Taking the shine off BreachForums

A Pakistan-nexus threat actor has been observed targeting Indian government entities as part of spear-phishing attacks designed to deliver a Golang-based malware known as DeskRAT. The activity, observed in August and September 2025 by Sekoia, has been attributed to Transparent Tribe (aka APT36), a state-sponsored hacking group known to be active since at least 2013….

Secure by Design.

Dutch Police reports: Nearly 1,700 police officers will receive a letter in the coming period because they used police systems when there was likely no need to do so. These colleagues were looking for information about the violent death of 17-year-old Lisa from Abcoude. The letter is primarily intended to remind police officers of the……

Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year. “The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access,” Nextron Systems researcher Pierre-Henri Pezier said. Pluggable Authentication Modules

Jessica Adiele reports: Nigeria’s telecommunications regulator, the Nigerian Communications Commission (NCC), has directed telecom operators to notify the commission within four hours of detecting any cyberattack. The directive is contained in the Cyber Resilience Framework for Nigeria’s Communications Sector (CRF-NCS) released in February 2026. The rule will take effect in February 2027 and forms part of the regulator’s broader efforts to……

India’s Central Bureau of Investigation (CBI) has revealed that it has arrested four individuals and dismantled two illegal call centers that were found to be engaging in a sophisticated transnational tech support scam targeting Japanese citizens. The law enforcement agency said it conducted coordinated searches at 19 locations across Delhi, Haryana, and Uttar Pradesh on…