💥Russian SVR and GRU hackers spent a month inside a Belgrade think tank's inboxes, reading 28,000 emails. As Serbia heads toward elections, the attack reveals a darker pattern: Moscow and Belgrade often chase the same enemies. Interview with @srdjancvijic https://t.co/A89ttj0P9v
NIST releases SP 1326 : NIST Cybersecurity Supply Chain Risk Management: Due Diligence Assessment Quick-Start Guide
https://t.co/X5ftnrgGZM
Teaches you how to do due diligence (vet) your vendors (and their products) so that your supply chain is more secure and aligned with cybersecurity best practices.
Please, if you have not already done so, get started on making a Vendor Vetting checklist at your org.
I am available for light questions here on X, if need be. Just be patient with me if I do not reply straight away.
This is important. Get on it. Be well.
🚨 BREAKING: CISA is reportedly using Anthropic's Mythos AI to audit U.S. government code for security vulnerabilities.
According to Reuters, CISA's Attack Surface Evaluation team is leveraging the model to scan government code repositories for bugs that could be exploited by foreign intelligence services or cybercriminals. Sources say the initiative has already uncovered a significant number of vulnerabilities, although no technical details have been disclosed.
* AI-assisted secure code reviews are rapidly becoming part of government cybersecurity operations.
* The focus is on identifying vulnerabilities before adversaries can weaponize them.
* This highlights the growing role of frontier AI models in defensive cyber operations.
Analyst Note: While AI can dramatically accelerate vulnerability discovery, it also increases pressure on organizations to validate, prioritize, and remediate findings quickly. As offensive AI capabilities improve, the advantage will belong to defenders who can shorten their patching and response cycles.
Source: Reuters
https://t.co/ltJ88RI0eb
#DDW #Intelligence #Cybersecurity #AI
APT_REPORT? Thousands of APT Reports, IOCs & YARA Rules in One Place 💀🔥
APT_REPORT is one of the largest open collections of public Advanced Persistent Threat (APT) intelligence. It aggregates threat reports, malware samples, YARA rules, IOCs, whitepapers, and research covering nation-state actors and cybercriminal groups from security vendors worldwide.
✨ Key Features:
• 🎯 Organized by APT groups (APT28, APT29, Lazarus, Turla, Winnti, Kimsuky, MuddyWater, SideWinder, Sandworm, etc.)
• 📄 Thousands of public threat reports and technical analyses
• 🛡️ Includes malware samples, YARA rules, IOCs, and detection artifacts
• 🌍 Covers state-sponsored groups, cybercrime operations, OT, mobile threats, spyware, and Web3 attacks
• 📚 Contains reference PDFs, threat actor cards, and Microsoft threat actor mappings
• 🔍 Excellent resource for Threat Intelligence, Malware Analysis, DFIR, Detection Engineering, and OSINT research
🔗 https://t.co/0XFElNBvTv
#ThreatIntelligence #CyberSecurity #APT #MalwareAnalysis #DFIR #ThreatHunting #YARA #OSINT #OpenSource #GitHub
Law enforcement partners in Spain announced the arrest of a member of the pro-Russia hacktivist group Cyber Army of Russia Reborn (also known as Z-Pentest). @FBILosAngeles worked closely with the Spanish National Police to coordinate the subject’s arrest.
Last December, the FBI announced Operation Red Circus, our ongoing effort to disrupt Russian state-sponsored cyber threats to the United States and our interests abroad. As part of that announcement, the FBI and partners released a joint Cybersecurity Advisory on pro-Russia hacktivist groups conducting opportunistic attacks against critical infrastructure, including the water, agriculture, and energy sectors. A mission priority of Operation Red Circus is targeting and arresting individuals for their roles in hacktivist groups such as Cyber Army of Russia Reborn to mitigate planned, malicious cyber-campaigns.
This action is part of Operation Riptide and underscores the FBI’s commitment to working with our international partners to disrupt and hold accountable those engaged in malicious cyber activity. Together, we will continue to impose costs on cybercriminals wherever they operate.
⚠️ Pozor – v obtoku je novo phishing sporočilo, ki zlorablja identiteto portala https://t.co/YhUeSlYYFI.
Prevaranti pošiljajo elektronska sporočila z lažno zahtevo za »varnostno posodobitev« ali grožnjo z deaktivacijo e-poštnega računa.
🔹 Ne klikajte na povezave.
🔹 Ne vnašajte uporabniškega imena ali gesla.
🔹 Vedno preverite dejanski spletni naslov povezave.
Državni organi od uporabnikov nikoli ne zahtevajo vnosa gesel prek povezav v elektronski pošti.
#KibernetskaVarnost #Phishing #GOVSI #PrevidnoNaSpletu
Globalni ponudnik omrežja za dostavo vsebin (CDN) @Cloudflare je po dolgih letih napovedi končno vklopil tudi lokalne strežnike v Ljubljani. To pomeni, da bodo zdaj mnoge priljubljene spletne strani iz Slovenije delovale hitreje.
Tudi DNS-strežniki 1.1.1.1 so zdaj oddaljeni le milisekundo ali dve. Namesto 1.1.1.1 je sicer priporočljivo uporabljati 1.1.1.2, ki filtrira problematične strani, 1.1.1.3 pa dodatno še strani, ki niso primerne za otroke.
Poland just got access to OpenAI’s GPT-5.5-Cyber under the Trusted Access for Cyber program - first in the region, one of very few countries worldwide: Australia, Canada, France, Germany, Japan, South Korea, and EU institutions.
The C.I.A. is reorganising to put greater priority on cyberoperations, especially offensive cyber capabilities. It wants officers to become more skilled at using digital tools, data, and code for intelligence collection. A major focus is using AI, understood as "digital nuclear weapons" aggressively but keeping humans in control of final decisions. The agency is strengthening its ability to hack computer networks, communications systems where intelligence can be gathered. https://t.co/5E4wNotxPk
‼️ BREAKING: Anthropic has embedded hidden spyware-like code in Claude Code that covertly targets Chinese users. It then sends information regarding every user by injecting it into their prompt message.
Claude Code is sending info like timezone, proxy and possible AI Lab connections into the system prompt in ways Chinese users can't notice.
A coding agent with repo and command permissions should not silently hide routing metadata inside prompts. This is a serious breach of user trust.
Link: "When cybercriminals hire burglars: Inside an alleged Russian effort to infiltrate multibillion-dollar US law firms" (4/4) https://t.co/UM1cfcWXZ3
AJP-5 was recently updated with with Edition B.
It includes a new annex on future planning considerations focused on MDO, with highlights for integrating cyberspace and space operations (with direct reference to SCEPVA)
https://t.co/3WEwGfAoXH
Anthropic has accused Alibaba, the Chinese technology and e-commerce giant, of illicitly extracting its Claude AI model capabilities in what it said was the largest known attack of its kind on the firm, according to a letter seen by Reuters https://t.co/BhZsXVPEGD
"Signal is a honeypot, use X Chat instead!"
The people who say this are the same people who see clickbait headlines like "hackers target Signal" and assume the encryption got cracked. It didn't, and it never has.
Here's what's actually happening 🧵👇
1/5