Cyberespionage and developments in the cyber underworld, including an offering in the C2C market. Russian hacktivist auxiliaries stay busy (and so do their masters in the organs).

The Lazarus Group targets developers. Threat actors target the banking sector with fake LinkedIn profiles and open source supply chain attacks. Vulnerabilities reported in OpenMeetings. HTML smuggling is sold in the C2C market. Johannes Ullrich from SANS describes attacks against niche web apps. Our guest is Damir Brecic of Inversion6 discussing the privacy and security concerns of Meta's new Threads app. And Romania's SVR reports a pattern of Russian cyberattacks.

Selected reading.

GitHub warns of Lazarus hackers targeting devs with malicious projects (BleepingComputer)

Cyberattack on GitHub customers linked to North Korean hackers, Microsoft says (Record)

Security alert: social engineering campaign targets technology industry employees (The GitHub Blog)

First Known Targeted OSS Supply Chain Attacks Against the Banking Sector (Checkmarx)

A Twist in the Code: OpenMeetings Vulnerabilities through Unexpected Application State (Sonar) 

Fresh Phish: HTML Smuggling Made Easy, Thanks to a New Dark Web Phish Kit (INKY) 

KillNet Showcases New Capabilities While Repeating Older Tactics (Mandiant).

Pro-Russian hacktivists increase focus on Western targets. The latest is OnlyFans. (CyberScoop).

Anonymous Sudan DDoS strikes dominate attacks by KillNet collective (SC Media)

Romanian Intelligence General: All Russian secret services attempted cyber attacks against Romania (ACTMedia)