Offensive SequenceDec 17
๐Ÿšจ CVE-2025-14700 (CRITICAL, CVSS 9.9) in Crafty Controller 4.6.1 enables authenticated RCE via SSTI in Webhook Template. Restrict access, monitor for suspicious activity, and prep for patches. Full details: https://radar.offseq.com/threat/cve-2025-14700-cwe-1336-improper-neutralization-of-bf9964e9 #OffSeq #CyberAlerts #SSTI #RCE
Anonymous ๐Ÿˆ๏ธ๐Ÿพโ˜•๐Ÿต๐Ÿด๐Ÿ‡ต๐Ÿ‡ธ Oct 11
#Qilin, a ransomware group with a track record of intrusions against major entities around the world, claimed responsibility for a hack on Japanโ€™s Asahi Group, which disrupted production at the beer and beverage giant. #RansomwareAttacks #AsahiBeer #CyberAlerts https://www.japantimes.co.jp/business/2025/10/08/companies/asahi-group-cyberattack-gang/?utm_medium=social&utm_source=bluesky#Echobox=1759878562-2
Qilin cybercrime gang claims hack on Japan's Asahi

The ransomware group has a track record of intrusions against major entities around the world.

The Japan Times
Anonymous ๐Ÿˆ๏ธ๐Ÿพโ˜•๐Ÿต๐Ÿด๐Ÿ‡ต๐Ÿ‡ธ Aug 29, 2025

Passwordstate, used by 29,000 orgs worldwide, just patched a critical flaw.

A crafted URL could bypass its emergency access page โ€” exposing credentials.

Researchers also warn its browser extension was at risk of clickjacking: one bad click could leak logins, cards, even 2FA codes. #CyberAlerts https://thehackernews.com/2025/08/click-studios-patches-passwordstate.html

Click Studios Patches Passwordstate Authentication Bypass Vulnerability in Emergency Access Page

Passwordstate 9.9 fixes authentication bypass flaw on August 28, 2025, adding clickjacking defenses for 29,000 customers.

The Hacker News
Anonymous ๐Ÿˆ๏ธ๐Ÿพโ˜•๐Ÿต๐Ÿด๐Ÿ‡ต๐Ÿ‡ธ Aug 27, 2025

#ShadowSilk hackers just hit nearly 30+ gov targets across Central Asia & APAC.

The crew? A Russian-Chinese tag team using Telegram bots to hide C2 traffic + stealing Chrome passwords.

Theyโ€™re still activeโ€”new victims found in July. #CyberSecurity #CyberAlerts https://thehackernews.com/2025/08/shadowsilk-hits-36-government-targets.html

ShadowSilk Hits 35 Organizations in Central Asia and APAC Using Telegram Bots

ShadowSilk hit 36 victims across Central Asia and APAC in July, using Telegram bots to exfiltrate government data.

The Hacker News
Anonymous ๐Ÿˆ๏ธ๐Ÿพโ˜•๐Ÿต๐Ÿด๐Ÿ‡ต๐Ÿ‡ธ Aug 26, 2025

New 5G attack discovered.

Researchers built #Sni5Gect, a tool that can hijack the 5G handshake, crash phones, or silently downgrade them to 4G โ€” no fake cell tower needed. #CyberSecurity #CyberAlerts #smartphone https://thehackernews.com/2025/08/new-sni5gect-attack-crashes-phones-and.html

New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station

Sni5Gect attack downgrades 5G to 4G via unencrypted messages, with 90% injection success rate.

The Hacker News
Anonymous ๐Ÿˆ๏ธ๐Ÿพโ˜•๐Ÿต๐Ÿด๐Ÿ‡ต๐Ÿ‡ธ Aug 12, 2025

WARNING: Dutch cyber watchdog confirms: a Citrix zero-day (CVE-2025-6543) was exploited for months before disclosureโ€”hitting critical orgs, leaving hidden web shells, and erasing traces.

Patches are out. If you run NetScaler, act now. #CyberSecurity #CyberAlerts https://thehackernews.com/2025/08/dutch-ncsc-confirms-active-exploitation.html

Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors

Dutch NCSC warns of CVE-2025-6543 Citrix attacks on critical organizations, urging urgent patches to prevent further breaches.

The Hacker News
Anonymous ๐Ÿˆ๏ธ๐Ÿพโ˜•๐Ÿต๐Ÿด๐Ÿ‡ต๐Ÿ‡ธ Aug 8, 2025

Brazil hit by two cyber threats:

1๏ธโƒฃ Hackers using AI-built fake gov sites to steal IDs + cash via PIX.
2๏ธโƒฃ Efimer Trojan spreading via fake legal emails, torrents & WordPress hacks โ€” swapping crypto wallets + stealing funds. #CyberAlerts #Scam

https://thehackernews.com/2025/08/ai-tools-fuel-brazilian-phishing-scam.html

AI Tools Fuel Brazilian Phishing Scam While Efimer Trojan Steals Crypto from 5,000 Victims

AI-powered phishing mimics Brazilian agencies, stealing data and PIX payments; Efimer Trojan targets crypto wallets.

The Hacker News
Anonymous ๐Ÿˆ๏ธ๐Ÿพโ˜•๐Ÿต๐Ÿด๐Ÿ‡ต๐Ÿ‡ธ Aug 8, 2025

RubyGems & PyPI under attack:

๐Ÿ”ธ 60 fake RubyGems stole social media logins (275K+ downloads)
๐Ÿ”ธ PyPI fakes hijacked crypto staking wallets

Both hide credential-stealing code in legit-looking packages. #CyberAlerts https://thehackernews.com/2025/08/rubygems-pypi-hit-by-malicious-packages.html

RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes

RubyGems and PyPI hit by credential-stealing packages targeting automation and crypto users, prompting new security rules.

The Hacker News
Anonymous ๐Ÿˆ๏ธ๐Ÿพโ˜•๐Ÿต๐Ÿด๐Ÿ‡ต๐Ÿ‡ธ Aug 7, 2025

11 malicious Go packages just found โ€” infecting both Windows and Linux.

They silently download payloads, hijack shells, and can steal browser data.

Worse: they look legit, preying on confused devs importing from GitHub. #CyberAlerts #Malware https://thehackernews.com/2025/08/malicious-go-npm-packages-deliver-cross.html

Malicious Go, npm Packages Deliver Cross-Platform Malware, Trigger Remote Data Wipes

Attackers used 11 Go and 2 npm packages to spread malware across platforms, putting open-source developers at risk.

The Hacker News
Anonymous ๐Ÿˆ๏ธ๐Ÿพโ˜•๐Ÿต๐Ÿด๐Ÿ‡ต๐Ÿ‡ธ Aug 6, 2025

CAPTCHAgeddon is here. A fake CAPTCHA scam called ClickFix hijacks devices with a single pasteโ€”no download, no file, just clipboard commands.

It's smarter than ClearFakeโ€”and spreading fast. #Scam #CyberAlerts https://thehackernews.com/2025/08/clickfix-malware-campaign-exploits.html

ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections

ClickFix malware replaced ClearFake in 2024, infecting users via fake CAPTCHAs and trusted platforms.

The Hacker News