Cyber Security Headlines GhostAction campaign, scam centers grow, GPUGate hits IT
9 snips
Sep 9, 2025 The GhostAction campaign is wreaking havoc on GitHub accounts, while scam call centers are rapidly expanding in Myanmar, exploiting vulnerable individuals. Meanwhile, the GPUGate phishing campaign is deceiving IT firms through altered Google ads, leading to malware infections. Recent breaches like the one at Wealthsimple highlight ongoing security challenges. Additionally, issues with multi-factor authentication in the Pacer system have emerged, as well as intriguing new features in the Signal app.
AI Snips
Chapters
Transcript
Episode notes
Code-Repo Secrets Are High-Value Targets
- The Ghost Action campaign compromised GitHub accounts and enumerated secrets from workflow files across hundreds of users and repos.
- GitGuardian found 3,300+ leaked secrets including AWS, Docker Hub, and NPM tokens requiring coordinated response.
Border Scam Centers Grew Into Industrial Networks
- Scam call centers on the Thai–Myanmar border have rapidly expanded since the 2021 coup with industrial-scale facilities and trafficking.
- Thai police estimate around 100,000 people are held and exploited in these fortified operations.
State-Backed Threats Use Credible Impersonation
- APT-41 used impersonation of a U.S. lawmaker to phish trade groups and government entities with malicious attachments.
- Mandiant found attachments attempted to install a backdoor during sensitive trade talks.