Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks

June 22, 2025

Former members tied to the Black Basta ransomware operation have been observed sticking to their tried-and-tested approach of email bombing and Microsoft Teams phishing to establish persistent access to target networks.
“Recently, attackers have introduced Python script execution alongside these techniques, using cURL requests to fetch and deploy malicious payloads,” ReliaQuest said in a report

Source: Read More

Previous ArticleConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Next Article Exploring Lakebase: Databricks’ Next-Gen AI-Native OLTP Database

Highlights

CVE-2025-54416 – GitHub tj-actions Branch Names Command Injection Vulnerability

July 28, 2025

CVE ID : CVE-2025-54416

Published : July 26, 2025, 4:16 a.m. | 2 days, 19 hours ago

Description : tj-actions/branch-names is a Github actions repository that contains workflows to retrieve branch or tag names with support for all events. In versions 8.2.1 and below, a critical vulnerability has been identified in the tj-actions/branch-names’ GitHub Action workflow which allows arbitrary command execution in downstream workflows. This issue arises due to inconsistent input sanitization and unescaped output, enabling malicious actors to exploit specially crafted branch names or tags. While internal sanitization mechanisms have been implemented, the action outputs remain vulnerable, exposing consuming workflows to significant security risks. This is fixed in version 9.0.0

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Elastic simplifies log analytics for SREs and developers with launch of Log Essentials

OpenAI launches GPT-5

Melissa brings its data quality solutions to Azure with new SSIS integration

Automating Design Systems: Tips And Resources For Getting Started

This $180 mini projector has no business being this good for the price

GPT-5 is finally here, and you can access it for free today – no subscription needed

Changing this Android setting instantly doubled my phone speed (Samsung and Google models included)

ChatGPT can now talk nerdy to you – plus more personalities and other upgrades beyond GPT-5

Advanced Application Architecture through Laravel’s Service Container Management

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

AI-Driven Smart Tagging and Metadata in AEM Assets

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Bill Gates on AI’s Impact: ‘Be Curious, Read, and Use the Latest Tools’

Halo Infinite’s Fall Update: New Features and Modes to Revive the Game?

Forza Motorsport’s Future in Jeopardy: Fans Demand Clarity from Microsoft

Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks

Advanced Application Architecture through Laravel’s Service Container Management

Switch Between Personas in Laravel With the MultiPersona Package

The Serverless Architecture Handbook: How to Publish a Node Js Docker Image to AWS ECR and Deploy the Container to AWS Lambda

CVE-2025-5884 – Konica Minolta bizhub Cross-Site Scripting Vulnerability

CVE-2025-7322 – IrfanView CADImage Plugin DWG File Parsing Out-Of-

All You Need to Know About Sildenafil: Uses, Benefits, and Precautions

CVE-2025-54416 – GitHub tj-actions Branch Names Command Injection Vulnerability

10-Year-Old Roundcube RCE Vulnerability Let Attackers Execute Malicious Code

My new favorite multi-port charging station is $50 off on Amazon right now

Designers: We’ll all be design engineers in a year

Former Black Basta Members Use Microsoft Teams and Python Scripts in 2025 Attacks

Related Posts