Risky Bulletin Risky Bulletin: Router APIs abused to send SMS spam
Oct 1, 2025
A cybercrime group exploits a router vulnerability to send SMS spam, raising alarms across the tech community. CISA introduces a new support model for local governments to enhance cybersecurity. South Korea elevates its cyber threat level after a data center fire, causing concerns about data outages. Researchers expose how Tile tracking devices leak location data, while the FTC sues Sendit over deceptive messaging practices. Additionally, a malware campaign infects thousands of devices in Italy and Spain, attributed to a Turkish-speaking group.
AI Snips
Chapters
Transcript
Episode notes
Routers Abused To Send SMS Spam
- A cybercrime group exploited Milesight router features to send bulk SMS by abusing admin-alert text capabilities.
- Sequoia found attackers used a 2023 vuln to extract logs and decrypt admin passwords, enabling the campaign since Feb 2022.
CISA Shifts To Regional Support Model
- CISA is replacing MS-ISAC with a regional collaboration model to give local governments grants, free tools and expert support.
- The change follows MS-ISAC funding expiry in March and aims to provide hands-on CISA assistance in regional centers.
Data Centre Fire Raises Cyber Alert
- South Korea raised its national cyber alert to Caution after a data centre fire caused by a lithium backup-battery.
- Officials fear threat actors may exploit the outage while the government migrates to a new data centre.