Ax Sharma
LightNews LightNews
banner
axsharma.com
Ax Sharma
@axsharma.com
540 followers 360 following 54 posts
Journalist and Security Researcher. Bylines/seen on: BleepingComputer, BBC, Channel 5, TechCrunch, WIRED.
📍🇨🇦 | 🇬🇧 | 🇮🇳

www.axsharma.com
X/Twitter: @Ax_Sharma
Posts Replies Media Videos
Pinned
axsharma.com
Ax Sharma @axsharma.com · Apr 16
The £2M scam operation that conned British people looking to get European EHIC health coverage cards that are otherwise free.

🎬 Watch on-demand or online @ Channel 5 UK:
📺 Scams: Don't Get Caught Out. Season 3.
axsharma.com
Canada Goose says it is reviewing a 1.67 GB dataset leaked by ShinyHunters extortion group, with more than 600,000 customer records.
February 16, 2026 at 5:14 AM
axsharma.com
🚨 Nationwide payment card-processing outage tied to #ransomware attack.

Payments platform BridgePay confirms a #ransomware attack has knocked key systems offline, impacting merchants and municipal services across the U.S.
www.bleepingcomputer.com/news/securit...
Payments platform BridgePay confirms ransomware attack behind outage
A major U.S. payment gateway and solutions provider says a ransomware attack has knocked key systems offline, triggering a widespread outage affecting multiple services. The incident began on Friday a...
www.bleepingcomputer.com
February 7, 2026 at 10:38 AM
axsharma.com
Despite #Zendesk suggesting safeguards and tightening up security last month, the massive spam wave has returned flooding inboxes with hundreds of bogus 'Activate account...' emails that bypass #spam filters

www.bleepingcomputer.com/news/securit...
Zendesk spam wave returns, floods users with 'Activate account' emails
A fresh wave of spam is hitting inboxes worldwide, with users reporting that they are once again being bombarded by automated emails generated through companies' unsecured Zendesk support systems. Som...
www.bleepingcomputer.com
February 5, 2026 at 10:29 AM
axsharma.com
Responsible disclosure is built on an assumption that "doing the right thing" would = timely action, fair treatment, and maybe a bounty reward.

Lately, that assumption is collapsing.

For CISOs, this is gradually becoming a risk management nightmare.
www.csoonline.com/article/4124...
When responsible disclosure becomes unpaid labor
An incentive gap is undermining responsible disclosure. For CISOs, this is gradually evolving into a risk management nightmare.
www.csoonline.com
February 2, 2026 at 3:32 PM
axsharma.com
A NationStates game player found a critical vulnerability but then crossed a line: he copied production data and app code.

Finding a flaw is enough. Demonstrate it safely, report it and stop there. Holding data isn't clever, ever.
www.bleepingcomputer.com/news/securit...
NationStates confirms data breach, shuts down game site
NationStates, a multiplayer browser-based game, has confirmed a data breach after taking its website offline earlier this week to investigate a security incident.
www.bleepingcomputer.com
February 2, 2026 at 10:15 AM
axsharma.com
BREAKING: Threat actors are seeking data on ~1,800 MSPs after a Pax8 spreadsheet with customer and Microsoft licensing info was accidentally emailed to over three dozen partners yesterday.
www.bleepingcomputer.com/news/securit...
Cloud marketplace Pax8 accidentally exposes data on 1,800 MSP partners
Cloud marketplace and distributor Pax8 has confirmed that it mistakenly sent an email to fewer than 40 UK-based partners containing a spreadsheet with internal business information, including MSP cust...
www.bleepingcomputer.com
January 14, 2026 at 12:19 PM
axsharma.com
Heads up: A new #phishing campaign is abusing LinkedIn comment-replies and directing users to external links to lift a bogus "temporary restriction."
www.bleepingcomputer.com/news/securit...
Convincing LinkedIn comment-reply tactic used in new phishing
Scammers are flooding LinkedIn posts with fake "reply" comments that appear to come from the platform, warning of bogus policy violations and urging users to click external links. Some even abuse Link...
www.bleepingcomputer.com
January 13, 2026 at 3:56 PM
axsharma.com
⚠️ Telegram privacy alert: Don't tap any @usernames or links in chats. These can actually be hidden proxy URLs. Tapping them just once can trigger a direct connection that reveals your real IP address to a third party with one click:
www.bleepingcomputer.com/news/securit...
Hidden Telegram proxy links can reveal your IP address in one click
A single click on what may appear to be a Telegram username or harmless link is all it takes to expose your real IP address to attackers due to how proxy links are handled. Telegram says it will add w...
www.bleepingcomputer.com
January 13, 2026 at 1:53 PM
axsharma.com
Update: Multiple current and former Target employees have reached out to confirm that the source code and documentation shared by a threat actor match real internal systems.

