If you’re one of the nearly 200 million customers affected by the AT&T data breach, you may be eligible for financial compensation. jetcityimage/Getty Images AT&T is preparing to make one of the largest privacy settlements recently seen, following two significant data breaches. The first breach, which occurred six years ago,…
Three security vulnerabilities have been identified in preloaded Android applications on Ulefone and Krüger&Matz smartphones. These flaws enable any installed app to factory reset the device and potentially encrypt other applications. Key details of the vulnerabilities include:
CVE-2024-13915 (CVSS score: 6.9): A pre-installed “com.pri.factorytest” app on Ulefone and Krüger&Matz devices exposes a service that permits any app to execute a factory reset.
CVE-2024-13916 (CVSS score: 6.9): The “com.pri.applock” app on Krüger&Matz smartphones allows users to encrypt apps using a PIN or biometric data. This app also exposes a method that lets malicious apps access sensitive fingerprint data.
Security Flaws in Preinstalled Apps on Ulefone and Krüger&Matz Smartphones Enable Malicious Actions On June 2, 2025, significant security vulnerabilities were uncovered in pre-installed applications on smartphones manufactured by Ulefone and Krüger&Matz. These vulnerabilities could potentially allow any application downloaded onto these devices to conduct a factory reset or encrypt…
Three security vulnerabilities have been identified in preloaded Android applications on Ulefone and Krüger&Matz smartphones. These flaws enable any installed app to factory reset the device and potentially encrypt other applications. Key details of the vulnerabilities include:
CVE-2024-13915 (CVSS score: 6.9): A pre-installed “com.pri.factorytest” app on Ulefone and Krüger&Matz devices exposes a service that permits any app to execute a factory reset.
CVE-2024-13916 (CVSS score: 6.9): The “com.pri.applock” app on Krüger&Matz smartphones allows users to encrypt apps using a PIN or biometric data. This app also exposes a method that lets malicious apps access sensitive fingerprint data.
Paperbug Exploit: New Politically-Driven Surveillance Initiative in Tajikistan
On April 27, 2023, a relatively obscure Russian-speaking cyber-espionage group has been identified as the orchestrator of a new politically motivated surveillance initiative targeting senior government officials, telecom services, and public infrastructure in Tajikistan. The operation, named Paperbug by the Swiss cybersecurity firm PRODAFT, has been linked to a threat actor known as Nomadic Octopus (also referred to as DustSquad). According to PRODAFT’s comprehensive technical report shared with The Hacker News, “The types of compromised machines range from individual computers to operational technology devices. These targets render ‘Operation Paperbug’ intelligence-driven.” While the ultimate motives behind the attacks are still uncertain, the cybersecurity firm has suggested the possibility of involvement from domestic opposition groups or an intelligence-gathering effort conducted by Russia or China. Nomadic Octopus first gained attention in October 2018.
Paperbug Attack: Emerging Politically-Driven Surveillance Campaign in Tajikistan April 27, 2023 A relatively obscure Russian-speaking cyber-espionage group has been implicated in a politically-motivated surveillance campaign aimed at high-ranking government officials and critical infrastructure in Tajikistan. This operation, referred to as “Paperbug” by Swiss cybersecurity firm PRODAFT, is linked to a…
Paperbug Exploit: New Politically-Driven Surveillance Initiative in Tajikistan
On April 27, 2023, a relatively obscure Russian-speaking cyber-espionage group has been identified as the orchestrator of a new politically motivated surveillance initiative targeting senior government officials, telecom services, and public infrastructure in Tajikistan. The operation, named Paperbug by the Swiss cybersecurity firm PRODAFT, has been linked to a threat actor known as Nomadic Octopus (also referred to as DustSquad). According to PRODAFT’s comprehensive technical report shared with The Hacker News, “The types of compromised machines range from individual computers to operational technology devices. These targets render ‘Operation Paperbug’ intelligence-driven.” While the ultimate motives behind the attacks are still uncertain, the cybersecurity firm has suggested the possibility of involvement from domestic opposition groups or an intelligence-gathering effort conducted by Russia or China. Nomadic Octopus first gained attention in October 2018.
