Lightnews — Scholar-powered news

Reposted by John

Greg Otto @gregotto.bsky.social · 18d

🚨🚨🚨 Google released a report on "Brickstorm" this morning — a next-level, suspected China-linked campaign targeting U.S. firms. Ultra-stealthy, 400+ day dwell times, focus on stealing IP, finding zero-days, and focused on long-term cyberespionage. cyberscoop.com/chinese-cybe...

Brickstorm malware powering ‘next-level’ Chinese cyberespionage campaign

Mandiant and Google have identified “Brickstorm,” a sophisticated, suspected China-linked hacking campaign targeting U.S. tech firms, legal organizations, and BPOs. The operation often goes undetected...

cyberscoop.com

9 48 69

Reposted by John

The Banshee Queen 👑 @cyberoverdrive.bsky.social · May 20

Not me losing my mind tracking ORBs lalalala I can't hear you over the sound of how many darned ORB networks there are 🫠

a close up of a woman 's face with a purple shirt on .

ALT: a close up of a woman 's face with a purple shirt on .

media.tenor.com

2 4 16

John @bigbadw0lf.bsky.social · May 20

Patched IOT devices?

What a quaint idea.

1

John @bigbadw0lf.bsky.social · May 20

Could I offer you another type of compromised network appliance in this trying time?

1 1

Reposted by John

Wesley Shields @wxs.bsky.social · May 7

I wrote some details on LOSTKEYS: malware which we directly attribute to COLDRIVER. They don't deploy it often, but we have seen it a few times and want to make people aware of it.

cloud.google.com/blog/topics/...

COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs | Google Cloud Blog

Russian government-backed group COLDRIVER is using LOSTKEYS malware to steal files and system information from NGOs and western targets.

cloud.google.com

1 14 18

John @bigbadw0lf.bsky.social · Apr 3

Hot off the press is a new blog detailing our observations from in the wild exploitation of CVE-2025-22457 by UNC5221 including two newly observed malware families tracked as BRUSHFIRE and TRAILBLAZE.

cloud.google.com/blog/topics/...

Suspected China-Nexus Threat Actor Actively Exploiting Critical Ivanti Connect Secure Vulnerability (CVE-2025-22457) | Google Cloud Blog

cloud.google.com

7 15

John @bigbadw0lf.bsky.social · Mar 12

🔥 new blog covering recent UNC3886 ops. Massive S/O to all the authors for dropping such a great blog.

1 9

Reposted by John

Lasq @lasq.pl · Mar 12

Super happy this blog is finally released. Dive into the intricacies of backdoors targeting Juniper devices, veriexec bypass zero-day and other interesting TTPs, all with UNC3886, a China-nexus cyber espionage group as your guide!

cloud.google.com/blog/topics/...

Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers | Google Cloud Blog

We discovered China-nexus threat actors deployed custom backdoors on Juniper Networks’ Junos OS routers.

cloud.google.com

4 7

John @bigbadw0lf.bsky.social · Mar 8

I did get my second pair of Superblast 2s so not a total loss

John @bigbadw0lf.bsky.social · Mar 8

The universe doesn’t want me to get a pair of the Vaporfly 4s

1 1

John @bigbadw0lf.bsky.social · Mar 7

Another absolute banger of a playlist open.spotify.com/playlist/3MG...

Divorced Dad Rock 👴

Playlist · Colin Frost · 171 items · 277.3K saves

open.spotify.com

1

John @bigbadw0lf.bsky.social · Mar 7

Friday playlist brought to you by all of @stonepwn3000.bsky.social’s favorite bands open.spotify.com/playlist/4B0...

You Think You Hate This But You Don't

Playlist · turkehbacon · 34 items · 2 saves

open.spotify.com

1 3

Reposted by John

Kori Schake @kschake.bsky.social · Feb 28

What I feel is ashamed.

Aaron Rupar @atrupar.com · Feb 28

Trump to Zelenskyy: "Don't tell us what we're gonna feel. You're in no position to dictate that. You're in no position to dictate what we're gonna feel. We're gonna feel very good and very strong. You're right now not in a very good position. You're gambling with World War 3."