Indian Government Rescues 250 Citizens Forced into Cybercrime in Cambodia

The Indian government said it has rescued and repatriated about 250 citizens in Cambodia who were held captive and coerced into running cyber scams. The Indian nationals "were lured with employment opportunities to that country but were forced to undertake illegal cyber work," the Ministry of...

‘Operation FlightNight’ Targeting India with Deceptive Air Force Invitations

Summary: In a campaign dubbed Operation FlightNight, unidentified threat actors have focused on Indian government agencies and energy companies, aiming to deploy a modified variant of an open-source information stealer malware known as HackBrowserData. The threat actors have been observed...

WinRAR 6.22 Remote Code Execution

Exploit Title : EXPLOIT WinRAR version 6.22 Vulnerability CVE-2023-38831 Author : E1.Coders Contact : E1.Coders at Mail dot RU Security Risk : High Description : All target's GOV & Military websites Expl0iTs: include include include include "zip.h" define PDFFILE "document.pdf" define FOLDERNAME...

Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force Invite

Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-and-control C2...

opengov.nsw.gov.au Cross Site Scripting vulnerability OBB-3888928

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Public AI as an Alternative to Corporate AI

This mini-essay was my contribution to a round table on Power and Governance in the Age of AI. Its nothing I havent said here before, but for anyone who hasnt read my longer essays on the topic, its a shorter introduction. The increasingly centralized control of AI is an ominous sign. When tech...

Controversial Clearview AI Added to US Government’s Tech Marketplace

By Waqas Ukraine used Clearview AI, now it is up for grabs by US Defense agencies! This is a post from HackRead.com Read the original post: Controversial Clearview AI Added to US Governments Tech Marketplace...

lobbyists.integrity.tas.gov.au Cross Site Scripting vulnerability OBB-3881160

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

government-canada.com Cross Site Scripting vulnerability OBB-3878856

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Repository for Software Attestation and Artifacts Now Live

Software producers who partner with the federal government can now upload their Secure Software Development Attestation Forms to CISA's Repository for Software Attestation and Artifacts. Software producers that provide the government software can fill out the form to attest to implementation of...

A Necessary Digital Odyssey of RPA and AI/ML at HUD

Explore two RPA and AI/ML use cases at HUD during the operational challenges of the longest US Government shutdown, a rigid legacy IT environment, and complex federal regulations...

CVE-2024-21408

creationtimestamp| type| source ---|---|--- 2024-03-12 20:21:56+00:00| seen| https://t.me/ctinow/206092 2024-03-13 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1245 2024-03-13 08:30:38+00:00| seen| https://t.me/kasperskyb2b/1170 2024-03-13 11:41:56+00:00| seen|...

CVE-2023-47534

creationtimestamp| type| source ---|---|--- 2024-03-12 16:26:38+00:00| seen| https://t.me/ctinow/205805 2024-03-12 16:32:06+00:00| seen| https://t.me/ctinow/205821 2024-03-13 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1246 2024-03-13 21:52:26+00:00| seen|...

CVE-2024-28757

creationtimestamp| type| source ---|---|--- 2024-03-10 06:26:59+00:00| seen| https://t.me/ctinow/204122 2024-03-10 06:27:00+00:00| seen| https://t.me/ctinow/204123 2024-03-10 11:21:44+00:00| seen| https://t.me/ctinow/204214 2025-09-16 10:00:00+00:00| seen|...

TA4903 Spoofing Government Entities and SMBs for Financial Gain

Summary: TA4903, a financially motivated threat actor, conducts high-volume email campaigns targeting U.S. organizations for credential phishing and business email compromise BEC. They spoof various U.S. government agencies and private businesses, employing tools like EvilProxy and incorporating ...

Xplain Hack Aftermath: Play Ransomware Leaks Sensitive Swiss Government Data

By Deeba Ahmed In June 2023, Xplain, a Swiss IT services provider, fell victim to a cyberattack claimed by the Play ransomware group. This is a post from HackRead.com Read the original post: Xplain Hack Aftermath: Play Ransomware Leaks Sensitive Swiss Government Data...

Predator spyware vendor banned in US

The US Treasury Department has sanctioned Predator spyware vendor Intellexa Consortium, and banned the company from doing business in the US. Predator can turn infected smartphones into surveillance devices. Intellexa is based in Greece but the Treasury Department imposed the sanctions because of...

CVE-2023-52604

creationtimestamp| type| source ---|---|--- 2024-03-06 08:27:05+00:00| seen| https://t.me/ctinow/201095 2024-03-06 23:56:43+00:00| seen| https://t.me/ctinow/201923 2025-08-14 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-15...

U.S. Cracks Down on Predatory Spyware Firm for Targeting Officials and Journalists

The U.S. Department of Treasury's Office of Foreign Assets Control OFAC sanctioned two individuals and five entities associated with the Intellexa Alliance for their role in "developing, operating, and distributing" commercial spyware designed to target government officials, journalists, and poli...

Alert: GhostSec and Stormous Launch Joint Ransomware Attacks in Over 15 Countries

The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker. "TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries," Cisco Talos researcher...