Alleged UnitedHealth data leak - 500K+ records, possible insider access.
Healthcare data listed for $350K.
Insider risk remains critical.
Are controls keeping up?
Follow @technadu
#InfoSec #DataBreach #CyberSecurity
T
technadu@infosec.exchange
@technadu@infosec.exchange
Posts
-
🚨 Alleged UnitedHealth data leak - 500K+ records, possible insider access. -
GlassWorm update:• Solana dead drop C2 + DHT fallback• Fake Chrome extension → full browser exfil• HW wallet phishing (Ledger/Trezor)• HVNC + SOCKS modules• Targets npm, PyPI, MCPDecentralized infra = stealth persistence.GlassWorm update:
• Solana dead drop C2 + DHT fallback
• Fake Chrome extension → full browser exfil
• HW wallet phishing (Ledger/Trezor)
• HVNC + SOCKS modules
• Targets npm, PyPI, MCP
Decentralized infra = stealth persistence.Source: https://thehackernews.com/2026/03/glassworm-malware-uses-solana-dead.html
Follow @technadu
-
Signal > noiseSignal > noise.
GreyNoise: 242K new IPs, 99.7% no TCP handshake.Real activity?
UCLOUD +472%, multi-protocol scans.
Are you validating sources?Source: https://www.greynoise.io/blog/ghost-fleet-half-new-scanning-ips-geolocated-to-hong-kong
Comment + follow TechNadu
-
Alleged OVHcloud breach claims exposure of 1.6M customers & 5.9M websitesAlleged OVHcloud breach claims exposure of 1.6M customers & 5.9M websites.
PII, DBs & configs potentially impacted - but unverified.
Alleged OVHcloud Data Breach Exposes Millions of Customers and Server Infrastructure
A potential OVHcloud data breach involved the exposure of massive amounts of customer data and compromised server configurations.
TechNadu (www.technadu.com)
Do you act immediately or wait for confirmation in cases like this?
-
Surfshark launches HeyPolo 📍• No always-on tracking• Share exact / approx / none• Granular visibility controlsPrivacy-first location sharing.Surfshark launches HeyPolo
• No always-on tracking
• Share exact / approx / none
• Granular visibility controls
Privacy-first location sharing.
Surfshark Introduces Privacy-Focused Location App ‘HeyPolo’
HeyPolo location-sharing app by Surfshark offers privacy-first location sharing, giving users full control over when and how their location is shared.
TechNadu (www.technadu.com)
-
FriendlyDealer scam abusing PWAs:• 1,500+ fake app store domains• Browser-based installs bypass OS checks• Apps appear legit• Fake MrBeast affiliations usedShift to stealth mobile delivery.FriendlyDealer scam abusing PWAs:
• 1,500+ fake app store domains
• Browser-based installs bypass OS checks
• Apps appear legit
• Fake MrBeast affiliations used
Shift to stealth mobile delivery.
FriendlyDealer Scam Mimics App Stores to Push Gambling Platforms, Some Impersonate Mr. Beast Affiliations
The FriendlyDealer scam uses fake app stores to distribute unvetted gambling apps, aiming to collect commissions on every user registration and deposit.
TechNadu (www.technadu.com)
-
DarkSword iOS exploit kit leaked on GitHub.• 6-vuln chain• Targets iOS 18 and older• Enables full spyware deployment• Now usable by low-skill actorsShift from targeted espionage → scalable threat.DarkSword iOS exploit kit leaked on GitHub.
• 6-vuln chain
• Targets iOS 18 and older
• Enables full spyware deployment
• Now usable by low-skill actors
Shift from targeted espionage → scalable threat.
DarkSword iPhone Exploit Kit Newer Version Leaks on GitHub, Exposing iOS Users to Spyware
The powerful iPhone exploit kit leaked on GitHub – the DarkSword spyware exploits six iOS vulnerabilities, some as zero-days, posing a massive cybersecurity threat.
TechNadu (www.technadu.com)
-
Unverified reports claim a YouTube “view farm” using ceiling-mounted phones.Unverified reports claim a YouTube “view farm” using ceiling-mounted phones.
️ No confirmed validation yet
However, fake engagement ecosystems remain a real threat to platform integrity. Real incident or viral misinformation? Follow @technadu -
Kenya + Singapore deepen cybersecurity collaborationFocus: digital governance, policing tech, ICT capacityKenya + Singapore deepen cybersecurity collaboration
Focus: digital governance, policing tech, ICT capacitySignal: cross-border cooperation driving cyber resilience
Is global collaboration the new security baseline?
