Security Pulse

Custom illustration showing a hacker silhouette controlling cloud-service icons (OneDrive, Yandex Cloud) overlaying an IT supply chain network diagram.

APT31 Targets Russian IT via Yandex Cloud & OneDrive C2

yohanmanuja1 month ago1 month ago39 mins

Between 2024 and 2025, China-linked APT31 conducted a stealthy espionage campaign targeting Russian IT contractors and government integrators. The group masked its command-and-control using legitimate cloud services such as Yandex Cloud and OneDrive, deployed loaders like CloudyLoader via DLL side-loading, and maintained long dwell times within compromised networks. This article decodes APT31’s tool-kit, tactics and persistence model, and offers detection and response guidance for defenders.

Futuristic IDE view showing GPT-5.1 Codex as an autonomous coding agent connected to a secure pipeline

GPT-5.1 Codex: Long-Horizon AI Agents Meet Enterprise Security

yohanmanuja1 month ago1 month ago18 mins

GPT-5.1 Codex-Max can now code independently for hours inside terminals, IDEs and Windows environments. That jump from helper to autonomous coding agent dramatically changes the threat model, turning AI-generated patches, permissions and pipelines into first-class security concerns.

North Korean hackers targeting software developers via malicious code repositories

Developers Warned: North Korean Hackers Use Malicious Repos

yohanmanuja2 months ago2 months ago44 mins

Cybersecurity researchers uncovered a North Korean operation that targets software developers by hiding malicious code inside public repositories.
The campaign, linked to Lazarus Group, uses fake developer tools and trojanized libraries to infiltrate development environments worldwide.

StealIt malware abusing NodeJS SingleFile module to exfiltrate sensitive data from compromised environments

Open-Source Module Abused by StealIt Malware for Data Theft

yohanmanuja3 months ago3 months ago14 mins

Security researchers have identified a new StealIt malware campaign abusing the NodeJS SingleFile module to exfiltrate sensitive data from compromised environments. This JavaScript-based threat demonstrates how legitimate developer tools can be turned into effective espionage vectors within open-source ecosystems.

Malicious Python RAT disguised as a Minecraft mod installer screen for “Nursultan Client”

Minecraft Mod Exploit: RAT Built in Python Targets Gaming PCs

yohanmanuja2 months ago2 months ago23 mins

A major rat campaign disguised as the Minecraft mod “Nursultan Client” is compromising gamers via a Python-based Trojan using Telegram bot infrastructure. This tool steals browser tokens, captures webcams, and uses a gamified lure to breach systems and security teams need to view gaming endpoints as serious risk zones.

Fake “Safery” Chrome wallet exfiltrates seed phrases using Sui micro-transactions

Fake “Safery” Chrome wallet exfiltrates seed phrases on Sui

yohanmanuja1 month ago1 month ago04 mins

A fake Chrome wallet called “Safery” steals seed phrases by encoding them into Sui addresses and sending dust transactions, allowing attackers to reconstruct mnemonics later. Consequently, users risk full account takeover. Enforce extension allowlists, remove unknown wallets, rotate seeds, and migrate assets to new addresses immediately.

Threat actors exploiting genAI platforms and trusted cloud apps to breach manufacturing networks and exfiltrate intellectual property

AI-Powered Phishing and Cloud Malware Push Threats

yohanmanuja2 months ago2 months ago34 mins

Threat actors now pair generative AI with trusted cloud apps to breach manufacturing. They deliver malware through OneDrive/GitHub, steal API keys and tokens, and persist via OAuth consent. Without governed AI usage, Cloud DLP, and consent controls, factories face quiet IP theft and escalating downtime risks.

A conceptual image of a Microsoft 365 firewall blocking a malicious red email representing a BEC attack, while allowing safe emails to pass through, symbolizing effective security rules

Block BEC: 9 Microsoft 365 Rules That Actually Work

yohanmanuja2 months ago2 months ago06 mins

Business email compromise drains budgets with executive spoofing and invoice fraud. This practical Microsoft 365 guide shows nine rules that actually stop BEC: tuned anti-phish and impersonation, Safe Links and Safe Attachments, SPF/DKIM/DMARC, phishing-resistant MFA with Conditional Access, external sender tags, mailbox hygiene, attack simulation, and a short incident playbook.

China National Time Service Centre Shaanxi with cyber-attack visual overlay

China’s National Time Agency Targeted by U.S. Cyber Espionage

yohanmanuja2 months ago2 months ago03 mins

China’s Ministry of State Security alleges that the U.S. National Security Agency breached its National Time Service Centre over multiple years. The event signals new exposure for timing infrastructure and escalates global cyber conflict.

Microsoft Patch Tuesday security update December 2025

December 9, 2025: Microsoft Patches 56 Vulnerabilities

yohanmanuja3 weeks ago2 weeks ago07 mins

Microsoft’s December 2025 Patch Tuesday delivers critical security updates — 56 vulnerabilities across Windows, Office, Exchange and more including three zero-day flaws. Attackers exploited at least one, making immediate patching vital for enterprise and personal systems alike.

Why OpenAI’s Skills Could Boost Complex Task in ChatGPT

ChatGPT’s Atlas Browser Vulnerable to Prompt Injection Exploits

Hackers Claim Water Plant Attack But It Was a Honeypot All Along

UK Scrutinizes Chinese E-Buses After Norway Kill-Switch Tests

CVE-2025-61882: Oracle’s Emergency Patch After Cl0p Exploits

Oracle EBS Zero-Day Fallout: More Victims Emerge

APT31 Targets Russian IT via Yandex Cloud & OneDrive C2

GPT-5.1 Codex: Long-Horizon AI Agents Meet Enterprise Security

Developers Warned: North Korean Hackers Use Malicious Repos

Open-Source Module Abused by StealIt Malware for Data Theft

Minecraft Mod Exploit: RAT Built in Python Targets Gaming PCs

Fake “Safery” Chrome wallet exfiltrates seed phrases on Sui

AI-Powered Phishing and Cloud Malware Push Threats

Block BEC: 9 Microsoft 365 Rules That Actually Work

China’s National Time Agency Targeted by U.S. Cyber Espionage

December 9, 2025: Microsoft Patches 56 Vulnerabilities