Taking the shine off BreachForums
ShinyHunters threat group members were arrested in a coordinated law enforcement action for their association with BreachForums
Similar Posts
Aflac notifies SEC of breach suspected to be work of Scattered Spider
Bys sOn June 20, Aflac notified the SEC of unauthorized access to its network: On June 12, 2025, Aflac Incorporated, a Georgia corporation (the “Company”), identified unauthorized access to its network. The Company promptly initiated its cybersecurity incident response protocols and believes that it contained the intrusion within hours. The Company’s business remains operational, and its…
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
Bys sThreat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7. The vulnerability, tracked as CVE-2025-1094 (CVSS score: 8.1), affects the PostgreSQL interactive tool psql….
Beyond IAM Silos: Why the Identity Security Fabric is Essential for Securing AI and Non-Human Identities
Bys sIdentity security fabric (ISF) is a unified architectural framework that brings together disparate identity capabilities. Through ISF, identity governance and administration (IGA), access management (AM), privileged access management (PAM), and identity threat detection and response (ITDR) are all integrated into a single, cohesive control plane. Building on Gartner’s definition of “identity
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
Bys sUnpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team. “The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,” security researchers Ofek Vardi and Matan Mittelman said in a…
Des Moines Man Charged with Computer Fraud
Bys sA lot of insider threat reports this week, it seems. This one is from the U.S. Attorney’s Office, Southern District of Iowa: DES MOINES, Iowa – On October 15, 2025, a federal grand jury in Des Moines charged a Des Moines man with computer fraud. The Indictment alleges that Ezekiel Dean Potter, 34, after being……
SideWinder Adopts New ClickOnce-Based Attack Chain Targeting South Asian Diplomats
Bys sA European embassy located in the Indian capital of New Delhi, as well as multiple organizations in Sri Lanka, Pakistan, and Bangladesh, have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder in September 2025. The activity “reveals a notable evolution in SideWinder’s TTPs, particularly the adoption of…