#chrome extension Netflix Rewind X Seconds seems malicious. Its #cybersecurity badness score is 94/100!```json{"id": "jmklaacdggogjblaiofpikjjhblhicop", "score": 94, "platform": "chrome", "name": "Netflix Rewind X Seconds"}```

#chrome extension Twitterx Minimal Theme seems malicious. Its #cybersecurity badness score is 98/100!```json{"id": "opcjjggkhndcdpedheeilommknkephik", "score": 98, "platform": "chrome", "name": "Twitterx Minimal Theme"}```

Busy building VULNEX portfolio (and more cool stuff in the pipeline) checkout www.vulnex.aihttps://github.com/vulnex/usecvislibhttps://github.com/vulnex/bytesrevealerhttps://promptpit.aiby @vulnexsl #AI #cybersecurity #AgenticAI

(cofense.com) Sophisticated Phishing Campaign Abusing Meta’s Verification System and 2FA Tokens to Compromise AccountsNew phishing campaign targets Meta users by abusing verification system and real-time 2FA token theft to enable account takeovers.In brief - Threat actors impersonate Meta Verified via fraudulent emails, luring users to Google Forms that harvest credentials and 2FA tokens. The attack exploits vercel.app for phishing pages, enabling immediate account compromise. Urgent need for detection and user awareness.Technically - Campaign initiates via Gmail-sourced emails with urgent verification themes, redirecting to Google Forms. Victims are then sent to vercel.app-hosted phishing pages mimicking Meta’s branding. Real-time 2FA token capture and multi-stage credential harvesting indicate a live, sophisticated operation. IOCs include specific Google Form URLs and vercel.app landing pages.Source: https://cofense.com/blog/the-meta-2fa-trap-from-verified-badge-to-account-takeover#Cybersecurity #ThreatIntel

Litecoin Network Executes 13-Block Reorganization to Patch MWEB Zero-Day ExploitLitecoin developers executed a 13-block chain reorganization to reverse invalid transactions caused by a zero-day vulnerability in the MWEB privacy layer. The exploit allowed attackers to bypass validation on outdated nodes, leading to a three-hour network rollback and $600,000 in initial exposure.****#cybersecurity #infosec #incident #denialofservicehttps://beyondmachines.net/event_details/litecoin-network-executes-13-block-reorganization-to-patch-mweb-zero-day-exploit-t-7-v-6-o/gD2P6Ple2L

ShinyHunters Extortion Group Claims Breach of 1.4 Million Udemy RecordsThe ShinyHunters extortion group claims to have stolen 1.4 million records from Udemy, including PII and corporate data, using identity-based attack vectors. The group has threatened to leak the data if a ransom is not paid by April 27, 2026.****#cybersecurity #infosec #incident #databreachhttps://beyondmachines.net/event_details/shinyhunters-extortion-group-claims-breach-of-1-4-million-udemy-records-y-a-7-t-h/gD2P6Ple2L

24 hours of MIRE/C³; the latest stats (Runmode: Neutral 404, delay-only) 12,660 requests from 3,138 unique IPs Attacker bandwidth cost: 245.1MB Attacker total delay: 25h 35m server time Slowest response: 13.1s #MIREC3 #CyberSecurity #FightingBack

ShinyHunters Claims Udemy Breach, Threatens Leak of 1.4 Million User Recordshttps://www.neuracybintel.com/articles/shinyhunters-claims-udemy-breach-threatens-leak-of-14-million-user-recordsRead on HackerWorkspace: https://hackerworkspace.com/article/neuracyb-cybersecurity-intelligence-investigation-5#cybersecurity #incidentresponse #threatintelligence

New security advisory:CVE-2026-41248 affects multiple systems.• Impact: Remote code execution or complete system compromise possible• Risk: Attackers can gain full control of affected systems• Mitigation: Patch immediately or isolate affected systemsFull breakdown:https://www.yazoul.net/advisory/cve/cve-2026-41248-clerk-middleware-bypass-grants-unauth-access#Cybersecurity #VulnerabilityManagement #CyberSec

The FCC forgot hotspots were a thing. They announced a ban on foreign-made consumer routers a month ago and had to update their FAQ to add MiFi devices and cellular home routers after the fact. That's not a minor oversight... it's the whole work-from-anywhere use case.Here's the part that should bother you. The only way to get an exemption is to commit to US-based manufacturing and submit a time-bound plan to get there. Netgear, eero, and Adtran got conditional approval, but it runs out October 1, 2027. There is no domestic consumer router industry to speak of right now. So the FCC has created a countdown clock against a factory floor that doesn't exist yet.A few things worth sitting with:- The Global Electronics Association pointed out that security vulnerabilities show up across products regardless of where they're made. Geography isn't the filter; code quality is.- The Covered List used to apply to specific companies flagged for specific reasons. Extending it to an entire product category means the government can now ban any internet-connected device made abroad by citing national security. Smartphones aren't included yet. "Yet" is doing a lot of work in that sentence.- The Register's headline from last month said it plainly: the country that put backdoors in Cisco routers to spy on the world is now banning foreign routers. I didn't write that. They did. But they're not wrong.If you're in security or IT leadership, watch the October 2027 date. That's when the conditional approvals expire, and if the manufacturing commitments aren't met, the options get ugly fast.https://www.theregister.com/2026/04/24/fcc_does_a_doubletake_adds/#Cybersecurity #FCC #NetworkSecurity #security #privacy #cloud #infosec