Follow @technadu Thoughts?
#Infosec #Cybersecurity #GovTech -
Foster City ransomware attack disrupts municipal ops.• Non-emergency services halted• Public data exposure risk• 911 systems unaffectedFoster City ransomware attack disrupts municipal ops.
• Non-emergency services halted
• Public data exposure risk
• 911 systems unaffected -
Navia Benefit Solutions breach2.6M+ affectedSSNs + health data exposedWeeks-long accessThird-party risk 🔺Navia Benefit Solutions breach
2.6M+ affected
SSNs + health data exposed
Weeks-long access
Third-party risk
Source: https://therecord.media/health-plan-info-stolen-navia-benefits
Thoughts? Follow @technadu -
NordVPN launches Scam Text CheckerAI + threat intelScans text, links, screenshotsUser-side phishing defense ↑Source: https://nordvpn.com/blog/nordvpn-scam-text-checker💬 Worth using?NordVPN launches Scam Text Checker
AI + threat intel
Scans text, links, screenshots
User-side phishing defense ↑
Source: https://nordvpn.com/blog/nordvpn-scam-text-checker Worth using? Follow TechNadu
#Phishing #SecurityTools #InfoSec -
Medusa ransomware hits hospital + county.9-day outage, manual ops, $800K demandMedusa ransomware hits hospital + county.
9-day outage, manual ops, $800K demand.
Operational impact > data loss.
Source: https://www.ofcom.org.uk/online-safety/illegal-and-harmful-content/4chan-fined-450000-for-not-protecting-children-from-online-pornography
Follow TechNadu.
#InfoSec #Ransomware -
FTC targets Xponential Fitness over alleged franchise misrepresentation.FTC targets Xponential Fitness over alleged franchise misrepresentation.
$17M settlement
Disclosure failures
Risk transparency gaps
Compliance ≠ optional. Thoughts? Follow TechNadu#Compliance #Risk #FTC #BusinessSecurity
-
Darksword exploit kit chains 6 iOS flaws to achieve full device compromise.• RCE → kernel access• Used by multiple threat actors• High-risk data exfiltrationDarksword exploit kit chains 6 iOS flaws to achieve full device compromise.
• RCE → kernel access
• Used by multiple threat actors
• High-risk data exfiltrationPatch immediately
https://www.technadu.com/darksword-exploit-kit-deploying-ios-spyware-on-iphones-adopted-by-multiple-threat-actors/623708/ -
Europol flagged 17K+ URLs with terrorist audio propaganda (1,100+ hours).Europol flagged 17K+ URLs with terrorist audio propaganda (1,100+ hours).
77% removed - but audio remains a detection blind spot.
https://www.technadu.com/over-1100-hours-of-terrorist-audio-propaganda-found-in-17000-urls-across-40-online-platforms/623705/ -
Athletes targeted via Apple account phishing.Athletes targeted via Apple account phishing.
Impersonation + MFA abuse = account takeover.
Social engineering still wins.Source: https://therecord.media/phishing-nba-nfl-scammer-arrested
Follow TechNadu.
-
Critical Ubuntu flaw (CVE-2026-3888) enables local root escalation via Snap.Critical Ubuntu flaw (CVE-2026-3888) enables local root escalation via Snap.
Delayed exploit (10–30 days) makes detection harder.
Patch snapd immediately.
https://www.technadu.com/critical-cve-2026-3888-vulnerability-exposes-ubuntu-to-root-escalation/623670/ -
New KEV addition by CISA:CVE-2025-47813 (Wing FTP Server)• Information disclosure flaw• Actively exploited• High remediation priorityKEV = real-world threat signal.New KEV addition by CISA:
CVE-2025-47813 (Wing FTP Server)
• Information disclosure flaw
• Actively exploited
• High remediation priority
KEV = real-world threat signal.Follow @technadu for updates.
#InfoSec #CISA #VulnerabilityManagement
-
The EU has sanctioned Chinese and Iranian firms over cyberattacks targeting European networks and infrastructure.The EU has sanctioned Chinese and Iranian firms over cyberattacks targeting European networks and infrastructure.
Impacts include 65K+ devices compromised and disinformation campaigns.