This week's articles
Anatomy of a BEC in 2025
Business Email Compromise (BEC) incidents are common, and usually start with a suspicious email containing a PDF with a link to a fake Microsoft 365 login page, which tricked the victim into providing credentials and MFA details.
#monitor
#gsuite
#saas
Rubygems.org AWS Root Access Event – September 2025
This post details a September 2025 security incident where a former RubyGems.org maintainer retained AWS root access after removal. Ruby Central discovered unauthorized access, reset credentials, and found no evidence of data compromise.
#announcement
#attack
#aws
#supply-chain
|