[Original post on infosec.exchange]

A screenshot of a scan of the trojan at virustotal.com shows 11 of the 72 security tools detected it as malicious. The malicious indicators are marked in red.

1 18 41

Reposted by Julian-Ferdinand Vögele

Catalin Cimpanu @campuscodi.risky.biz · 2d

-Redis vulnerability impacts all versions released in the last 13 years
-Oracle zero-day used in recent extortion campaign
-New MSS front company discovered
-North Korean hackers have stolen $2 billion this year

Podcast: risky.biz/RBNEWS488/
Newsletter: news.risky.biz/risky-bullet...

1 5 15

Reposted by Julian-Ferdinand Vögele

Andy Greenberg @agreenberg.bsky.social · 9d

A source shares some screenshots of the Lapsus ransomware gang celebrating the government shutdown as a disruption to the FBI investigations tracking them.

They also refer to Trump as "my king."

2 21 31

Julian-Ferdinand Vögele @julianferdinand.bsky.social · 3d

Recorded Future just published a report diving into the Beijing Institute of Electronics Technology and Application (BIETA), which is almost certainly a front for China’s MSS, developing technologies to support intelligence and military missions. Full report: www.recordedfuture.com/research/bie...

BIETA: A Technology Enablement Front for China's MSS

Discover how China's Ministry of State Security (MSS) almost certainly operates BIETA and its subsidiary CIII as public fronts for cyber-espionage, covert communications, and technology acquisition. C...

www.recordedfuture.com

13 16

Reposted by Julian-Ferdinand Vögele

LGBTQ Nation @lgbtqnation.com · 3d

Gavin Newsom vetoes gender education bill, declines to sign other trans protections - buff.ly/MTUAV85

340 470 1.2K

Reposted by Julian-Ferdinand Vögele

Simon Kenin @k3yp0d.bsky.social · 5d

1/4
PDQ which downloads ScreenConnect, the "one weird" RMM trick combo move threat actors don't want you to find out...

1 1 1

Reposted by Julian-Ferdinand Vögele

Catalin Cimpanu @campuscodi.risky.biz · 5d

A network of at least 50 Twitter accounts engaged in an influence operation designed to incite a revolt against the Iranian regime.

CitizenLab believes an Israeli intelligence agency or one of its contractors is behind the operation.

citizenlab.ca/2025/10/ai-e...

4 22

Reposted by Julian-Ferdinand Vögele

Hexacorn @hexacorn.bsky.social · 6d

Using .LNK files as lolbins

www.hexacorn.com/blog/2025/10...

1 3 7

Reposted by Julian-Ferdinand Vögele

Mark Kelly @mkyo.bsky.social · 6d

Good piece covering a big burst of TA416 activity targeting European governments last week!

StrikeReady Labs @strikereadylabs.com · 7d

Quite a bit of CN APT activity in europe in the past week

strikeready.com/blog/cn-apt-...

As always, if you're interested in tuning your skills, download the samples here github.com/StrikeReady-...

CN APT targets Serbian Government

Mustang Panda continues targeting European governments

strikeready.com

2 3

Reposted by Julian-Ferdinand Vögele

Ollie Whitehouse @ollieatnowhere.bsky.social · 6d

Weekly summary is out..

ctoatncsc.substack.com/p/cto-at-ncs...

CTO at NCSC Summary: week ending October 5th

Welcome to the weekly highlights and analysis of the blueteamsec Lemmy (and my wider reading).

ctoatncsc.substack.com

2 4

Reposted by Julian-Ferdinand Vögele

Signal @signal.org · 7d

We are alarmed by reports that Germany is on the verge of a catastrophic about-face, reversing its longstanding and principled opposition to the EU’s Chat Control proposal which, if passed, could spell the end of the right to privacy in Europe. signal.org/blog/pdfs/ge...

signal.org

42 2.4K 3.9K

Reposted by Julian-Ferdinand Vögele

Ryan Naraine @ryanaraine.bsky.social · 7d

We're streaming live to YouTube in ~20 mins. Come hang out with us www.youtube.com/watch?v=zjdh...

Three Buddy Problem (Episode 66)

YouTube video by Three Buddy Problem

www.youtube.com

5 5

Reposted by Julian-Ferdinand Vögele

Shashank Joshi @shashj.bsky.social · 7d

Our cover this week.

6 32 220