ICN DAILY INFOSEC

FOR THE STUDENTS, BY THE STUDENTS 10 JUNE 2025

ATTACKS & VULNERABILITIES ATTACKS & VULNERABILITIES ATTACKS & VULNERABILITIES

AT&T not sure if new 'PathWiper' Attack Hits Largest Ever Data Leak
customer data dump is déjà Critical Infrastructure In Exposes Over 4B Records (3
vu (2 minute read) Ukraine (3 minute read) minute read)
AT&T is investigating claims that Cisco Talos discovered Researchers have discovered an
86 million customer records, "PathWiper," a new Russian open 613GB database containing
reportedly containing birthdates, wiper malware targeting over 4 billion records. The
phone numbers, addresses, and Ukrainian critical infrastructure database contained numerous
44 million social security numbers, through legitimate endpoint data collections, including an
are being sold on cybercrime administration frameworks. 805M record database of
forums. The company says this Unlike previous wipers, WeChat records, a 780M record
appears to be repackaged data PathWiper programmatically database of addresses and
from previous breaches, possibly identifies all connected drives geographic data, banking
the 2024 Snowflake incident or an and network paths via APIs information, and MFA devices.
earlier 2021 theft, rather than a before overwriting data with However, the researchers could
new hack. random bytes, potentially more not analyze the dataset
CLICK TO READ MORE
destructive than tools like comprehensively as it was taken
HermeticWiper used in earlier down soon after discovery.
attacks. CLICK TO READ MORE
CLICK TO READ MORE
STRATEGIES & TACTICS

Vibe coding is here to stay. STRATEGIES & TACTICS

Can it ever be secure? (7 STRATEGIES & TACTICS
minute read) Business Email Compromise
The Cost of a Call: From Check List (4 minute read)
AI tools are making it easier and Voice Phishing to Data
faster for people to write code, Extortion (7 minute read) A Business Email Compromise
even with little experience. (BEC) incident response checklist
However, many experts worry Google Threat Intelligence Group for Office 365 outlines four
that this “vibe coding” approach (GTIG) reports on threat activity phases: isolate the compromised
will pose serious security risks. from a group tracked as account, contain the threat by
While AI coding grows fast, it still UNC6040. The group uses vishing resetting credentials and
struggles to make safe and to impersonate IT support removing unauthorized
reliable software. personnel in convincing attacks configurations, eradicate traces
targeting employees in of the attacker, and assess
CLICK TO READ MORE
multinational corporations into impact by reviewing sent emails
granting access or sharing and shared files. The response
credentials to their Salesforce includes immediate actions like
LAUNCHES & TOOLS platform. In many campaigns, disabling accounts and changing
the threat actors convince the passwords, followed by forensic
Mind (Product Launch) victim to add a modified version analysis, stakeholder notification,
of the bulk data import tool, and required regulatory
Mind provides real-time Salesforce Data Loader, which is reporting. Prevention through
detection capabilities, instantly modified to send the data to an proper security measures is
blocking malicious and attacker-controlled easier than incident response,
inadvertent attempts to infrastructure. but organizations must learn
exfiltrate sensitive information from incidents to strengthen
from an organization's CLICK TO READ MORE
defenses.
environment.
CLICK TO READ MORE
CLICK TO READ MORE
LAUNCHES & TOOLS

Auditor.codes (GitHub LAUNCHES & TOOLS

MISCELLANEOUS Repo)
Awesome BlackHat Tools
US Offering $10 Million Auditor.codes is a web platform (GitHub Repo)
Reward for RedLine where users learn to spot security
Malware Developer (2 bugs in real C/C++ code. It offers A curated list of tools officially
thousands of hands-on presented at Black Hat events.
minute read)
challenges, from basic to very CLICK TO READ MORE
The US State Department is hard, and tracks their progress.
offering up to $10 million for The site is still in early
information on Maxim development, so users are
Alexandrovich Rudometov, the encouraged to give feedback MISCELLANEOUS
alleged developer of RedLine and file bug reports.
malware that steals credentials Mandiant Flags Fake AI
CLICK TO READ MORE
and financial data. RedLine Video Generators Laced
infrastructure was disrupted in With Malware (2 minute
October 2024, but the malware read)
may remain active. MISCELLANEOUS
CLICK TO READ MORE
Mandiant has detected a new
Italian lawmakers say malware campaign that utilizes
Italy used spyware to social media ads to distribute
target phones of infostealers and backdoors. The
QUICK LINKS immigration activists, but campaign is spread by
advertising free access to
Popular Chrome Extensions not against journalist (5 popular AI video generators such
Found Leaking Data via minute read) as Luma AI, Canva Dream Lab,
Unencrypted Connections and Kling AI. After the user
An Italian parliamentary inputs a prompt, they are served
(3 minute read) investigation confirmed that the with one of the static malicious
government used Paragon's payloads that the site hosts.
Popular Chrome extensions were Graphite spyware to lawfully
discovered to leak user data via target activists involved in CLICK TO READ MORE
unencrypted HTTP connections, rescuing Mediterranean
exposing users to spying and immigrants. However, the
cyber threats, particularly on committee found no evidence
public Wi-Fi. that Italian agencies targeted QUICK LINKS
CLICK TO READ MORE journalist Francesco Cancellato, Over 20 Malicious Apps on
who received WhatsApp breach
notifications. Thus, questions Google Play Target Users
about who was responsible for for Seed Phrases (3 minute
surveilling the prominent read)
investigative reporter remain
unanswered. More than 20 fraudulent crypto
wallet apps on Google Play were
CLICK TO READ MORE identified as stealing users'
recovery phrases to access their
cryptocurrency funds.
QUICK LINKS CLICK TO READ MORE

I Read All Of Cloudflare's

Claude-Generated Commits
(4 minute read)
Max Mitchell found that while AI
primarily generated Cloudflare's
OAuth 2.1 library code, human
oversight remained essential for
debugging and strategic
guidance.
CLICK TO READ MORE

INDIAN COLLEGE NETWORK CONTACT US

Indian College Network (ICN) connects indiancollegenetwork@gmail.com
colleges across India, helping students and
professionals learn new technical skills, @IndCollegeNet
discover various tech and non-tech events @IndianCollegeNetwork
(both online and offline), and provides daily
technical newsletters Click To Chat