Archive
malware
+5
![🕵🏻♂️ [InfoSec MASHUP] 05/2026](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=720,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/ab407690-3f0c-4109-add5-5e9bf75e0e54/landscape_infosecMASHUP-substack-banner.png)
Jan 31, 2026
•
16 min read
🕵🏻♂️ [InfoSec MASHUP] 05/2026
Trump’s acting cybersecurity chief uploaded sensitive government docs to ChatGPT; Hugging Face abused to spread thousands of Android malware variants; Former Google engineer was convicted for stealing over 2,000 AI-related trade secret documents; France fined its national employment agency €5 million after the 2024 data breach; Google disrupted a China-based residential proxy network;
malware
+5
Jan 24, 2026
•
13 min read
🕵🏻♂️ [InfoSec MASHUP] 04/2026
LastPass warns of a phishing campaign pretending to be LastPass; Under Armour investing breach; Jordanian authorities used Cellebrite phone-cracking tools to extract data from activists’ phones without consent; Ireland plans a new law to let police use spyware; Moxie Marlinspike launched Confer, a ChatGPT-like service built to protect user privacy; Attackers exploiting critical Fortinet FortiCloud flaw; Russian government hackers likely tried to knock out parts of Poland’s power grid;
malware
+5
Jan 17, 2026
•
14 min read
🕵🏻♂️ [InfoSec MASHUP] 03/2026
BreachForums had its user database leaked; RedVDS Infrastructure seized by Microsoft and Law Enforcement; Europol and Spanish police arrested 34 people linked to the Black Axe; New modular Linux malware framework called VoidLink; MongoBleed, a critical, unauthenticated MongoDB memory-leak vulnerability; Microsoft Patch Tuesday addresses 112 defects, including one actively exploited zero-day;
malware
+5
Dec 19, 2025
•
12 min read
🕵🏻♂️ [InfoSec MASHUP] 51/2025
France's Interior Ministry Breached; European authorities dismantled a Ukraine-based call center fraud ring; Eight browser extensions with over 8 million installs collect full AI conversations and sell them; Google linked five more Chinese hacking groups to attacks exploiting the severe React2Shell flaw;
malware
+5
Dec 12, 2025
•
17 min read
🕵🏻♂️ [InfoSec MASHUP] 50/2025
New Prompt Injection Attack Vectors Through MCP Sampling; Insights from Internal DPRK Chat Logs; North Korean hackers exploit React2Shell flaw in EtherRAT malware attacks; MITRE Posts Results of 2025 ATT&CK Enterprise Evaluations; The UK cyber agency warns large language models are inherently vulnerable to prompt injection; The UK fined LastPass £1.2 million after a 2022 breach exposed data and encrypted vaults; Germany accuses Russia of 2024 cyber attack and election disinformation campaign;
malware
+5
Dec 5, 2025
•
16 min read
🕵🏻♂️ [InfoSec MASHUP] 49/2025
European authorities shut down Cryptomixer and seized about $28 million in Bitcoin; India plans to verify and record every smartphone in circulation... and rolls back; Vulnerability in OpenAI’s Codex CLI; Microsoft Silently Mitigated Exploited LNK Vulnerability; Russia blocks FaceTime and Snapchat over use in terrorist attacks; Chinese Hackers Started Exploiting React2Shell Vulnerability;
malware
+5
Nov 28, 2025
•
13 min read
🕵🏻♂️ [InfoSec MASHUP] 48/2025
OpenAI says some user data was exposed in a Mixpanel breach; Gainsight says more customers were affected by suspicious activity tied to its Salesforce apps; The House Homeland Security Committee asked Anthropic CEO Dario Amodei to testify about a likely Chinese espionage campaign; The self-replicating worm called Shai-Hulud is back; French Soccer Federation Hit by Cyberattack, Member Data Stolen;
malware
+5
Nov 22, 2025
•
14 min read
🕵🏻♂️ [InfoSec MASHUP] 47/2025
Jaguar Land Rover Hack Cost $260 Million; Fortinet warns of new FortiWeb zero-day exploited in attacks; Dozens of groups call for governments to protect encryption; Five Eyes nations and the Netherlands sanctioned two bulletproof hosting providers; Hundreds of Salesforce customers hit by yet another third-party vendor breach;