Metacurity
- 4.7K Followers
- 983 Following
- 14.8K Posts
Metacurity.com (https://metacurity.com) is the one-stop destination for leading infosec news and cybersecurity developments. Run by infosec writer and columnist Cynthia Brumfield, Metacurity draws from thousands of sources every day to deliver aggregated summaries of the latest infosec developments. If anyone wants to get in touch with me, on or off the record, you can reach me at cynthia [at] digitalcrazytown.com or on Signal via Cynthia.507. Sign up for our free daily emails at https://www.metacurity.com. Searchable
According to Mandiant's latest threat data, the median time between an initial access event and the hand-off to a secondary threat group dropped from more than 8 hours in 2022 to only 22 seconds in 2025.
Check out my latest CSO report for more insights on how attacker dwell time rose, voice phishing topped email phishing, and threat actors increasingly targeted backup and identity systems.
Faster attacks and ‘recovery denial’ ransomware reshape threat landscape
https://www.csoonline.com/article/4148705/faster-attacks-and-recovery-denial-ransomware-reshape-threat-landscape.html
Check out today's Metacurity for the most critical infosec developments you might have missed over the weekend, including
--Russian spies hijack Signal and WhatsApp accounts in campaign targeting officials and journalists,
--Supply chain attack compromised Trivy vulnerability scanner,
--UK Financial Conduct Authority gave Palantir access to sensitive data,
--Hackers stole $23m in Ether from DeFi protocol Resolv Labs,
--Bluenoroff group stole 18.5k purchase records from gift card platform Bitrefill,
--INC claims theft of 500 GB of sensitive data from Namibia Airports Company,
--LA Metro shut down parts of its computer system following security concern,
--Fancy Bear targeted Ukrainian government agency by exploiting Zimbra webmail flaw,
--Hackers reportedly gained access to Crunchyroll ticketing system in supply chain attack,
--Fairfield City Council in Western Sydney hit by ransomware attack,
--Korea's top domestic lending company hit by a cyberattack,
--Cloaked raised $375m in new funding rounds,
--Krypt3ia pulls back the curtain on MuddyWater,
--University of Mississippi Medical Center lost 20% of revenue in cyberattack
https://www.metacurity.com/russian-spies-hijack-signal-and-whatsapp-accounts-in-campaign-targeting-officials-and-journalists/
Russian spies hijack Signal and WhatsApp accounts in campaign targeting officials and journalists
Supply chain attack compromised Trivy vulnerability scanner, UK Financial Conduct Authority gave Palantir access to sensitive data, Hackers stole $23m in Ether from DeFi protocol Resolve Labs, Bluenoroff group stole 18.5k purchase records from gift card platform Bitrefill, much more
https://www.hope.net/
The HOPE conference is returning to Manhattan!
The HOPE conference is returning to Manhattan!
Check out today's Metacurity for the most critical infosec developments you might have missed over the weekend, including
--Russian spies hijack Signal and WhatsApp accounts in campaign targeting officials and journalists,
--Supply chain attack compromised Trivy vulnerability scanner,
--UK Financial Conduct Authority gave Palantir access to sensitive data,
--Hackers stole $23m in Ether from DeFi protocol Resolv Labs,
--Bluenoroff group stole 18.5k purchase records from gift card platform Bitrefill,
--INC claims theft of 500 GB of sensitive data from Namibia Airports Company,
--LA Metro shut down parts of its computer system following security concern,
--Fancy Bear targeted Ukrainian government agency by exploiting Zimbra webmail flaw,
--Hackers reportedly gained access to Crunchyroll ticketing system in supply chain attack,
--Fairfield City Council in Western Sydney hit by ransomware attack,
--Korea's top domestic lending company hit by a cyberattack,
--Cloaked raised $375m in new funding rounds,
--Krypt3ia pulls back the curtain on MuddyWater,
--University of Mississippi Medical Center lost 20% of revenue in cyberattack
https://www.metacurity.com/russian-spies-hijack-signal-and-whatsapp-accounts-in-campaign-targeting-officials-and-journalists/
Russian spies hijack Signal and WhatsApp accounts in campaign targeting officials and journalists
Supply chain attack compromised Trivy vulnerability scanner, UK Financial Conduct Authority gave Palantir access to sensitive data, Hackers stole $23m in Ether from DeFi protocol Resolve Labs, Bluenoroff group stole 18.5k purchase records from gift card platform Bitrefill, much more
rickfSamsung 'smart' fridge lets users disable ads, but by doing so, they disable the widget that also shows news, the weather and a calendar. #darkpattern
"Wanting to keep the widget but not the ads, the 49-year-old in Edgewater, Md., made sure his home router’s ad-blocking software extended to his fridge. He hasn’t seen another since."
(free link)
South Korea continues to take it on the chin.
Personal and credit information was leaked after NRL Capital Lend, a 100% subsidiary of The LEADCORP, the No. 1 domestic lending company in the country, was hit by a hacking attack.
https://biz.chosun.com/en/en-finance/2026/03/22/QN57OMWVMJG6BP6VIBN6IA42XI/
The Namibia Airports Company (NAC) has fallen victim to a major cybersecurity breach, with the INC ransomware group claiming to have stolen half a terabyte of sensitive data.
https://economist.com.na/105290/technology/inc-ransomware-group-target-airports-company-500gb-of-data-at-risk/
https://economist.com.na/105290/technology/inc-ransomware-group-target-airports-company-500gb-of-data-at-risk/
"In a matter of minutes, an attacker was able to mint tens of millions of Resolv’s unbacked stablecoins (USR) and extract roughly $25 million in value, triggering a sharp de-peg and forcing the protocol to halt operations."
https://www.chainalysis.com/blog/lessons-from-the-resolv-hack/
https://www.chainalysis.com/blog/lessons-from-the-resolv-hack/
A Western Sydney council, Fairfield City, has been completely pwned by ransomware. It has been granted an injunction to stop people publishing stolen data, as well as a suppression order over details, including the council's communications with the hackers.
https://thesizzle.com.au/p/meta-s-metaverse-is-dead-western-sydney-city-council-hacked-and-satellite-image-providers-pressured
https://thesizzle.com.au/p/meta-s-metaverse-is-dead-western-sydney-city-council-hacked-and-satellite-image-providers-pressured
