For #WorldOctopusDay 🐙on a #Woodensday:
#Octopus and #Rat by Kuki Sii, Tongan artist
wood carving w/ shell
Sydney, Australia c.1970
+
The Rat and the Octopus book by Temukisa Lelemia, Ill. by Murray Grimsdale
Wellington, NewZealand 1998

seen on display at AMNH NYC

#CephalopodAwarenessDays

🐀 Rotterdam koopt fretten tegen rattenplaag, gevangen ratten doodbijten door honden 'te wreed'

Rotterdam kampt met flinke overlast van ratten: in de eerste helft van dit jaar kwamen ruim 1500 meldingen binnen van bewoners.

https://www.ad.nl/rotterdam/rotterdam-koopt-fretten-tegen-rattenplaag-gevangen-ratten-doodbijten-door-honden-te-wreed~aca60c37/ (https://archive.ph/clY1I)

#Rotterdam #rat #rattenplaag

Nezha Tool Used in New Cyber Campaign Targeting Web Applications

A sophisticated cyber campaign utilizing the open-source Nezha tool has been discovered targeting vulnerable web applications since August 2025. Attackers gained access through an exposed phpMyAdmin panel, employing creative log poisoning techniques to implant a PHP web shell. The intrusion involved the use of AntSword for server control, followed by the installation of Nezha agent and Ghost RAT malware. This marks the first public report of Nezha being used for web server compromises. The campaign, linked to China-based infrastructure, affected over 100 systems, primarily in Taiwan, Japan, South Korea, and Hong Kong. Attackers used Nezha to disable Windows Defender and deploy Ghost RAT, establishing persistence under the name 'SQLlite'. Recommendations include patching public-facing applications, implementing authentication, and improving detection for post-exploitation activities.

Pulse ID: 68e68274cd83b867a1eb6dc7
Pulse Link: https://otx.alienvault.com/pulse/68e68274cd83b867a1eb6dc7
Pulse Author: AlienVault
Created: 2025-10-08 15:25:40

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#China #CyberSecurity #HongKong #InfoSec #Japan #Korea #Malware #OTX #OpenThreatExchange #PHP #RAT #RCE #SQL #SouthKorea #Windows #Word #bot #phpMyAdmin #AlienVault

Shuyal Stealer: Advanced Infostealer Targeting 19 Browsers

Shuyal Stealer is a sophisticated infostealer malware targeting 19 different browsers. It conducts deep system reconnaissance, collecting detailed hardware information and user data. The malware disables Windows Task Manager, ensures persistence through startup folder insertion, and exfiltrates stolen data via a Telegram bot. Shuyal's capabilities include credential harvesting from multiple browsers, clipboard capture, screenshot taking, and Discord token theft. It employs evasion techniques like self-deletion and uses PowerShell for data compression. The malware's wide-ranging browser targets and extensive data collection make it a significant threat to user privacy and system security.

Pulse ID: 68e68278a0b8b21ac7e1edb7
Pulse Link: https://otx.alienvault.com/pulse/68e68278a0b8b21ac7e1edb7
Pulse Author: AlienVault
Created: 2025-10-08 15:25:44

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #Clipboard #CredentialHarvesting #CyberSecurity #Discord #ELF #InfoSec #InfoStealer #Malware #OTX #OpenThreatExchange #PowerShell #Privacy #RAT #Telegram #Windows #bot #AlienVault

APT Meets GPT: Targeted Operations with Untamed LLMs

Over the course of three months, Volexity observed UTA0388 using various themes and fictional identities across dozens of spear phishing campaigns. As time passed, Volexity observed UTA0388 broaden their targeting and send emails in a variety of different languages, including English, Chinese, Japanese, French, and German. In most cases, the initial email sent by UTA0388 contained a link to phishing content hosted on a cloud-based service that would lead to malware.

Pulse ID: 68e68c8d506e04cc0474a83b
Pulse Link: https://otx.alienvault.com/pulse/68e68c8d506e04cc0474a83b
Pulse Author: AlienVault
Created: 2025-10-08 16:08:44

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Chinese #Cloud #CyberSecurity #Email #InfoSec #Japan #Malware #OTX #OpenThreatExchange #Phishing #RAT #SpearPhishing #bot #AlienVault

The Evolution of Qilin RaaS

Qilin ransomware is used for domain-wide encryption, and a ransom is then demanded for the decryption keys and/or to prevent the publication of the stolen data. Qilin affiliates are recruited from cybercrime forums to use the Qilin RaaS platform, which handles payload generation, the publication of stolen data, and ransom negotiations.

Pulse ID: 68e69076a95f1726dd5d19eb
Pulse Link: https://otx.alienvault.com/pulse/68e69076a95f1726dd5d19eb
Pulse Author: AlienVault
Created: 2025-10-08 16:25:25

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberCrime #CyberSecurity #Encryption #InfoSec #OTX #OpenThreatExchange #RAT #RaaS #RansomWare #bot #AlienVault