ASN: AS45820Location: Srīperumbūdūr, INAdded: 2026-04-15T17:50#shodansafari #infosec

Cisco fixes Webex and ISE flaws up to CVSS 9.9, patch identity infra fast. 🟡 ZionSiphon highlights OT sabotage risk for water operators. 🟢 NIST will leave more CVEs unenriched, so review vuln triage workflows. #CyberSecurity #InfoSec #VulnMgmt #ThreatIntel solomonneas.dev/intel

ASN: AS4134Location: Jiaxing, CNAdded: 2026-04-15T01:47#shodansafari #infosec

@FlohEinstein I know a TCP packet structure when I see one!

Daily drop: insights on ransomware, data breaches, and more. Don’t miss today’s playlist. https://www.youtube.com/playlist?list=PLXqx05yil_mcEEQqt9472wsTPHswFwbzd#Ransomware #DataSecurity #InfoSec #OnlineSafety #DarkWeb

ASN: AS7922Location: Wakefield, USAdded: 2026-04-14T19:05#shodansafari #infosec

New. There's more, but this is getting too long.Zscaler: Payouts King Takes Aim at the Ransomware Throne https://www.zscaler.com/blogs/security-research/payouts-king-takes-aim-ransomware-throne Picus: CVE-2026-21643: Critical SQL Injection in Fortinet FortiClient EMS Exploited in the Wild https://www.picussecurity.com/resource/blog/cve-2026-21643-critical-sql-injection-in-fortinet-forticlient-ems-exploited-in-the-wildMicrosoft: Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise https://www.microsoft.com/en-us/security/blog/2026/04/16/dissecting-sapphire-sleets-macos-intrusion-from-lure-to-compromise/Sohos: QEMU abused to evade detection and enable ransomware delivery https://www.sophos.com/en-us/blog/qemu-abused-to-evade-detection-and-enable-ransomware-delivery @SophosXOps Sekoia: From APT28 to RePythonNET: automating .NET malware analysis https://blog.sekoia.io/apt28-to-repythonnet-automating-net-malware-analysis/ @sekoia_io Proopoint: Beyond the breach: inside a cargo theft actor’s post-compromise playbook https://www.proofpoint.com/us/blog/threat-insight/beyond-breach-inside-cargo-theft-actors-post-compromise-playbook Group-IB: W3LL Unmasked https://www.group-ib.com/blog/w3ll-phishing-ecosystem-takedown/ Posted yesterday:Halcyon: 44% and Rising: What the Automotive Industry's Ransomware Problem Tells Us About Where Attacks Are Heading https://www.halcyon.ai/blog/44-percent-and-rising-automotive-ransomware #infosec #threatresearch #ransomware #threatintel #threatintelligence #Python #Fortinet #SQL #Apple #macOS #Microsoft #cybercrime

New by me: Secure Browsers Push Zero Trust Past the Login ScreenI wrote about why secure browsers matter beyond just getting a user signed in. If modern work happens in the browser, then trust decisions, session controls, and data protections need to keep happening there too.https://www.kylereddoch.me/blog/secure-browsers-push-zero-trust-past-the-login-screen/#Cybersecurity #Infosec #ZeroTrust #BrowserSecurity

Former Black Basta affiliates are back - and scaling fast.• Email bombing + Teams impersonation• Exec-focused targeting• Rapid remote access• Multi-path monetization (extortion, data theft, ransomware)This is playbook reuse with improved speed + automation.Are leadership users part of your threat model?Source: https://cyberscoop.com/black-basta-affiliates-senior-executives-reliaquest/Follow @technadu for more threat intel insights.#InfoSec #ThreatIntel #Ransomware #CyberSecurity

New.Any.Run: BlobPhish: The Phantom Phishing Campaign Hiding in Browser Memory https://any.run/cybersecurity-blog/evasive-blob-phishing-detection/ @anyrun_app #infosec #malware #phishing

APT28 campaign exposed • 280+ inboxes compromised• Ukraine + NATO targets• 2-year espionage opDetails https://www.technadu.com/russian-hacking-campaign-targeting-ukraine-and-nato-attributed-to-apt28/625937/#Infosec #APT28 #Cybersecurity

Mexican cartels built private cellular #networks to avoid detection and surveillance. These secure, #off-grid systems use hacked infrastructure and #encryption, making it nearly impossible for authorities to track their communications.https://youtu.be/x_21pcEH67w#cybersecurity #infosec

🧠 AsyncRAT Daily Report️ Trend: rising (125%) 17 new samples 100 C2 serversFull analysis, IOCs, and hashes:https://www.yazoul.net/malware/async-rat/reports/2026-04-15#ThreatHunting #MalwareResearch #InfoSec

THREAT INTEL | Gastroenterology & Hepatology of CNY Actor "exitium" claims UndisclosedAllegedly exposed (+4 more)• Email addresses• Phone numbers• Physical addresses️ Unverified claimhttps://www.yazoul.net/intel/claim/2026-04-15-gastroenterology-hepatology-of-cny-hit-by-exitium-apr-2026#DarkWeb #DataBreach #ThreatIntel #CyberSecurity #InfoSec

THREAT INTEL | Gastroenterology & Hepatology of CNY Actor "exitium" claims UndisclosedAllegedly exposed (+4 more)• Email addresses• Phone numbers• Physical addresses️ Unverified claimhttps://www.yazoul.net/intel/claim/2026-04-15-gastroenterology-hepatology-of-cny-hit-by-exitium-apr-2026#DarkWeb #DataBreach #ThreatIntel #CyberSecurity #InfoSec

