Infosec on Tenu Tech Brief

Infosec on Tenu Tech Brief https://cluster-site.onrender.com/tags/infosec/ Recent content in Infosec on Tenu Tech Brief Hugo -- 0.146.0 en-us Tue, 24 Feb 2026 06:03:41 +0000 RMM Abuse Explodes as Hackers Ditch Malware https://cluster-site.onrender.com/posts/rmm-abuse-explodes-as-hackers-ditch-malware/ Tue, 17 Feb 2026 21:01:26 +0000 https://cluster-site.onrender.com/posts/rmm-abuse-explodes-as-hackers-ditch-malware/ • RMM tools are increasingly used as primary attack vectors, replacing traditional malware. • Attackers leverage RMM’s remote access to maintain stealth and persistence. • RMM’s bu Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies https://cluster-site.onrender.com/posts/researchers-show-copilot-and-grok-can-be-abused-as-malware-c2-proxies/ Tue, 17 Feb 2026 18:08:00 +0000 https://cluster-site.onrender.com/posts/researchers-show-copilot-and-grok-can-be-abused-as-malware-c2-proxies/ • AI assistants like Copilot and Grok can be hijacked as stealthy C2 proxies, blending into legitimate traffic. • Check Point researchers demonstrated the technique using anonymous Password Managers Vulnerable to Vault Compromise Under Malicious Server https://cluster-site.onrender.com/posts/password-managers-vulnerable-to-vault-compromise-under-malicious-server/ Tue, 17 Feb 2026 09:30:46 +0000 https://cluster-site.onrender.com/posts/password-managers-vulnerable-to-vault-compromise-under-malicious-server/ • ETH Zurich researchers tested zero‑knowledge password managers against fully malicious servers. • Bitwarden, Dashlane, LastPass, and 1Password were evaluated. • Attacks targeted Please Don't Feed the Scattered Lapsus ShinyHunters https://cluster-site.onrender.com/posts/please-dont-feed-the-scattered-lapsus-shinyhunters/ Mon, 02 Feb 2026 16:15:16 +0000 https://cluster-site.onrender.com/posts/please-dont-feed-the-scattered-lapsus-shinyhunters/ • Scattered Lapsus ShinyHunters (SLSH) uses harassment, threats, even swatting to extort firms. • They notify journalists and regulators, amplifying pressure beyond typical ransomw Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088 https://cluster-site.onrender.com/posts/diverse-threat-actors-exploiting-critical-winrar-vulnerability-cve-2025-8088/ Tue, 27 Jan 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/diverse-threat-actors-exploiting-critical-winrar-vulnerability-cve-2025-8088/ • CVE-2025-8088: critical path traversal flaw in WinRAR allows arbitrary file writes via ADS. • Exploited by state-backed actors from Russia, China and financially motivated groups