βΌοΈ We were attacked:
Someone executed a targeted attack against us and tried to phish us, impersonating X.
The email was sent to our X account email yesterday through actions-x[.]com, immediately after the domain was registered.
Some info on the domain. You can see it was registered yesterday, and it's enjoying @Cloudflare protection as wel as @ImprovMX mail services.
We were never compromised. We had already taken precautions against attacks like these, and have since taken extra measures.
Someone executed a targeted attack against us and tried to phish us, impersonating X.
The email was sent to our X account email yesterday through actions-x[.]com, immediately after the domain was registered.
Some info on the domain. You can see it was registered yesterday, and it's enjoying @Cloudflare protection as wel as @ImprovMX mail services.
We were never compromised. We had already taken precautions against attacks like these, and have since taken extra measures.
π€―17π8π€£4π±2β€1
π¨βΌοΈ BREAKING: Adobe has been breached by threat actor Mr. Raccoon, leaking 13 million support tickets with personal data, 15,000 employee records, all HackerOne submissions, internal documents and more.
Mr. Raccoon gained access through an Indian BPO, first deploying a remote access tool on an employee, then phishing their manager.
Mr. Raccoon told us: "They allowed you to export all tickets in one request from an agent."
We've reviewed multiple files confirming the scope of the breach. Among the details: Mr. Raccoon gained webcam access on the targeted employee through a RAT delivered via email and also obtained private conversations through WhatsApp.
Mr. Raccoon gained access through an Indian BPO, first deploying a remote access tool on an employee, then phishing their manager.
Mr. Raccoon told us: "They allowed you to export all tickets in one request from an agent."
We've reviewed multiple files confirming the scope of the breach. Among the details: Mr. Raccoon gained webcam access on the targeted employee through a RAT delivered via email and also obtained private conversations through WhatsApp.
π€£24β€4π₯΄3π₯1π€―1
βοΈ Tracker updated -> 4 new verified breaches added:
πΊπΈ S&P Global (verified)
πΊπΈ Mercor AI (verified)
πΊπΈ Lightning AI (verified)
π©πͺ ownCloud (verified)
Total identified alleged victims: 61
teampcp.cyberdigest.international π
πΊπΈ S&P Global (verified)
πΊπΈ Mercor AI (verified)
πΊπΈ Lightning AI (verified)
π©πͺ ownCloud (verified)
Total identified alleged victims: 61
teampcp.cyberdigest.international π
π₯6β€3π©1
European Commission has been added to the tracker and confirmed, bringing the total to 62 alleged victims.
https://cert.europa.eu/blog/european-commission-cloud-breach-trivy-supply-chain
Tracker: https://teampcp.cyberdigest.international/
https://cert.europa.eu/blog/european-commission-cloud-breach-trivy-supply-chain
Tracker: https://teampcp.cyberdigest.international/
π€£1
βΌοΈ The axios lead maintainer has gone public on how he was socially engineered into installing the malware behind the npm supply chain attack.
We have example images showing exactly how the attack was staged.
We have example images showing exactly how the attack was staged.
π8π7π€―1π€£1
π¨βΌοΈ Mercor has paid ransom to ShinyHunters following the LiteLLM supply chain breach compromise.
Mercor works with major AI companies including OpenAI and Anthropic to train AI models.
Mercor works with major AI companies including OpenAI and Anthropic to train AI models.
β€11π±1