Dell has three high-severity advisories today:- CVE-2026-23772: Security Update for Dell Storage Manager - Replay Manager for Microsoft Servers Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000453020/dsa-2026-058-security-update-for-dell-storage-manager-replay-manager-for-microsoft-servers-vulnerabilities - Several CVEs: Security Update for Dell Connectrix B-Series SANnav Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000453015/dsa-2026-171-security-update-for-dell-connectrix-b-series-sannav-vulnerabilities- Several CVEs: Security Update for Dell Secure Connect Gateway Policy Manager Multiple Third-Party Component Vulnerabilities https://www.dell.com/support/kbdoc/en-us/000441138/dsa-2026-120-security-update-for-dell-secure-connect-gateway-policy-manager-multiple-third-party-component-vulnerabilities #Dell #infosec #vulnerability

We can't make this event happen without companies like yours. Don’t forget we’re now a 501c3, which may make it easier for your company to agree to sponsor us Please check out our sponsorship package at https://www.bsidessatx.com/sponsors-2026.html for more information, and help share the opportunities!#sponsorship #infosec #sponsors #bsides #bsidessatxhttps://www.bsidessatx.com/sponsors-2026.html

Security News Digest - 2026-04-15 20 updates from 6 sources: SecurityWeek: Capsule Security Emerges From Stealth With $7 Million in Funding https://www.securityweek.com/capsule-security-emerges-from-stealth-with-7-million-in-funding/ BleepingComputer: Rolling Networks: Securing the Transportation Sector https://www.bleepingcomputer.com/news/security/rolling-networks-securing-the-transportation-sector/ Security Boulevard: The Future Of GitHub Actions Security And What You Can Do Right Now https://securityboulevard.com/2026/04/the-future-of-github-actions-security-and-what-you-can-do-right-now/ Security News | TechCrunch: Sweden blames Russian hackers for attempting ‘destructive’ cyberattack on thermal plant https://techcrunch.com/2026/04/15/sweden-blames-russian-hackers-for-attempting-destructive-cyberattack-on-thermal-plant/ The Record from Recorded Future News: Educational company McGraw Hill says Salesforce misconfiguration led to data leak https://therecord.media/mcgraw-hill-data-leak-tied-to-salesforce-misconfiguration Security Boulevard: Grip and Cyera Integration: Secure Sensitive Data Across AI https://securityboulevard.com/2026/04/grip-and-cyera-integration-secure-sensitive-data-across-ai/ darkreading: Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests https://www.darkreading.com/cyber-risk/audit-big-tech-ignores-data-collection-requests Security Boulevard: Claude Mythos and the AI Vulnerability Arms Race – What CISOs Must Know Now https://securityboulevard.com/2026/04/claude-mythos-and-the-ai-vulnerability-arms-race-what-cisos-must-know-now/ SecurityWeek: Exploited Vulnerability Exposes Nginx Servers to Hacking https://www.securityweek.com/exploited-vulnerability-exposes-nginx-servers-to-hacking/ BleepingComputer: CISA flags Windows Task Host vulnerability as exploited in attacks https://www.bleepingcomputer.com/news/security/cisa-flags-windows-task-host-vulnerability-as-exploited-in-attacks/ Security Boulevard: [un]prompted 2026 – Detecting GenAI Threats at Scale With YARA-Like Semantic Rules https://securityboulevard.com/2026/04/unprompted-2026-detecting-genai-threats-at-scale-with-yara-like-semantic-rules/ darkreading: Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now https://www.darkreading.com/cyber-risk/preparing-q-day-quantum-risk-management Security Boulevard: GitHub Actions Supply Chain Attack: Trivy Breach & Workflow https://securityboulevard.com/2026/04/github-actions-supply-chain-attack-trivy-breach-workflow/ Security Boulevard: Cloud PAM for AI Agents: Why Traditional PAM Can’t Protect Agentic Workloads https://securityboulevard.com/2026/04/cloud-pam-for-ai-agents-why-traditional-pam-cant-protect-agentic-workloads/ Security Boulevard: Securing Today’s Cloud-Native Workloads https://securityboulevard.com/2026/04/securing-todays-cloud-native-workloads/ Security Boulevard: The Anthropic Mythos, Project Glasswing, and the Illusion of Patch-Based Security https://securityboulevard.com/2026/04/the-anthropic-mythos-project-glasswing-and-the-illusion-of-patch-based-security/ The Record from Recorded Future News: UK warns businesses to address cyber risks amid Anthropic AI panic https://therecord.media/anthropic-mythos-uk-cyber-risk BleepingComputer: Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest https://www.bleepingcomputer.com/news/microsoft/microsoft-pays-23-million-for-cloud-and-ai-flaws-at-zero-day-quest/ SecurityWeek: Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure https://www.securityweek.com/sweden-blames-pro-russian-group-for-cyberattack-last-year-on-its-energy-infrastructure/ The Record from Recorded Future News: Big tech fails to opt-out users requesting not to be tracked much of the time, new research says https://therecord.media/big-tech-fails-to-opt-out-users-requesting-not-to-be-tracked#InfoSec #SecurityNews

RE: https://infosec.exchange/@threatresearch/116387050505018174Current update on SB26-090 (Colorado's misguided "wrong to repair" bill):After spending a bunch of the senate session on Tuesday in debate over a bunch of amendments, the bill is tentatively on the calendar for tomorrow, again, to have its third reading in the senate.Please keep up the pressure - Coloradans and the rest of the country rely on being able to fix broken things in order to protect them from cyberattack. The repair is not the problem here. https://leg.colorado.gov/bills/sb26-090#COpolitics #Colorado #RightToRepair #infosec #malware #cyberattack #TechPolicy

New ransom group blog post!Group name: akiraPost title: Truckload Carriers AssociationInfo: https://cti.fyi/groups/akira.html#ransomware #cti #threatintelligence #cybersecurity #infosec