The Coming Storm - Nasni Consultants

Aisuru Botnet Shifts from DDoS to Residential Proxies

Post author:Diran Taofeek Folami
Post published:October 29, 2025
Post category:Cybersecurity Internet of Things
Post last modified:October 29, 2025

Aisuru, the botnet responsible for a series of record-smashing distributed denial-of-service (DDoS) attacks this year, recently was overhauled to support a more low-key, lucrative and sustainable business: Renting hundreds of…

Email Bombs Exploit Lax Authentication in Zendesk

Post author:Diran Taofeek Folami
Post published:October 17, 2025
Post category:Cybersecurity
Post last modified:October 17, 2025

Cybercriminals are abusing a widespread lack of authentication in the customer service platform Zendesk to flood targeted email inboxes with menacing messages that come from hundreds of Zendesk corporate customers…

DDoS Botnet Aisuru Blankets US ISPs in Record DDoS

Post author:Diran Taofeek Folami
Post published:October 10, 2025
Post category:Cybersecurity
Post last modified:October 10, 2025

The world’s largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon,…

ShinyHunters Wage Broad Corporate Extortion Spree

Post author:Diran Taofeek Folami
Post published:October 7, 2025
Post category:Cybersecurity
Post last modified:October 7, 2025

A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data…

Self-Replicating Worm Hits 180+ Software Packages

Post author:Diran Taofeek Folami
Post published:September 16, 2025
Post category:Cybersecurity
Post last modified:September 16, 2025

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on GitHub,…

Microsoft Patch Tuesday, September 2025 Edition

Post author:Diran Taofeek Folami
Post published:September 9, 2025
Post category:Cybersecurity
Post last modified:September 9, 2025

Microsoft Corp. today issued security updates to fix more than 80 vulnerabilities in its Windows operating systems and software. There are no known “zero-day” or actively exploited vulnerabilities in this…

18 Popular Code Packages Hacked, Rigged to Steal Crypto

Post author:Diran Taofeek Folami
Post published:September 8, 2025
Post category:Cybersecurity
Post last modified:September 8, 2025

At least 18 popular JavaScript code packages that are collectively downloaded more than two billion times each week were briefly compromised with malicious software today, after a developer involved in…

The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft

Post author:Diran Taofeek Folami
Post published:September 1, 2025
Post category:Cybersecurity
Post last modified:September 1, 2025

The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many…

Affiliates Flock to ‘Soulless’ Scam Gambling Machine

Post author:Diran Taofeek Folami
Post published:August 28, 2025
Post category:Cybersecurity
Post last modified:August 28, 2025

Last month, KrebsOnSecurity tracked the sudden emergence of hundreds of polished online gaming and wagering websites that lure people with free credits and eventually abscond with any cryptocurrency funds deposited…

Mobile Phishers Target Brokerage Accounts in ‘Ramp and Dump’ Cashout Scheme

Post author:Diran Taofeek Folami
Post published:August 15, 2025
Post category:Cybersecurity
Post last modified:August 15, 2025

Cybercriminal groups peddling sophisticated phishing kits that convert stolen card data into mobile wallets have recently shifted their focus to targeting customers of brokerage services, new research shows. Undeterred by…