Securityish
@securityish.bsky.social
🔒 Cybersecurity news made simple.
✉️ newsletter.securityish.com
🌎 securityish.com
✉️ newsletter.securityish.com
🌎 securityish.com
📚 Ransomware-as-a-Service (RaaS): A business model where cybercriminals offer ransomware tools and services to other attackers.
December 20, 2025 at 11:05 PM
📚 Ransomware-as-a-Service (RaaS): A business model where cybercriminals offer ransomware tools and services to other attackers.
🔒 A Russia-aligned group is targeting Microsoft 365 users with a phishing campaign that exploits device code authentication.
#Cybersecurity #Phishing #DataSecurity
securityish.com/security_bri...
#Cybersecurity #Phishing #DataSecurity
securityish.com/security_bri...
Russia-Linked Hackers Exploit Microsoft 365 Device Code Phishing for Account Takeovers
A Russia-aligned group has launched a phishing campaign targeting Microsoft 365 users by exploiting device code authentication workflows. This ongoing attack, tracked as UNK_AcademicFlare since Septem...
securityish.com
December 20, 2025 at 7:20 PM
🔒 A Russia-aligned group is targeting Microsoft 365 users with a phishing campaign that exploits device code authentication.
#Cybersecurity #Phishing #DataSecurity
securityish.com/security_bri...
#Cybersecurity #Phishing #DataSecurity
securityish.com/security_bri...
The U.S. Department of Justice indicted 54 individuals involved in a multi-million dollar ATM jackpotting scheme using Ploutus malware.
#cybersecurity #DOJ #cybercrime
#cybersecurity #DOJ #cybercrime
December 20, 2025 at 3:15 PM
The U.S. Department of Justice indicted 54 individuals involved in a multi-million dollar ATM jackpotting scheme using Ploutus malware.
#cybersecurity #DOJ #cybercrime
#cybersecurity #DOJ #cybercrime
Texas has emerged as a significant data privacy regulator, achieving landmark settlements of $1.375 billion with Google and $1.4 billion with Meta.
#cybersecurity #privacy #infosec
securityish.com/security_br...
#cybersecurity #privacy #infosec
securityish.com/security_br...
December 20, 2025 at 12:42 PM
Texas has emerged as a significant data privacy regulator, achieving landmark settlements of $1.375 billion with Google and $1.4 billion with Meta.
#cybersecurity #privacy #infosec
securityish.com/security_br...
#cybersecurity #privacy #infosec
securityish.com/security_br...
📚 Agentic AI: AI systems that can operate autonomously and make decisions based on their programming.
December 19, 2025 at 11:14 PM
📚 Agentic AI: AI systems that can operate autonomously and make decisions based on their programming.
December 19, 2025 at 9:02 PM
Nigerian police arrested three individuals linked to the Raccoon0365 phishing platform, which targeted Microsoft 365 accounts.
This operation, aided by intelligence from Microsoft and the FBI, disrupted a service responsible for over 5,000 account compromises.
#cybersecurity #microsoft
This operation, aided by intelligence from Microsoft and the FBI, disrupted a service responsible for over 5,000 account compromises.
#cybersecurity #microsoft
December 19, 2025 at 8:22 PM
Nigerian police arrested three individuals linked to the Raccoon0365 phishing platform, which targeted Microsoft 365 accounts.
This operation, aided by intelligence from Microsoft and the FBI, disrupted a service responsible for over 5,000 account compromises.
#cybersecurity #microsoft
This operation, aided by intelligence from Microsoft and the FBI, disrupted a service responsible for over 5,000 account compromises.
#cybersecurity #microsoft
In a study by Stanford University, an AI agent named ARTEMIS outperformed nine out of ten human penetration testers, achieving an 82% valid submission rate in identifying vulnerabilities on the university’s network.
#cybersecurity #ai #infosec #pentest
securityish.com/security_br...
#cybersecurity #ai #infosec #pentest
securityish.com/security_br...
Stanford's ARTEMIS AI Agent Outperforms Human Pen Testers in Study
In a study by Stanford University, an AI agent named ARTEMIS outperformed nine out of ten human penetration testers, achieving an 82% valid submission rate in identifying vulnerabilities on the university's network. The agent operated for 16 hours an
securityish.com
December 19, 2025 at 6:48 PM
In a study by Stanford University, an AI agent named ARTEMIS outperformed nine out of ten human penetration testers, achieving an 82% valid submission rate in identifying vulnerabilities on the university’s network.
#cybersecurity #ai #infosec #pentest
securityish.com/security_br...
#cybersecurity #ai #infosec #pentest
securityish.com/security_br...
📚 CVSS: Is the Common Vulnerability Scoring System, which rates the severity of vulnerabilities on a scale from 0 to 10.
December 19, 2025 at 3:46 PM
📚 CVSS: Is the Common Vulnerability Scoring System, which rates the severity of vulnerabilities on a scale from 0 to 10.
