All posts by John Doe

■■□□□ Privacy: YouTube admits to having censored people during the COVID pandemic and for political reasons. Offers terminated creators the opportunity to rejoin the platform.

■■□□□ United States: Secret Service raid and dismantle 300 SIM servers with over 100,000 SIM cards, in NYC, as part of an investigation into telecom threats.

■■■■■ CVE-2025-55241: Microsoft Entra ID flaw allowed hijacking any company’s tenant. https://www.bleepingcomputer.com/news/security/microsoft-entra-id-flaw-allowed-hijacking-any-companys-tenant/

■■■■□ OpenAI fixes zero-click ShadowLeak vulnerability affecting ChatGPT Deep Research agent. https://therecord.media/openai-fixes-zero-click-shadowleak-vulnerability

🤖 One of the admins of the channel had a 0-click malware on the Android flagship device. It may be Firefox Zero-Day, now patched. The malware deleted certain video files related to a country in the Middle East.

■■□□□ A recent report revealed that AppCloud, an Israeli application developed by IronSource, comes pre-installed on certain Samsung devices, particularly Galaxy A and Galaxy M models, and cannot be fully removed. The app automatically collects user data, including location, device fingerprints, and IP addresses. https://x.com/QudsNen/status/1968706493181579550 https://t.me/cKure/15664

■■■□□ Interesting thread (Jubair). One of the Scattered Spider guys ransomed a bunch of companies, made $36,000,000, then used the money for Uber Eats and Steam. He was late filmed as he was apologising. https://x.com/vxunderground/status/1968783350518235338

■■□□□ Dubai, UAE 🇦🇪 Dh23,000 routine payment dispute in Dubai unmasks cyber fraud. Hacker had intercepted company emails and diverted funds to fake account. https://gulfnews.com/uae/crime/dh23000-routine-payment-dispute-in-dubai-unmasks-cyber-fraud-1.500277479

■■■■□ Hacker group takes out jpost.com as they quoted ICC war criminal (for Genocide) on their website: https://t.me/DIeNlt/569 The group performed a DoS attack and the site remains down as of now.

■■■■□ The EDR-Freeze tool is a proof-of-concept exploit that leverages Windows’ built-in components to suspend EDR and antivirus processes into a “coma” state, effectively rendering them inactive without installing any third-party drivers. Mechanism: 1. MiniDumpWriteDump API: This function, part of the Windows DbgHelp library, is designed to create memory dumps by suspending all threads of…