A student from Bangladesh is behind a new botnet targeting WordPress and cPanel servers Websites are infected with the Beima PHP web shell and then rented to other threat actors for up to $200

The Webshell Underground: Student Hacker Selling PHP Backdoors To Asia-Based Threat Actors To Pay for School

Howler Cell uncovers a student-run PHP backdoor operation, selling website access to fund education. Further investigation exposes an underground m...

Following criticism, the Indian government says citizens can uninstall the app any time they want It will still remain mandatory on new devices... but will not be unremovable like that Facebook crap https://www.pib.gov.in/PressReleasePage.aspx?PRID=2198110&reg=3&lang=1 View quoted note →

Congressman August Pfluger, R-Texas, introduced a bill this week named the Cyber Deterrence and Response Act that creates a unified federal process to identify, attribute, and sanction state-sponsored cyber actors

Congressman August Pfluger

Rep. Pfluger Introduces Bill to Protect America's Critical Infrastructure

ClearSky has spotted the Gamaredon APT deploying the GamaWiper in data-wiping attacks at Ukrainian organizations. The attacks leveraged a WinRAR vulnerability tracked as CVE-2025-80880. https://nitter.catsarch.com/ClearskySec/status/1995061537183011084

ANY.RUN says activity from the Salty2FA phishing service collapsed in October and payloads now seem to overlap with the IOCs of another service named Tycoon2FA.

Salty2FA & Tycoon2FA: Hybrid Phishing Threat

A Salty2FA–Tycoon2FA hybrid is hitting inboxes worldwide. See how it formed, why attribution is breaking, and the updates SOC teams need now.

India orders online IM apps to link user accounts to a SIM card

The Economic Times

Why your WhatsApp Web may now log out every six hours - The Economic Times

Under the new rule, the DoT requires messaging apps, including WhatsApp, Telegram, and Signal, to implement "SIM binding", i.e., linking of service...

India has ordered smartphone makers to pre-install the government's Sanchar Saathi app. The app is available for Android and iOS and allows users to report fraud and spam. https://www.pib.gov.in/PressReleasePage.aspx?PRID=2197140&reg=3&lang=2