Yesterday, Israeli police prevented Catholic leaders from entering the Church of the Holy Sepulchre to celebrate mass on the Christian holiday of Palm Sunday for the first time in centuries, the Latin Patriarchate said

And you thought they just hated Muslims

Qilin listed Dow.

#ransomware

Good morning Fedi friends!

A routine reminder that I've been running a series of #blog posts - "a newbie's guide to #selfhosting with #YunoHost" - and so far I've published 5 articles:

🔗 : https://blog.elenarossini.com/a-newbies-guide-to-self-hosting-with-yunohost/

Every week I receive messages from people mentioning how my guide helped them embark on their self-hosting journey. This makes me SO HAPPY, thank you!

I wonder if you have requests for future articles? Or do you think the series is now complete?

Top 10 last week's threats by uploads 🌐
⬇️ #Stealc 581 (600)
⬇️ #Asyncrat 493 (541)
⬇️ #Xworm 460 (509)
⬆️ #Remcos 389 (272)
⬆️ #Vidar 371 (368)
⬇️ #Gh0st 274 (298)
⬆️ #Salatstealer 243 (195)
⬆️ #Quasar 221 (185)
⬆️ #Lokibot 217 (119)
⬇️ #Agenttesla 196 (216)
Explore malware in action: https://app.any.run/?utm_source=mastodon&utm_medium=post&utm_campaign=top_ten&utm_term=300326&utm_content=linktoregister#register

#cybersecurity #infosec

RE: https://social.heise.de/@heiseonlineenglish/116316847500488516

“Oh, we murdered 100 kids? Oh, that's unfortunate.

We just had some stale data in our Palantir Project Maven data lake that was used by our ‘highly accelerated, software-supported targeting process’. We'll clear the cache sometimes.”

(sekoia.io) EvilTokens: A New Phishing-as-a-Service Platform Weaponizing Microsoft Device Code Authentication

New PhaaS platform EvilTokens weaponizes Microsoft OAuth 2.0 Device Code flow for large-scale M365 account takeovers. Active since Feb 2026, it enables BEC operators to harvest refresh tokens, convert them to PRTs, and hijack SSO sessions without MFA.

In brief - EvilTokens is a Phishing-as-a-Service platform exploiting Microsoft device code authentication to enable persistent Microsoft 365 account access. It has been adopted by BEC threat actors globally, leveraging Telegram bots and Cloudflare Workers to deliver phishing pages impersonating Adobe, DocuSign, and SharePoint.

Technically - EvilTokens abuses the OAuth 2.0 Device Authorization Grant using first-party client IDs (e.g., Microsoft Office). The backend exposes REST API endpoints for device code initiation (/api/device/start), token polling (/api/device/status/:sessionId), PRT conversion (/api/prt/convert), and OWA session cookie generation (/api/prt/owa-session). Harvested refresh tokens are converted to PRTs, enabling silent SSO hijacking via x-ms-RefreshTokenCredential cookies. Phishing pages use AES-GCM encrypted HTML with an X-Antibot-Token header for bot detection. Tracking via URL patterns, headers, and provided YARA rules is possible.

Source: https://blog.sekoia.io/new-widespread-eviltokens-kit-device-code-phishing-as-a-service-part-1/

#Cybersecurity #ThreatIntel

Perseverance on the move, westward and further away from the rim of Jezero Crater

📷 https://areo.info/mars20/ecams/1815/

#Mars #Perseverance #NorthernRimCampaign #LacDeCharmes #rover #Sol1815 #PerseveranceRover #science #news #geology #astrodon #photography #Jezero #crater #JezeroCrater #space

Hey folks, Apple's finally giving in & letting me do depositions for the retaliation lawsuit, but they left me with only two weeks & its going to be very expensive (at least ~$1k/each).

Want to see Employee Retaliations. Workplace Violence, or my crappy bosses deposed about Apple harassing, retaliating, suspending, & firing me?

Please consider donating:
https://www.ashleygjovik.com/donate.html