Doublespeed, an AI advertising startup backed by Andreessen Horowitz, was hacked, revealing the promotion of products by AI-generated social media accounts without proper disclosure.
securityish.com/security_br... #cybersecurity #hack #infosec
securityish.com/security_br... #cybersecurity #hack #infosec
Doublespeed Hacked, Exposing AI Influencer Marketing Practices
Doublespeed, an AI advertising startup backed by Andreessen Horowitz, was hacked, revealing the promotion of products by AI-generated social media accounts without proper disclosure. The hacker gained control of over 1,000 smartphones used in the com
securityish.com
December 19, 2025 at 2:21 PM
Doublespeed, an AI advertising startup backed by Andreessen Horowitz, was hacked, revealing the promotion of products by AI-generated social media accounts without proper disclosure.
securityish.com/security_br... #cybersecurity #hack #infosec
securityish.com/security_br... #cybersecurity #hack #infosec
Amazon has blocked over 1,800 suspected North Korean scammers from applying for remote jobs since April 2024.
These scammers use fake identities and AI tools to secure positions at tech companies, funneling their earnings to the North Korean regime.
#cybersecurity #cyberattack #infosec
These scammers use fake identities and AI tools to secure positions at tech companies, funneling their earnings to the North Korean regime.
#cybersecurity #cyberattack #infosec
December 19, 2025 at 1:33 AM
Amazon has blocked over 1,800 suspected North Korean scammers from applying for remote jobs since April 2024.
These scammers use fake identities and AI tools to secure positions at tech companies, funneling their earnings to the North Korean regime.
#cybersecurity #cyberattack #infosec
These scammers use fake identities and AI tools to secure positions at tech companies, funneling their earnings to the North Korean regime.
#cybersecurity #cyberattack #infosec
📚 Ransomware: A type of malicious software that encrypts a victim’s files, demanding payment for their release.
December 18, 2025 at 11:22 PM
📚 Ransomware: A type of malicious software that encrypts a victim’s files, demanding payment for their release.
U.S. law enforcement has seized the E-Note cryptocurrency exchange, which allegedly laundered over $70 million from ransomware and account takeover attacks.
securityish.com/security_br...
#cybersecurity #crypto
securityish.com/security_br...
#cybersecurity #crypto
US Authorities Seize E-Note Crypto Exchange for Laundering Over $70 Million
U.S. law enforcement has seized the E-Note cryptocurrency exchange, which allegedly laundered over $70 million from ransomware and account takeover attacks. The FBI identified these illicit proceeds being funneled through a network of money mules sin
securityish.com
December 18, 2025 at 10:26 PM
U.S. law enforcement has seized the E-Note cryptocurrency exchange, which allegedly laundered over $70 million from ransomware and account takeover attacks.
securityish.com/security_br...
#cybersecurity #crypto
securityish.com/security_br...
#cybersecurity #crypto
🚨 Watch out for SantaStealer, the new MaaS malware on Telegram! Starting at $175/month, it targets sensitive data from browsers and crypto wallets. Protect your info! #Cybersecurity #Malware #Crypto securityish.com/security_br...
SantaStealer Malware Targets Browsers and Crypto Wallets
A new malware called SantaStealer is being promoted on Telegram and hacker forums as a malware-as-a-service (MaaS) that operates in memory to evade detection. Developed by a Russian-speaking individual, it offers subscription plans starting at $175 p
securityish.com
December 18, 2025 at 8:30 PM
🚨 Watch out for SantaStealer, the new MaaS malware on Telegram! Starting at $175/month, it targets sensitive data from browsers and crypto wallets. Protect your info! #Cybersecurity #Malware #Crypto securityish.com/security_br...
📚 Conditional Access: A security feature that enforces policies based on user identity, device state, and location.
December 18, 2025 at 7:15 PM
📚 Conditional Access: A security feature that enforces policies based on user identity, device state, and location.
📝 Microsoft has reported that attackers have compromised hundreds of machines through the React2Shell vulnerability CVE-2025-55182, a critical flaw in React Server Components.
So far, more than 50 organizations have been confirmed as victims, with many systems remaining unpatched. #cybersecurity
So far, more than 50 organizations have been confirmed as victims, with many systems remaining unpatched. #cybersecurity
December 18, 2025 at 12:57 PM
📝 Microsoft has reported that attackers have compromised hundreds of machines through the React2Shell vulnerability CVE-2025-55182, a critical flaw in React Server Components.
So far, more than 50 organizations have been confirmed as victims, with many systems remaining unpatched. #cybersecurity
So far, more than 50 organizations have been confirmed as victims, with many systems remaining unpatched. #cybersecurity
🔒 More news in cybersecurity. securityish.com/security_br...
