Honored to be a speaker at the #BIMSTEC Youth Summit 2024, discussing Startups and #Cybersecurity – Building Safe and Innovative Businesses.
Grateful to @YASMinistry , @MEABharat , @YiTweets , @FollowCII , and all organizers for an incredible platform🚀
When attackers compromise identity systems, they don’t need to breach production infrastructure to cause material damage. #CarGurus incident reinforces a hard lesson: #SaaS security failures increasingly begin and end with identity abuse.
Details: https://t.co/LZh6wRZs1F
#Automotive #Car #Hack #SSO #databreach #Threatfeed #SecureBlink
The most dangerous cyber attacks are no longer those that break into systems, but those that quietly come through the front door, handed the keys by the very tools we rely on to build and secure our digital world.
Details: https://t.co/Hc6oCnReVp
#Cyberattack#Notepad#Hack #ZeroTrust #Threatfeed #SecureBlink
Initiate your critical #vulnerability response protocol. A flaw in React's Flight protocol (CVE-2025-55182) is under mass exploitation, turning servers into remote shells for credential theft and #cryptomining. The patch cycle is measured in hours, not days.
Details: https://t.co/GtzfgpV7bX
#Log4Shell #Botnet #React2Shell #Exploit #Threatfeed #SecureBlink
🔓 Your phone's biggest threat isn't a hacker—it's an app that looks exactly like your #telecom provider.
#Spyrtacus isn't just #spyware—it's a ghost in your phone, and it's been hiding in plain sight since 2018.
Details: https://t.co/DMarnckrQ6
#Italy#Hack#Malware #Surveillanceware #ThreatResearch #SecureBlink
🚨 18 Million Drivers at Risk? 🚨
Hackers just cracked into #Stellantis’ customer database through a #Salesforce breach — exposing millions of names and contact details tied to #Jeep, #Fiat, and Ram owners. #ShinyHunters claim they’re sitting on a goldmine of stolen data… and phishing attacks could be next.
Details: https://t.co/qkMenHPKqH
#Hack #automobile #supplychainattack #Threatfeed #SecureBlink
Honored to meet Governor @GovMurphy of New Jersey 🇺🇸. Insightful interaction on cybersecurity and its global impact 🌍🔐
Grateful for the exchange towards a safer digital future. 🚀
#Cybersecurity#Innovation#DigitalFuture
🚨 1.5 BILLION packets/sec.
A record UDP flood just slammed a DDoS scrubbing provider — powered by 11,000+ hijacked IoT/MikroTik devices.
This isn’t about Tbps anymore. It’s about Gpps.
Control planes, ACLs, scrubbing CPUs — all at risk.
The #DDoSattack war is evolving. Are we ready? 🧵
Details: https://t.co/ZmFmxgDUmD
#DDoS #Cyberattack #Cloudflare #FastNetMon #Threatfeed #SecureBlink
They didn’t phish the #password. They phished the OAuth grant.
ShinyHunters pivoted to #Salesforce at cloud scale: vishing → OAuth Device Flow → refresh_token persistence → bulk CRM exfil—often no fresh #MFA, no #malware beacons.
Our Threat Intel Lab reverse‑engineered the 2025 #playbook and published TTPs, IOCs, and detections.
1️⃣Identity is the perimeter; trusted auth #UX is the new exploit surface.
2️⃣ #CRM fidelity (PII, loyalty IDs, HNW segments) supercharges extortion leverage.
If You Can Defend Now
1️⃣ SSO‑only + #phishing‑resistant MFA; kill SMS/voice fallbacks.
2️⃣Govern #OAuth: pre‑approve apps, least‑privilege scopes, alert on new grants/scope elevation.
3️⃣Monitor device flow use, refresh_token issuance, large #SOQL/#API exports, off‑geo access.
Full report: https://t.co/N6uhCzt58R
#ShinyHunters #Salesforce #OAuth #Vishing #CTI #SaaS #DFIR #ThreatResearch #SecureBlink
📷 6.4 MILLION customers hit in France’s BIGGEST telecom hack in a decade.
Names. Contacts. IBANs.
No passwords — but the #phishing risk is off the charts.
Second #French telecom breach in 30 days.
Coincidence… or coordinated #cyberwarfare? 📷
Details: https://t.co/HHbYP9UqoV
#Bouygues #Databreach #Telecom #GDPR #Threatfeed #SecureBlink