Skip to main content

Posts

Showing posts from October, 2025

Latest Cybersecurity News

Why Your Microsoft 365 Login is at Risk: New Phishing Attack Hides in Azure Blob Storage

  CYBERDUDEBIVASH • ThreatWire Published: October 19, 2025 Why Your Microsoft 365 Login is at Risk: New Phishing Attack Hides in Azure Blob Storage www.cyberdudebivash.com • cyberdudebivash-news.blogspot.com • cyberbivash.blogspot.com • cryptobivash.code.blog https:// contoso .blob.core.windows.net Container: landing Static Website: Enabled SAS Token: ?sv=... index.html → OK login.microsoftonline.com (spoof) htt ps:// contoso.z13.web.core.windows.net /SignIn/ Email or phone Password Sign in → posts creds to C2 HTML smuggling / Redirect Attackers host pixel-perfect Microsoft 365 sign-ins on Azure Blob Static Websites to bo...
Post a Comment
Read more

Why Your Microsoft 365 Login is at Risk: New Phishing Attack Hides in Azure Blob Storage

  CYBERDUDEBIVASH • ThreatWire Published: October 19, 2025 Why Your Microsoft 365 Login is at Risk: New Phishing Attack Hides in Azure Blob Storage www.cyberdudebivash.com • cyberdudebivash-news.blogspot.com • cyberbivash.blogspot.com • cryptobivash.code.blog https:// contoso .blob.core.windows.net Container: landing Static Website: Enabled SAS Token: ?sv=... index.html → OK login.microsoftonline.com (spoof) htt ps:// contoso.z13.web.core.windows.net /SignIn/ Email or phone Password Sign in → posts creds to C2 HTML smuggling / Redirect Attackers host pixel-perfect Microsoft 365 sign-ins on Azure Blob Static Websites to bo...
Post a Comment
Read more

Inside the Oracle Hacking Campaign: How a Supply Chain Attack Compromised American Airlines' Envoy

  CYBERDUDEBIVASH • ThreatWire Published: October 19, 2025 Volkswagen's Ransomware Crisis: Did 8Base Steal Vehicle Blueprints and Customer Data? www.cyberdudebivash.com • cyberdudebivash-news.blogspot.com • cyberbivash.blogspot.com • cryptobivash.code.blog Vehicle CAD / BOM / ECU maps Ransomware Leak site / Brokers Customer PII / Telematics Ransomware impact often combines encryption with theft of IP (CAD/BOM/ECU) and customer data—then extortion via leak sites. TL;DR: A ransomware event attributed by criminal claims to 8Base is alleged to involve theft of sensitive files tied to a major automaker. Details are still emerging. Treat this as a dual-crisis : potential disruption to engineering and...
Post a Comment
Read more

Volkswagen's Ransomware Crisis: Did 8Base Steal Vehicle Blueprints and Customer Data?

  CYBERDUDEBIVASH • ThreatWire Published: October 19, 2025 Volkswagen's Ransomware Crisis: Did 8Base Steal Vehicle Blueprints and Customer Data? www.cyberdudebivash.com • cyberdudebivash-news.blogspot.com • cyberbivash.blogspot.com • cryptobivash.code.blog Design & CAD Docs Manufacturing SOP • ECU firmware • Supplier BOM • Telemetry Encrypted & Exfil IR • Segmentation • Restore Ransomware playbook: encrypt on-prem/edge, steal design docs & PII, then extort with leaks. TL;DR: A claimed 8Base ransomware hit on Volkswagen raises two existential risks: (1) theft of design/CAD and supplier BOMs that erode competitive advantage, and (2) ...
Post a Comment
Read more

How a Simple Zimbra SSRF Vulnerability Led to Mass Data Theft

  CYBERDUDEBIVASH • ThreatWire Published: October 18, 2025 40,000 SIMs Seized: The Alarming Rise of SMS Fraud and What This Massive Takedown Means for You www.cyberdudebivash.com • cyberdudebivash-news.blogspot.com • cyberbivash.blogspot.com • cryptobivash.code.blog SIM Farm (GoIP / modem banks) IMEI rotation • SMS APIs Fake KYC • Grey routes OTP Bot / Phishing Panel Lures • Fake login pages SMS relay • One-click kits Victim Accounts Bank • Wallet • Email A2P abuse • ATO High-level illustration of SIM-farm–enabled OTP interception & account takeover. TL;DR: Authorities seized over 40,000 SIM cards from large-scale “SIM far...
Post a Comment
Read more

Beyond 7-Zip: A Deep Dive into Archive Utility Security and Supply Chain Risks

  CYBERDUDEBIVASH • ThreatWire Published: October 18, 2025 PoC Drops for 7-Zip RCE — What Defenders Must Do Right Now (No Exploit Code) www.cyberdudebivash.com • cyberdudebivash-news.blogspot.com • cyberbivash.blogspot.com • cryptobivash.code.blog Mal icious Archive Spear-phish / drive-by 7-Zip Handler Vulnerable code path Code Execution Persistence / Lateral High-level flow only. No weaponization details. TL;DR: Public proof-of-concepts claim remote code execution against certain 7-Zip code paths using crafted archives. We do not share exploit code. Enterprise defenders should patch or replace vulnerable builds , control file-handler associations, harden endpoint policies (ASR/AppLocker), and deploy targeted detections to catch archive-triggered execut...
Post a Comment
Read more

Adobe AEM Hit by Critical Flaw (CVE-2025-54253) — Why CISA Issued an Emergency Alert for Active Exploitation

  CYBERDUDEBIVASH • ThreatWire Published: October 17, 2025 EMERGENCY: Adobe AEM Hit by Critical Flaw (CVE-2025-54253) — Why CISA Issued an Alert for Active Exploitation www.cyberdudebivash.com • cyberdudebivash-news.blogspot.com • cyberbivash.blogspot.com • cryptobivash.code.blog Attacker Crafted HTTP payload Abuses vulnerable AEM endpoint AEM Dispatcher Reverse proxy / cache Misconfig → pass-through Adobe Experience Manager /libs, /apps endpoints Potential RCE / path traversal Webshell Data theft • Lateral Typical AEM attack path: crafted request pierces the dispatcher to a vulnerable AEM endpoint, leading to remote code execution and webshell drop if not patched and tightly filter...
Post a Comment
Read more

EMERGENCY PATCH: Critical Zimbra SSRF Flaw Exposes Servers to Attack via Chat Proxy Configuration

  CYBERDUDEBIVASH • ThreatWire Published: October 17, 2025 EMERGENCY PATCH: Critical Zimbra SSRF Flaw Exposes Servers to Attack via Chat Proxy Configuration www.cyberdudebivash.com • cyberdudebivash-news.blogspot.com • cyberbivash.blogspot.com • cryptobivash.code.blog Interne t / Attacker Crafted URL → Chat Proxy SSRF payload (http://127.0.0.1:7071) Zimbra Server Chat Proxy / Reverse Proxy Improper URL validation Internal Admin • IMAP • Metadata An SSRF bug lets crafted chat-proxy requests pivot into localhost/inside ports, risking credential theft and admin takeover. TL;DR: A critical Server-Side Request Forgery (SSRF) in Zimbra’s Chat/Proxy configuration can be abused to make the server reach localhost and interna...
Post a Comment
Read more
Powered by CyberDudeBivash