SSRF can look simple until it leaks cloud creds or hits internal services.
In this issue:
Real payloads
Redis via Gopher
Blind SSRF tricks
Tools & labs
https://www.kayssel.com/newsletter/issue-4/
#cybersecurity #infosec #bugbounty #hacking
Possible Phishing 
on: 
hxxp[:]//order-cprfap-qy[.]cfp[.]paypal-merchant[.]ru
Analysis at: https://urldna.io/scan/68205fa93b77500010f319b5
#cybersecurity #phishing #infosec #urldna #scam #infosec
Possible Phishing
on: hxxp[:]//openseaprojtsclaimze[.]vercel[.]app
Analysis at: https://urldna.io/scan/682055de3b7750000f06c557
#cybersecurity #phishing #infosec #urldna #scam #infosec
Operational Risk Management- Processing Risk (Process Design & Risk Mitigation), PBWM
Citi
Irving, United States
Many are the tricksters preying upon the innocent and the naive. May Set feast upon their souls, may Khepri roll them into little balls and push them into the river! #cybersecurity https://cromwell-intl.com/cybersecurity/web-mail-spear-phishing.html?s=mc
When the cyber-watchdog gets cat-burgled: A CISA/DOGE security engineer's credentials appeared in 51(!) data breaches. Even the folks guarding the henhouse need better password hygiene! Friendly reminder: Enable 2FA, use a password manager, and maybe don't reuse passwords from 2013 
#cybersecurity
La guerra di Wikipedia al governo UK: “Così distruggete il sapere online”
Link all'articolo : https://www.redhotcyber.com/post/la-guerra-di-wikipedia-al-governo-uk-cosi-distruggete-il-sapere-online/
One-Click RCE in Asus's Preinstalled Driver Software
Possible Phishing
on: hxxp[:]//onlinehelpcustumsupport[.]net[.]d[.]r1[.]wbsprt[.]com/commbnk/goingtwo[.]php?au=5b9dd00ee8b0035370cca5adc41af10762738c8ccbb51a1ab39588c417b3b0bd2a29b56dc62b160378288421d7e54a7b62a6de50ba966df91bd60dab9b9e192e
Analysis at: https://urldna.io/scan/682036133b77500010f3079c
#cybersecurity #phishing #infosec #urldna #scam #infosec
Quando il regalo per la Festa della Mamma diventa un infostealer interno!
In un mondo in cui l’ingegneria sociale è la regina degli attacchi informatici, nessuno è al sicuro. Neanche papà. Un gesto tenero? No, una breccia nei sistemi familiari.
Morale della favola: Puoi difenderti da ransomware, phishing e malware… ma non da tua figlia sotto interrogatorio emotivo.
Buona Festa della Mamma a tutte le donne che sanno tutto… prima ancora che succeda.
The password is dead. Microsoft just buried it.
Read the full blog: https://go.openexploit.in/mastodon-server-infosec-2025-05-11
The password is dead. Microsoft just buried it.
Read the full blog: https://go.openexploit.in/mastodon-server-cyberplace-2025-05-11
Sei Davvero Umano? Shock su Reddit: migliaia di utenti hanno discusso con dei bot senza saperlo
Link all'articolo : https://www.redhotcyber.com/post/sei-davvero-umano-shock-su-reddit-migliaia-di-utenti-hanno-discusso-con-dei-bot-senza-saperlo/
Possible Phishing
on: hxxp[:]//onlineservicetech[.]website/landingpage/90d69b1d-cc46-48a6-8a25-a3222e9cce64/g2m5qbddslrwv8kgdwyfwje6ibhqoqs3ifpukcxpmbu
Analysis at: https://urldna.io/scan/682043a53b77500010f30dca
#cybersecurity #phishing #infosec #urldna #scam #infosec
Data Protection and Privacy Senior Manager PwC Amsterdam, Netherlands
Apply now: https://totalcyber.io/jobs/pwc/data-protection-and-privacy-senior-manager