Published: April 25, 2025
Category: Secrets Management / DevOps
When discussing identity in cybersecurity, people typically think of usernames, passwords, and the occasional multi-factor authentication prompt. However, an escalating threat lies beneath the surface, rooted in Non-Human Identities (NHIs). While security teams often equate NHIs with Service Accounts, the reality is much broader. NHIs encompass Service Principals, Snowflake Roles, IAM Roles, and platform-specific constructs across AWS, Azure, GCP, and beyond. The variability of NHIs reflects the diversity within modern tech stacks, making effective management essential.
The true risk associated with NHIs stems from their authentication methods.
Secrets: The Currency of Machines
Non-Human Identities primarily rely on secrets—API keys, tokens, certificates, and other credentials—that provide access to systems, data, and critical infrastructure.
The Rising Threat of Non-Human Identities in Cybersecurity In today’s cybersecurity landscape, discussions surrounding identity often center on traditional human elements such as usernames, passwords, and multi-factor authentication (MFA). However, a significant and escalating risk currently lurks beneath this familiar terrain in the form of Non-Human Identities (NHIs). This burgeoning…
Published: April 25, 2025
Category: Secrets Management / DevOps
When discussing identity in cybersecurity, people typically think of usernames, passwords, and the occasional multi-factor authentication prompt. However, an escalating threat lies beneath the surface, rooted in Non-Human Identities (NHIs). While security teams often equate NHIs with Service Accounts, the reality is much broader. NHIs encompass Service Principals, Snowflake Roles, IAM Roles, and platform-specific constructs across AWS, Azure, GCP, and beyond. The variability of NHIs reflects the diversity within modern tech stacks, making effective management essential.
The true risk associated with NHIs stems from their authentication methods.
Secrets: The Currency of Machines
Non-Human Identities primarily rely on secrets—API keys, tokens, certificates, and other credentials—that provide access to systems, data, and critical infrastructure.
UAE Reports Over 12,000 Wi-Fi Network Breaches in 2025 Recent disclosures from the UAE’s Cyber Security Council reveal a staggering number of over 12,000 cybersecurity breaches occurring across Wi-Fi networks since the beginning of 2025. This figure accounts for approximately 35 percent of all reported cyberattacks within the country this…
June 3, 2025
Browser Security / Vulnerability
On Monday, Google announced emergency fixes for three security vulnerabilities in its Chrome browser, including a critical flaw currently being exploited in the wild. This high-severity issue, tracked as CVE-2025-5419 (CVSS score: 8.8), pertains to an out-of-bounds read and write vulnerability in the V8 JavaScript and WebAssembly engine. According to the National Vulnerability Database (NVD), “Out-of-bounds read and write in V8 in Google Chrome prior to version 137.0.7151.68 allowed remote attackers to potentially exploit heap corruption via a specially crafted HTML page.” The flaw was identified and reported by Clement Lecigne and Benoît Sevens of Google’s Threat Analysis Group (TAG) on May 27, 2025, and was promptly addressed the following day with a configuration update to the Stable version of Chrome across all platforms. As is typical, the advisory provides limited details concerning the…
New Chrome Zero-Day Vulnerability Actively Exploited; Google Releases Urgent Patch On June 3, 2025, Google announced the issuance of out-of-band updates aimed at rectifying three critical security issues within its Chrome browser. Among these vulnerabilities, one has been identified as actively exploited in the wild. This significant flaw, cataloged as…
June 3, 2025
Browser Security / Vulnerability
