Mastodawn

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credentialtheft - https://www.redpacketsecurity.com/storm-2561-uses-seo-poisoning-to-distribute-fake-vpn-clients-for-credentialtheft/

#threatintel
#storm-2561
#credential-theft
#seo-poisoning
#fake-vpn-client
#vpn-security

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credentialtheft - RedPacket Security

In mid-January 2026, Microsoft Defender Experts identified a credential theft campaign that uses fake virtual private network (VPN) clients distributed

RedPacket Security

Gea-Suan Lin Mar 6

https://blog.gslin.org/archives/2026/03/06/12919/google-%e5%9c%a8-gemini-%e6%9c%8d%e5%8b%99%e4%b8%8a%e6%8a%8a-api-key-%e6%8b%bf%e4%be%86%e7%95%b6%e4%bd%9c-credential-%e7%94%a8%e7%9a%84%e5%95%8f%e9%a1%8c/

Google 在 Gemini 服務上把 API key 拿來當作 credential 用的問題

#advisory #api #credential #gemini #google #key #secret #security

Google 在 Gemini 服務上把 API key 拿來當作 credential 用的問題

Gea-Suan Lin's BLOG

ポイズン雷花 Feb 27

黒き太陽　Чорне сонце
黒き太陽、突如世を夜に染め
Чорне сонце раптом забарвлює світ у ніч

https://note.com/poison_raika/n/n5ae31a4ff5d9

#black #sun #suddenly #dyes #world #night #display #royal #credential #make #greatness #known #world #leave #like #shoot #star

黒き太陽　Чорне сонце｜ポイズン雷花

黒き太陽、突如世を夜に染め王の証を見せ付ける如く表し我の偉大さを世に知らしめ流星の如く立ち去って行く <> Чорне сонце раптом забарвлює світ у ніч Явлені немов для того, щоб показати свідчення царя Нехай світ знає мою велич, Іди геть, як метеорит, <> The black sun suddenly dyes the world into night Manifested as if to show the kin

note（ノート）

RedPacket Security Feb 4

Infostealers without borders: macOS, Python stealers, and platform abuse - https://www.redpacketsecurity.com/infostealers-without-borders-macos-python-stealers-and-platform-abuse/

#threatintel
#macOS
#Infostealer
#Python
#Cross-platform
#Credential-theft

Infostealers without borders: macOS, Python stealers, and platform abuse - RedPacket Security

Infostealer threats are rapidly expanding beyond traditional Windows-focused campaigns, increasingly targeting macOS

RedPacket Security

N-gated Hacker News Jan 23

🚨🚀 Breaking News: #Microsoft can't tell a #fake domain from a real one, so they've been sending your imaginary emails to Japan! 🎌🤖 Apparently, Outlook's idea of "autodiscover" is to discover how to #leak your credentials like a sieve. 🤦‍♂️
https://tinyapps.org/blog/microsoft-mishandling-example-com.html #Outlook #Security #Issues #Domains #Credential #Japan #HackerNews #ngated

Microsoft mishandling example.com

RedPacket Security Dec 19

Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against thesupply chain attack - https://www.redpacketsecurity.com/shai-hulud-2-0-guidance-for-detecting-investigating-and-defending-against-thesupply-chain-attack/

#threatintel
#supply-chain-security
#npm-security
#CI/CD-security
#credential-management
#defender-for-cloud

Shai-Hulud 2.0: Guidance for detecting, investigating, and defending against thesupply chain attack - RedPacket Security

The Shai‑Hulud 2.0 supply chain attack represents one of the most significant cloud-native ecosystem compromises observed recently. Attackers maliciously

RedPacket Security

RedPacket Security Dec 19

#threatintel
#supply-chain-security
#npm-security
#CI/CD-security
#credential-management
#defender-for-cloud