BGP, the protocol that decides where internet traffic flows, still operates largely on trust. That creates opportunities for route leaks, hijacks, and outages that don’t require touching the target environment at all. https://technicalciso.com/bgp-blind-spots-part-1/ #CyberSecurity #NetworkSecurity #BGP #InternetInfrastructure #SecurityEngineering #CyberRisk

TurkuSec April Meetup is on! Our first speaker is Shashika Harshani with the "When Trusted Code Turns Against You" talk.Talks are streamed at twitch.tv/turkusec #TurkuSec #Meetup #Turku #infosec #cybersecurity #Finland #supplychain #attacks

Hackathon.lu 2026, held in Luxembourg on 14–15 April 2026, once again showed what makes this event special: it is not just a place to present ideas, but a place where ideas turn into code, releases, integrations, datasets, pull requests, and concrete roadmaps.Looking across the all project updates, the overall picture is clear. This year’s edition produced more than thirty concrete project outcome threads, spanning threat intelligence, malware analysis, detection engineering, vulnerability intelligence, graph exploration, forensics, and infrastructure. Some teams shipped releases on the spot.Others used the two days to validate designs, harden code, identify weaknesses, or connect previously separate tools into more useful workflows.The result is a hackathon that delivered not only new features, but also better interoperability across the open-source cybersecurity ecosystem.#hackathon #luxembourg #opensource #cti #cybersecurity #threatintelligence For all the details https://hackathon.lu/2026/04/24/hackathon.lu-2026-outcome/

"Immigration and Customs Enforcement is using spyware tools that can intercept encrypted messages as part of the agency's efforts to disrupt fentanyl traffickers, according to a letter sent last week by the agency's acting director, Todd Lyons.Lyons' letter, which was reviewed by NPR, said ICE's Homeland Security Investigations (HSI) is using various tools as part of its mission to disrupt and dismantle foreign terrorist organizations, "particularly those involved in the trafficking of fentanyl."Lyons wrote that "in response to the unprecedented lethality of fentanyl and the exploitation of digital platforms by transnational criminal organizations," he approved HSI's "use of cutting-edge technological tools that address the specific challenges posed by the Foreign Terrorist Organizations' thriving exploitation of encrypted communication platforms."His letter, dated April 1, was a belated response to an October inquiry from three Democratic members of the House Committee on Oversight and Government Reform expressing concern about the agency's potential use of the spyware Graphite, which was created by an Israeli company, Paragon Solutions."https://www.npr.org/2026/04/07/nx-s1-5776799/ice-spyware-privacy#USA #ICE #Surveillance #CyberSecurity #Spyware

#Tails 7.7 Releasedhttps://tails.net/news/version_7.7/#privacy #anonymity #cybersecurity #Tor #FOSS

Russia-friendly exchange says "western special service" behind $15 million cyberattack https://arstechnica.com/security/2026/04/russia-friendly-exchange-says-western-special-service-behind-15-million-cyberattack/ #cybersecurity #infosec

Cosmetics brand Rituals disclosed a data breach affecting "My Rituals" members. Attackers gained access to personal information, including names and addresses. #Rituals #DataBreach #CyberSecurityhttps://verisizintisi.com/en/blog/2026-04-24-rituals-data-breach-exposes-member-personal-details

(infoblox.com) Fake CAPTCHA Pages Weaponized for International Revenue Share Fraud via SMS Scam CampaignNew IRSF campaign weaponizes fake CAPTCHA pages to trigger international SMS fraud, costing victims ~$30 per session. Active since 2020, it exploits TDS and carrier billing gaps across 17 countries.In brief - Threat actors use typosquatting and fake CAPTCHA pages to force mobile users into sending premium SMS messages to 15+ international numbers, generating fraudulent termination fees. The operation targets victims via multi-hop TDS, defrauding both individuals and telecom carriers.Technically - The attack chain involves a TDS (colnsdital[.]com → hotnow[.]sweeffg[.]online → zawsterris[.]com) redirecting to fake CAPTCHA pages on AS15699. JavaScript calls makeTrackerDownload.php to fetch phone number lists and control parameters (forceRedirectURL, forceMessage). Back button hijacking via pushState() traps users, while cookie tracking filters targets. A secondary tier of 20 Egyptian numbers is passed via base64 to megaplaylive[.]com, embedding additional SMS triggers in media playback.Source: https://www.infoblox.com/blog/threat-intelligence/hold-the-phone-international-revenue-share-fraud-driven-by-fake-captchas/#Cybersecurity #ThreatIntel

Lernen Sie sicherheitsrelevante Funktionen und Konfigurationsmöglichkeiten der Microsoft-Azure-Cloud kennen und machen Sie sich mit Maßnahmen für die Administration und den sicheren Betrieb von Azure-Umgebungen vertraut. Für die vielen Hands-on-Übungen stellen wir Ihnen eine Übungsumgebung in Azure zur Verfügung, um die vermittelten Inhalte während der Schulung praktisch umzusetzen. Themen im Detail:- Datensicherheit & Identitätsschutz - Notfallkonzepte & Verfügbarkeitsangriffe - Sicherer Aufbau & Berechtigungsmanagement - Logging & Integration in Unternehmensstrukturen Jetzt anmelden & Cloud-Security meistern:https://cirosec.de/trainings/sicherheit-in-azure-cloud-umgebungen/ #Azure #CyberSecurity #CloudSecurity

Sniffnet: comfortably monitor your Internet traffic https://sniffnet.net/ #bot #cybersecurity #infosec