On Monday, Google announced emergency fixes for three security vulnerabilities in its Chrome browser, including a critical flaw currently being exploited in the wild. This high-severity issue, tracked as CVE-2025-5419 (CVSS score: 8.8), pertains to an out-of-bounds read and write vulnerability in the V8 JavaScript and WebAssembly engine. According to the National Vulnerability Database (NVD), “Out-of-bounds read and write in V8 in Google Chrome prior to version 137.0.7151.68 allowed remote attackers to potentially exploit heap corruption via a specially crafted HTML page.” The flaw was identified and reported by Clement Lecigne and Benoît Sevens of Google’s Threat Analysis Group (TAG) on May 27, 2025, and was promptly addressed the following day with a configuration update to the Stable version of Chrome across all platforms. As is typical, the advisory provides limited details concerning the…
April 28, 2023
Malware / Cyber Threat
Recent attacks by the China-aligned threat actor known as the Tonto Team have targeted South Korean education, construction, diplomatic, and political institutions. The AhnLab Security Emergency Response Center (ASEC) reported that the group is utilizing a file associated with anti-malware products to carry out their malicious activities. Active since at least 2009, Tonto Team has a history of attacks across various sectors in Asia and Eastern Europe. Earlier this year, they were linked to an unsuccessful phishing attempt on the cybersecurity firm Group-IB. According to ASEC, the attack begins with a Microsoft Compiled HTML Help (.CHM) file that runs a binary to side-load a malicious DLL (slc.dll) and deploy the ReVBShell backdoor, an open-source VBScript tool also used by another Chinese threat actor, Tick.
Emerging Cyber Attacks: Tonto Team Targets South Korean Institutions with Unusual Tactics April 28, 2023 In a notable escalation of cyber threats, South Korean institutions across several critical sectors—namely education, construction, diplomacy, and politics—are facing fresh attacks attributed to a China-aligned threat group known as the Tonto Team. A report…
April 28, 2023
Malware / Cyber Threat
Recent attacks by the China-aligned threat actor known as the Tonto Team have targeted South Korean education, construction, diplomatic, and political institutions. The AhnLab Security Emergency Response Center (ASEC) reported that the group is utilizing a file associated with anti-malware products to carry out their malicious activities. Active since at least 2009, Tonto Team has a history of attacks across various sectors in Asia and Eastern Europe. Earlier this year, they were linked to an unsuccessful phishing attempt on the cybersecurity firm Group-IB. According to ASEC, the attack begins with a Microsoft Compiled HTML Help (.CHM) file that runs a binary to side-load a malicious DLL (slc.dll) and deploy the ReVBShell backdoor, an open-source VBScript tool also used by another Chinese threat actor, Tick.
Recruitment & Reskilling Strategy, Training & Security Leadership Workers Opt for Flexible and Purpose-Driven Career Paths Over Conventional Advancement Brandy Harris • August 20, 2025 Image: Shutterstock The conventional approach to career success—characterized by upward mobility through promotions and prestigious titles—is undergoing a significant transformation. In 2025, an increasing number…
📅 April 28, 2025
Cloud Security / Vulnerability
Not all security vulnerabilities pose a high risk on their own, but in the hands of skilled attackers, even minor weaknesses can escalate into significant breaches. This article highlights five real vulnerabilities identified by Intruder’s bug-hunting team, illustrating how attackers exploit overlooked flaws to create serious security incidents.
Understanding the Genesis of Breaches: Analyzing Five Real Vulnerabilities April 28, 2025 In the realm of cybersecurity, not every vulnerability is inherently catastrophic. However, when exploited by skilled attackers, even minor weaknesses can culminate in significant breaches. Recent findings from Intruder’s dedicated bug-hunting team illustrate the alarming potential of overlooked…
📅 April 28, 2025
Cloud Security / Vulnerability
Not all security vulnerabilities pose a high risk on their own, but in the hands of skilled attackers, even minor weaknesses can escalate into significant breaches. This article highlights five real vulnerabilities identified by Intruder’s bug-hunting team, illustrating how attackers exploit overlooked flaws to create serious security incidents.
