The information stealer appears to be a variant of the BoryptGrab family.
A large amount of them have already been moved, but it's a good reminder to be careful when interacting with unofficial GitHub pages. 🐈
😬😬It's not the first we've heard of GitHub repos being used hide malware. This is a huge find though:
Around 300 fake GitHub repositories were found to be impersonating legit software and security projects to distribute infostealer malware. 🐈
#CyberNews
If you have a public Instagram account, you might've just been enrolled into something you didn't agree to.
Anyone can create images of your likeness by tagging your public handle in a prompt ...
#DataSecurity#AI#AINo
❗️ Meta just silently opted in every adult Instagram user for their new Muse AI Image generator, which lets anyone create AI images of your likeness by tagging your public handle in a prompt, no notification when your photos are used, and no removal of images generated before you opt out.
To opt out on Instagram: Profile > Menu > Sharing and reuse, then switch off the reuse toggles under "Allow people to reuse your content on Instagram and with AI features at Meta."
✨✨With all the talk about #GitHub in the last few hours...I was reminded of one of my fave repos of all time.. the nocode repo .. as the Readme says: 'the best way to write secure and reliable applications. Write nothing; deploy nowhere' 🐈
#Cybersecurity
���️ Apple ‘Hide My Email’ Vulnerability Exposes Users' Real Email Addresses
Source: https://t.co/ggi9CZJYmO
Apple’s ��Hide My Email” feature is currently affected by an unpatched vulnerability that allows attackers to discover the real email address behind an anonymized alias. Apple’s Hide My Email, part of iCloud+, generates unique relay addresses intended to keep a user’s primary inbox private during sign‑ups and app registrations.
A flaw in this mechanism enables almost anyone with limited technical skill to uncover the underlying real email address that should remain hidden.
#cybersecuritynews
👀👀Today in ... things that don't make me feel better
"The AI chat bot says it fine guys.. nobody worry"
it's always concerning to see such big companies caught up in breaches. 🐈
#CyberNews#CyberNo
☕️☕️So much happening in this weeks episode of 'dark web forums: The drama chronicles':
🔸New DarkForums
🔸New Raid Forum
and BreachForums having a complete melt down... can't wait to see what next weeks installment brings 🐈
#Cyberdrama#CyberNews
🔥 A fake AI Agent skill reportedly reached 26,000 agents after passing security scans.
The payload was loaded later from an external link that scanners did not check, and that link could be changed after review.
Read how the blind spot worked 🠖 https://t.co/pBek4Pn0Za
🚨 Is LockBit making a comeback?
LockBit has just published a major victim wave, adding 15+ new victims across multiple industries and countries, including Venezuela, Japan, Canada, Taiwan, the Philippines, Mexico, South Africa, India, Thailand, and more.
Over the past few months, LockBit's activity has been steadily increasing. While it's still too early to say the group is fully back, the latest surge is a strong signal that the actor may be rebuilding momentum.
📊 Currently, LockBit ranks as the 6th most active ransomware group of 2026.
Will LockBit return to its former position among the world's most dominant ransomware operations? Time will tell.
👉 Track LockBit and hundreds of other threat groups with DarkFeed:
https://t.co/1TFlJ1IuL7
#LockBit #Ransomware #CyberSecurity #ThreatIntelligence #DataBreach #DarkWeb #CyberThreats
It'll be interesting to see if anything changes for the group...especially considering everything else they've been hit with recently. But I'm guessing this gentleman won't like his mask slipping.
https://t.co/K9YpfQuw70
Sometimes I go online wondering if I'm going to find out the latest Breached forums drama or what extension/plugin has been exploited. I don't always expect to find out that an alleged admin of #ransomware group #TheGentlemen has apparently been identified.
A few days ago an article was released following the digital trail to 36 year old Alexander Andreevich Yapaev, outing him as a key admin for the group.
Yapaev, supposedly known by Zeta88 and Hastalamuerte on cybercrime forums, apparently takes 10% of all the ransoms.