- X’s InfoSec Newsletter
- Topics
- threat intelligence
threat intelligence
![🕵🏻♂️ [InfoSec MASHUP] 26/2025](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/ab407690-3f0c-4109-add5-5e9bf75e0e54/landscape_infosecMASHUP-substack-banner.png)
🕵🏻♂️ [InfoSec MASHUP] 26/2025
The U.S. Department of Homeland Security has warned about increased cyberattack risks from Iranian hacking groups; Hackers linked to the Chinese government exploited a serious vulnerability in a Canadian telecom provider; A Russian court released four members of the REvil ransomware gang after they served their time; The U.S. House of Representatives has banned WhatsApp on staff devices; New malware called SparkKitty was discovered in apps on Google Play and the Apple App Store;
🕵🏻♂️ [InfoSec MASHUP] 25/2025
The Washington Post experienced a cyberattack that compromised the email accounts of several journalists; The U.K. watchdog fined 23andMe £2.31 million; UBS Confirms Data Stolen After Hack at External Supplier; Over 1,500 Minecraft players have been infected by a new Java malware; Researchers say AI hacking tools sold online were powered by Grok, Mixtral;
🕵🏻♂️ [InfoSec MASHUP] 24/2025
SentinelOne Reported That It Faced A Year-long Campaign Of Cyberespionage From Chinese Threat Actors; A New Attack Called "SmartAttack" Uses Smartwatches To Secretly Steal Data From Air-gapped Systems; Interpol Has Dismantled Over 20,000 Malicious Ip Addresses Linked To 69 Types Of Malware; Researchers Found Five Zero-day Vulnerabilities And 15 Common Misconfigurations In Salesforce Industry Cloud; OpenAI Has Banned ChatGPT Accounts Linked To Russian, Iranian, And Chinese Hacker Groups;
🕵🏻♂️ [InfoSec MASHUP] 23/2025
Cartier announced a data breach; Microsoft and CrowdStrike are working together to connect the different names used for hacking groups; German authorities have identified Vitaly Nikolaevich Kovalev as the leader of the TrickBot cybercrime gang; Over 30 Vulnerabilities Patched in Android; Microsoft has launched a free European Security Program to enhance cybersecurity for EU governments; Microsoft Helps India CBI Dismantle Indian Call Centers;
🕵🏻♂️ [InfoSec MASHUP] 22/2025
Github’s MCP Leaks Date From Private Repositories; Adidas Announced Data Breach Through 3rd-Party; Russian “Void Blizzard” Has Been Linked to a Security Breach of the Dutch Police; Researchers Believe the Spanish Government Was Behind a Hacking Group Called “Careto”; Authorities in Pakistan Arrested 21 People Linked to a Malware Service Called “Heartsender”; The White House Is Investigating a Hack of Chief of Staff Susie Wiles’ Personal Phone;
🕵🏻♂️ [InfoSec MASHUP] 21/2025
UAE Recruiting US Personnel Displaced by DOGE to Work on AI for its Military; Madhu Gottumukkala New Deputy Director of CISA; New metric called Likely Exploited Vulnerabilities (LEV) introduced; European Union sanctions Stark Industries for enabling cyberattacks; Signal now blocks Microsoft Recall screenshots on Windows 11; The FBI and Europol have disrupted the Lumma Stealer malware network; DanaBot malware operation taken down;
🕵🏻♂️ [InfoSec MASHUP] 20/2025
Twilio denied being breached; Ransomware could soon target CPUs; Marks & Spencer has confirmed that hackers stole customers' personal data; Coinbase says customers’ personal information stolen in data breach; Google has agreed to pay $1.375 billion to Texas to settle claims;
🕵🏻♂️ [InfoSec MASHUP] 18/2025
France has linked Russian APT to 12 cyberattacks on French Orgs.; Cybersecurity experts demand the reinstatement of Chris Krebs' security clearances and the withdrawal of the investigation; Vulnerabilities in Apple's AirPlay Protocol; New York's Metropolitan Transportation Authority plans to use AI and cameras to detect potential subway crimes before they happen; SentinelOne Targeted by Chinse PurpleHaze Group; Microsoft sets all new Accounts passwordless by Default; The Trump administration plans to cut $491 million from CISA's budget;
🕵🏻♂️ [InfoSec MASHUP] 17/2025
Two top officials from CISA resigned; U.S. Defense Secretary Pete Hegseth caught in another information leak; Yearly Threat Intelligence Reports Released; U.S. lost record $16.6 billion to cybercrime in 2024; 5.5 Million Patients Affected by Data Breach at Yale New Haven Health; VulnCheck spotted 159 actively exploited vulnerabilities in first few months of 2025; FBI is seeking public help to identify Chinese hackers known as Salt Typhoon and offers $10 million reward;
🕵🏻♂️ [InfoSec MASHUP] 16/2025
The European Commission is providing staff with burner phones and laptops for trips to the US; China is pursuing three alleged U.S. operatives for cyberattacks on its infrastructure; A whistleblower revealed that DOGE may have accessed sensitive labor data from the National Labor Relations Board (NLRB); A new ransomware called "DOGE BIG BALLS"; The U.S. government is ending funding for the Common Vulnerabilities and Exposures (CVE) program... and reverses course, extends MITRE CVE contract;
🕵🏻♂️ [InfoSec MASHUP] 15/2025
The U.S. Department of Justice has disbanded its National Cryptocurrency Enforcement Unit; To tackle espionage, Dutch government plans to screen university students and researchers; Another busy Patch Tuesday; NIST will mark all CVEs published before January 1, 2018, as 'Deferred'; Trump Signs Memorandum Revoking Security Clearance of Former CISA Director Chris Krebs; China Admitted to Volt Typhoon Cyberattacks on US Critical Infrastructure;