The strange tale of ischhfd83: When cybercriminals eat their own
A simple customer query leads to a rabbit hole of backdoored malware and game cheats
Similar Posts
VS Code Forks Recommend Missing Extensions, Creating Supply Chain Risk in Open VSX
Bys sPopular artificial intelligence (AI)-powered Microsoft Visual Studio Code (VS Code) forks such as Cursor, Windsurf, Google Antigravity, and Trae have been found to recommend extensions that are non-existent in the Open VSX registry, potentially opening the door to supply chain risks when bad actors publish malicious packages under those names. The problem, according to Koi,…
Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit
Bys sFortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was patched. The attackers are believed to have leveraged known and now-patched security flaws, including, but not limited to, CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762. “A threat actor…
China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
Bys sThe China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks. That’s according to new findings from the Microsoft Threat Intelligence team, which said the Silk…
Landmark civil penalty of AU$5.8 million issued under Australia’s Privacy Act
Bys sCharmian Aw, Melissa B. Levine, and Ciara O’Leary of Hogan Lovells write: On 9 October 2025 the Federal Court of Australia (the Court) imposed an AU$5.8 million civil penalty on Australian Clinical Labs Limited, one of Australia’s largest private hospital pathology service providers (the Company), for systemic failures that led to the unauthorised access to……
Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users’ Actions
Bys sMalicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users’ actions. That’s according to new findings from Cisco Talos, which said such malicious activities can compromise a victim’s security and privacy. “The features available in CSS allow attackers…
California man pleads guilty to wire fraud for $1 million fraud scheme to steal from his employer
Bys sToday’s reminder of the insider threat: Seattle – A 43-year-old Laguna Niguel, California man pleaded guilty today in U.S. District Court in Seattle to wire fraud for his scheme to steal nearly $1 million from his employer, announced Acting U.S. Attorney Teal Luthy Miller. Paul Joseph Welch was the IT manager of Kent, Washington energy…