A company-wide Slack announcement also announced "accelerated" access changes.
www.bleepingcomputer.com/news/securit...
Target employees confirm leaked code after ‘accelerated’ Git lockdown
Multiple current and former Target employees confirmed that leaked source code samples posted by a threat actor match real internal systems. The company also rolled out an "accelerated" lockdown of it...
www.bleepingcomputer.com
January 13, 2026 at 1:36 PM
axsharma.com
EXCLUSIVE: Target's developer Git server went offline shortly after hackers claimed they had stolen internal source code and published what they claim are sample repositories for sale.
www.bleepingcomputer.com/news/securit...
Target's dev server offline after hackers claim to steal source code
Hackers are claiming to be selling internal source code belonging to Target Corporation, after publishing what appears to be a sample of stolen code repositories on a public software development platf...
www.bleepingcomputer.com
January 12, 2026 at 5:59 PM
axsharma.com
Microsoft Copilot prompt injections—vulnerabilities or AI limits?
Microsoft implies that these don't constitute "serviceable vulnerabilities." But security pros are divided, especially when AIs like Claude restrict inputs that can cause system prompt leaks.
www.bleepingcomputer.com/news/securit...
Are Copilot prompt injection flaws vulnerabilities or AI limits?
Microsoft has pushed back against claims that multiple prompt injection and sandbox-related issues raised by a security engineer in its Copilot AI assistant constitute security vulnerabilities. The de...
www.bleepingcomputer.com
January 6, 2026 at 11:34 AM
Reposted by Ax Sharma
metacurity.com
What an awful perk this is...it's saying "hey, get addicted to nicotine so we can squeeze more ideas out of you."

Tech Startups Are Handing Out Free Nicotine Pouches to Boost Productivity
www.wsj.com/tech/tech-st...
Tech Startups Are Handing Out Free Nicotine Pouches to Boost Productivity
A nicotine replacement for smokers has started popping up in offices in the tech industry, despite health hazards.
www.wsj.com
January 1, 2026 at 8:54 PM
axsharma.com
Not all CISA KEV listings mean urgent risk. CVE-2025-59374 formalizes the 2019 ASUS ShadowHammer supply-chain attack, not a new exploit.

FAQ updates, older guidance, and new context shared by CISA below signal a classification effort, not an active threat.
www.bleepingcomputer.com/news/securit...
Not all CISA-linked alerts are urgent: ASUS Live Update CVE-2025-59374
An ASUS Live Update vulnerability tracked as CVE-2025-59374 has been making the rounds in infosec feeds, with some headlines implying recent or ongoing exploitation. A closer look, however, shows the ...
www.bleepingcomputer.com
December 22, 2025 at 11:26 AM
axsharma.com
Can't believe but... the "real" flight ticket trick is still claiming victims. 🎫✈️

Scammers sell "tickets" that appear valid on the airline website for days, and then vanish.

I'd written about this exact scam in 2023: www.wired.com/story/plane-...
November 28, 2025 at 12:28 PM
axsharma.com
I was on BBC #RipOffBritain today breaking down code behind a fake "Google Movie" task scam site that conned many £££.

But worse is, real cases of victims losing their PayPal balances and then getting locked out of dispute process in a catch-22.

📡 Next episode: Friday 10.45am
November 26, 2025 at 1:21 PM
axsharma.com
Iberia is notifying customers of a data security incident stemming from a vendor compromise. Disclosure follows a threat actor's claims on hacker forums that they had access to 77 GB of the airline's data.
www.bleepingcomputer.com/news/securit...
Iberia discloses customer data leak after vendor security breach
Spanish flag carrier Iberia has begun notifying customers of a data security incident stemming from a compromise at one of its suppliers. The disclosure comes days after a threat actor claimed on hack...
www.bleepingcomputer.com
November 23, 2025 at 1:52 PM
axsharma.com
Exclusive: DoorDash email spoofing vulnerability disclosure goes off-track.

