Monitor for OTP burst patterns and SIM rotation fingerprints in logs
SIM farms expose how weak KYC and SMS OTP let fraud scale. Raids seized SIM boxes and tens of thousands of cards. Here’s how carriers and brands can actually fix it.
Tag: safety
Read More
EDR-Redir V2 Blinds Microsoft Defender on Windows 11
EDR-Redir V2 blinds Microsoft Defender by abusing Windows file-system filter drivers with bind links that redirect or corrupt EDR working paths. This practitioner’s guide explains the method, highlights reliable artifacts, and lists resilient mitigations so teams can validate exposure, restore telemetry, and protect Windows 11 fleets without breaking production.
ChatGPT Memory-Based Ads: Security Guidance for Teams
OpenAI’s exploration of memory-based ads raises new privacy and compliance risks. Consequently, security teams should treat memory as persistent data, enforce strict prompt hygiene, require explicit consent, and audit retention. Therefore, keep memory off for sensitive workflows until governance, training, and verification land in production.
Luxury Brand Impersonation Wave: 1,330 Domains
Researchers tracked 1,330 suspicious domains impersonating 23 luxury brands ahead of peak shopping. Prepare for activation waves with monitoring, takedowns, and buyer guidance.
Agent Session Smuggling: Hijacking AI-to-AI Workflows
Agent session smuggling lets a hostile AI agent exploit a live multi-agent conversation, inherit tool authority, and trigger real actions. With scoped credentials, signed steps, and guarded workflows, teams can keep speed without losing control.
Lanscope Endpoint Manager Zero-Day Under Attack
Attackers exploit CVE-2025-61932 in Lanscope Endpoint Manager clients to run code and move laterally. Patch MR/DA endpoints now and reduce internet exposure.
Edge Security Upgrade: Faster Scareware and Pop-Up Blocking
Edge’s scareware sensor uses on-device AI and SmartScreen integration to shut down tech support scams fast. It exits full-screen traps, warns users, and gives admins policy control.
CISA/NSA Guidance: Hardening Microsoft Exchange Servers Now
CISA and NSA published a focused plan to harden Microsoft Exchange. Enforce modern authentication, cut exposure, enable Extended Protection, and lock down TLS to stop real-world attacks.
Malicious npm Packages Hide Code in Invisible Dependencies
Attackers hide malware behind invisible npm dependencies and install-time scripts, which bypass static scanners and drain tokens. Close install-time egress, ban URL dependencies, and add dynamic checks.
State-Aligned Intrusion at a Telecom Provider: What to Triage First
A state-aligned intrusion at a major telecom networking provider underscores the risk of supplier compromise. Because the dwell time likely spanned months, defenders should validate identity access, check for lateral movement, and review customer-adjacent data paths. This analysis prioritizes triage, practical detections, and hardening actions.