CloudSEK’s XVigil has observed a spike in exposed Postman instances. This trend is especially concerning because Postman is used by 500,000 organizations and 20 million developers across the world.

CloudSEK’s contextual AI digital risk platform XVigil discovered a tweet by the threat group “Khalifah Cyber Crew” announcing a new campaign “OpsBantaiKaw2” for targeting Indian websites.

CloudSEK’s contextual AI digital risk platform XVigil, discovered a threat actor group named Team Mysterious Bangladesh who claimed to have compromised the CBHE Delhi, India. The group mentioned leaking information about students from 2004 to 2022.

CloudSEK’s contextual AI digital risk platform XVigil uncovered a phishing campaign that hosted a total of 8 subdomains impersonating the webpages of a popular Indian bank.

CloudSEK’s contextual AI digital risk platform XVigil has spotted an advertisement where a short tutorial is provided on how the Hayya Card registration facility could be misused by threat actors to create multiple copies of the card.

CloudSEK’s contextual AI digital risk platform XVigil uncovered a phishing campaign abusing a SaaS platform, named FormSubmit, to impersonate a popular Indian bank.

Critical RCE vulnerability affecting Citrix ADC and Citrix Gateway. APT 5 has been observed exploiting this vulnerability in the wild as per Citrix and NSA. Threat actors on the cybercrime forums were looking to buy the exploits for this vulnerability to perform arbitrary code execution.

CloudSEK’s Threat Research team conducted an investigation to understand the technical details of CVE-2022-44877, and the internet-wide exploitation of CentOS Web Panel 7 installations.