The researcher contends the company ignored the issue until pressured. The company says the pressure, which it deems extortion, itself crossed ethical lines.
www.bleepingcomputer.com/news/securit...
#bugbounty #hacking
DoorDash email spoofing vulnerability sparks messy disclosure dispute
A vulnerability in DoorDash's systems could allow anyone to send "official" DoorDash-themed emails right from company's authorized servers, paving a near-perfect phishing channel. DoorDash has now pat...
www.bleepingcomputer.com
November 17, 2025 at 4:38 PM
Reposted by Ax Sharma
andyjabbour.bsky.social
🇦🇺 ASD: Annual Cyber Threat Report 2024-2025. What ASD's ACSC saw: www.cyber.gov.au/about-us/vie... #australia #cybersecurity cc @gate15.bsky.social @campuscodi.risky.biz
November 14, 2025 at 1:28 PM
axsharma.com
DoorDash has disclosed a new data breach from 19 days ago: customer names, addresses, phone numbers and emails have been accessed.

The cause? A social engineering attack on an employee.
www.bleepingcomputer.com/news/securit...
DoorDash hit by yet another data breach this October
DoorDash has disclosed a data breach that hit the food delivery platform this October. Beginning yesterday evening, DoorDash, which serves millions of customers across the U.S., Canada, Australia, and...
www.bleepingcomputer.com
November 14, 2025 at 4:46 AM
axsharma.com
The world's largest software supply chain attack stole just $600, but cost teams thousands of engineering hours.

Modern supply chain attacks are evolving and shaping the threat landscape: from AI-assisted #phishing to self-replicating "worms."
www.csoonline.com/article/4081...
Modern supply-chain attacks and their real-world impact
Supply-chain attacks have evolved considerably in the las two years going from dependency confusion or stolen SSL among others once common attacks to AI-backed social engineering and open-source regis...
www.csoonline.com
November 6, 2025 at 12:33 PM
axsharma.com
Cybersecurity firm FuzzingLabs has accused Y Combinator-backed Gecko Security of "stealing" its vulnerability disclosures and back-dating blog posts. Gecko has denied wrongdoing.
www.bleepingcomputer.com/news/securit...
Security firms debate CVE credit in overlapping vulnerability reports
FuzzingLabs has accused the YCombinator-backed startup, Gecko Security, of replicating its vulnerability disclosures. Gecko allegedly filed for 2 CVEs based on FuzzingLabs' reports without crediting t...
www.bleepingcomputer.com
October 14, 2025 at 3:54 PM
axsharma.com
TLDR: Claim your dollar, beware of phishing attempts. And, lawyers be getting rich.
www.bleepingcomputer.com/news/securit...
ParkMobile pays... $1 each for 2021 data breach that hit 22 million
ParkMobile has finally wrapped up a class action lawsuit over the platform's 2021 data breach that hit 22 million users. But there's a catch: victims are receiving compensation in the form of a $1 in-...
www.bleepingcomputer.com
October 5, 2025 at 12:27 PM
axsharma.com
We’ve seen QR codes in scams before, but those relied on people scanning them. @socket.dev's new discovery shows malware using QR codes to talk to its C2 server — traffic that to security tools looks like harmless image exchanges.
www.bleepingcomputer.com/news/securit...
#malware #opensource #npm
NPM package caught using QR Code to fetch cookie-stealing malware
Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this innovat...
www.bleepingcomputer.com
September 23, 2025 at 10:49 AM
axsharma.com
Self-propagating supply chain attack on 187 npm projects also hit CrowdStrike's namespace.

Statement from CrowdStrike 👇
www.bleepingcomputer.com/news/securit...
Self-propagating supply chain attack hits 187 npm packages
Security researchers have identified at least 187 npm packages compromised in an ongoing supply chain attack. The coordinated worm-style campaign dubbed 'Shai-Hulud' started yesterday with the comprom...
www.bleepingcomputer.com
September 16, 2025 at 4:49 PM
Reposted by Ax Sharma
bleepingcomputer.com
Google has disputed a widely reported story about the company warning all Gmail users to reset their passwords due to a recent data breach that also affected some Workspace accounts.
No, Google did not warn 2.5 billion Gmail users to reset passwords
Google has disputed a widely reported story about the company warning all Gmail users to reset their passwords due to a recent data breach that also affected some Workspace accounts.
www.bleepingcomputer.com
September 2, 2025 at 2:57 PM