We’ve published Volume I of our ByteToBreach campaign analysis: a full technical post-mortem of the Sterling Bank Plc breach.
This report reconstructs the complete attack chain from initial access (March 18, 2026) through to the Cardinal Stone pivot.
I emailed ByteToBreach, the threat actor behind the Sterling Bank, Remita, and now Corporate Affairs Commission breaches, with 10 accountability questions.
He answered all of them.
In my latest piece, I break down the Corporate Affairs Commission breach in full.
How he got in. What he accessed. The scale of what was taken, a second access vector into the CAC's systems that he revealed directly to me, not in any published artefact and direct confirmation on whether any corporate records were modified.
He also confirmed he was in active ransom negotiations with Sterling Bank for €250,000 before dumping their data.
The CAC has since issued a public statement. I break down what it says and what it leaves unanswered.
And he told me directly why Nigerian institutions have become his focus.
Read the full piece here:
https://t.co/wk59fdUId4
We’ve published Volume I of our ByteToBreach campaign analysis: a full technical post-mortem of the Sterling Bank Plc breach.
This report reconstructs the complete attack chain from initial access (March 18, 2026) through to the Cardinal Stone pivot.
5. 3,009 employee records enumerated via an unauthenticated API endpoint.
6. Cardinal Stone Partners’ investment database accessed via phpMyAdmin with no network isolation.
The report is written for security professionals, CISOs, incident responders, and regulators.
Web Security Lab has identified and documented coordinated subdomain abuse affecting multiple hosts under the National Identity Management Commission (NIMC) domain namespace.
The affected subdomains were used for SEO spam hosting and redirect-based monetisation infrastructure for an extended period prior to remediation.
We found no evidence of intrusion into core NIMC systems.
Internal impact assessment remains the responsibility of NIMC.
The incident was identified and responsibly disclosed.
Following escalation to the authoritative DNS operator, the affected subdomain was taken offline.
📝 Read the full report here:
https://t.co/aNgMBleRK8
Web Security Lab has published a technical incident report on a subdomain takeover involving the Nigeria Police Service Commission website infrastructure.
Hundreds of indexed pages were identified, generating search visibility under a trusted government domain and increasing the likelihood of public exposure.
As a certified cybersecurity professional, Jack brings emerging professional capability to Africa’s growing cybersecurity workforce.
He represents a new generation of practitioners supporting secure digital growth across the continent.
Big congratulations to @Cy_berJack, one of our Fellows, on passing the CompTIA Security+ certification.
Jack is a Fellow of the Web Security Lab Professional Security Fellowship, a structured program focused on developing practical security capability & professional readiness.
Mariam Ibrahim, a corps member, was arrested in October 2025 after the Nigerian Police claimed that a number tied to a January 2024 kidnapping case was linked to her National Identity Number (NIN).
There was just one obvious problem: she bought the SIM card in April 2025.
I spoke to The Punch Newspaper about how Nigeria’s MSISDN lifecycle management allows new SIM owners to inherit the digital footprint and criminal exposure of previous owners, and why our identity verification infrastructure needs stronger procedural safeguards around number reassignment and investigative protocols.
https://t.co/7dudYkGpYN
That’s why conversations like this matter, and why we’re proud to contribute our voice to the broader ecosystem work shaping Africa’s digital future and strengthening a safer, more accountable internet for everyone.
This Saturday, our Founder David Odes joins industry leaders at the Global Data Protection Tech Summit in Lagos.
Stronger digital ecosystems grow when people understand how their data is collected, used, and protected—and when organisations act responsibly.