Category Archives: 2025

Realistic image of APT29 deceiving a person to bypass 2FA using app passwords

APT29 Exploits App Passwords to Bypass 2FA

A silent cyberweapon undermining digital trust Two-factor authentication (2FA) was supposed to be the cybersecurity bedrock. Yet, it has a crucial vulnerability: legacy systems that still allow application-specific passwords. Cyber threat actors like UNC6293, tied to the infamous APT29 (Cozy Bear), have seized this flaw to bypass advanced security layers and exfiltrate sensitive data—without triggering […]

Illustration of Signal clone breached scenario involving TeleMessage with USA and Israel flags

Signal Clone Breached: Critical Flaws in TeleMessage

TeleMessage: A Breach That Exposed Cloud Trust and National Security Risks TeleMessage, marketed as a secure alternative to Signal, became a vector for national compromise after the Signal Clone Breach, which exposed vulnerabilities in sensitive U.S. government environments—including FEMA and White House staff—without proper vetting. In this analysis, Jacques Gascuel reveals how this proprietary messaging […]

APT36 SpearPhishing India header infographic showing phishing icon, map of India, and cyber threat symbols

APT36 SpearPhishing India: Targeted Cyberespionage | Security

Understanding Targeted Attacks of APT36 SpearPhishing India APT36 cyberespionage campaigns against India represent a focused and enduring threat. Actors likely linked to Pakistan orchestrate these attacks. This group, also known as Transparent Unit, ProjectM, Mythic Leopard, and Earth Karkaddan, has been active since at least 2013. Throughout its operations, APT36 has consistently targeted Indian government […]