Amazon AWS Faces Ongoing Cryptomining Campaign Using Hacked Accounts
Amazon's AWS GuardDuty team has reported an ongoing cryptomining campaign targeting its EC2 and ECS services using compromised IAM credentials. The operation began on November 2nd, employing a Docker Hub image with over 100,000 pulls to facilitate mi
securityish.com
December 18, 2025 at 12:45 AM
🔒 More news in cybersecurity. securityish.com/security_br...
Cisco Email Security Appliances Compromised by Chinese Threat Group Using CVE-2025-20393
securityish.com/security_br... #cybersecurity
securityish.com/security_br... #cybersecurity
December 17, 2025 at 10:29 PM
Cisco Email Security Appliances Compromised by Chinese Threat Group Using CVE-2025-20393
securityish.com/security_br... #cybersecurity
securityish.com/security_br... #cybersecurity
📚 CAPTCHA: a security feature designed to differentiate between human users and automated bots, often used to prevent spam.
December 17, 2025 at 7:16 PM
📚 CAPTCHA: a security feature designed to differentiate between human users and automated bots, often used to prevent spam.
Microsoft is phasing out the RC4 encryption cipher, which has been vulnerable for over a decade, by mid-2026.
This change follows criticism from US Senator Ron Wyden regarding cybersecurity negligence after the cipher’s exploitation in the 2022 breach of Ascension.
#cybersecurity
This change follows criticism from US Senator Ron Wyden regarding cybersecurity negligence after the cipher’s exploitation in the 2022 breach of Ascension.
#cybersecurity
December 17, 2025 at 12:34 PM
Microsoft is phasing out the RC4 encryption cipher, which has been vulnerable for over a decade, by mid-2026.
This change follows criticism from US Senator Ron Wyden regarding cybersecurity negligence after the cipher’s exploitation in the 2022 breach of Ascension.
#cybersecurity
This change follows criticism from US Senator Ron Wyden regarding cybersecurity negligence after the cipher’s exploitation in the 2022 breach of Ascension.
#cybersecurity
Browser extensions such as Urban VPN Proxy and 1ClickVPN Proxy have been discovered harvesting chatbot conversation data from over 8 million users.
Research by Koi Security found that these extensions capture data from interactions with ChatGPT and Microsoft Copilot. #cybersecurity #privacy
Research by Koi Security found that these extensions capture data from interactions with ChatGPT and Microsoft Copilot. #cybersecurity #privacy
December 17, 2025 at 1:36 AM
Browser extensions such as Urban VPN Proxy and 1ClickVPN Proxy have been discovered harvesting chatbot conversation data from over 8 million users.
Research by Koi Security found that these extensions capture data from interactions with ChatGPT and Microsoft Copilot. #cybersecurity #privacy
Research by Koi Security found that these extensions capture data from interactions with ChatGPT and Microsoft Copilot. #cybersecurity #privacy
📚 Zero Trust: A security approach that assumes no user, device, or system should be automatically trusted, requiring continuous verification before access is granted. #cybersecurity
December 17, 2025 at 12:26 AM
📚 Zero Trust: A security approach that assumes no user, device, or system should be automatically trusted, requiring continuous verification before access is granted. #cybersecurity
🚨 Amazon’s Threat Intelligence team is on the frontlines! Since 2021, they’ve disrupted Russian GRU hackers targeting cloud infrastructure in the energy sector.
Read the full story:
securityish.com/security_br... #CyberThreats #CloudSecurity
Read the full story:
securityish.com/security_br... #CyberThreats #CloudSecurity
Amazon Disrupts Russian GRU Hackers Targeting Cloud Infrastructure
Amazon's Threat Intelligence team has disrupted operations by Russian GRU hackers targeting cloud infrastructure, particularly in the energy sector, since 2021. The attackers shifted from exploiting vulnerabilities to leveraging misconfigured edge de
securityish.com
December 16, 2025 at 10:35 PM
🚨 Amazon’s Threat Intelligence team is on the frontlines! Since 2021, they’ve disrupted Russian GRU hackers targeting cloud infrastructure in the energy sector.
Read the full story:
securityish.com/security_br... #CyberThreats #CloudSecurity
Read the full story:
securityish.com/security_br... #CyberThreats #CloudSecurity
🚨 Infoblox study: 90% of parked domains redirect to scams/malware! That's a major rise from <5% in 2014! Be cautious, especially from residential IPs! #CyberSafety #Infoblox
December 16, 2025 at 4:19 PM
🚨 Infoblox study: 90% of parked domains redirect to scams/malware! That's a major rise from <5% in 2014! Be cautious, especially from residential IPs! #CyberSafety #Infoblox
🧠 Social Engineering: A manipulation tactic where scammers exploit trust, fear, or curiosity to trick people into sharing confidential information or taking unsafe actions.
December 16, 2025 at 2:30 PM
🧠 Social Engineering: A manipulation tactic where scammers exploit trust, fear, or curiosity to trick people into sharing confidential information or taking unsafe actions.