A cyber threat actor dubbed Prolific Puma has been operating an underground link-shortening service for at least four years. It creates domain names using a registered domain generation algorithm and offers the link shortening service to other threat actors, enabling them to avoid detection while distributing phishing scams and malware. The actor has ostensibly registered between 35k-75k domain names since April 2022, often using US-based registrar and hosting company NameSilo due to its low cost and API facilitating bulk registration. It has also been observed to park registered domains for weeks before hosting their service with anonymous providers. The actor’s identity and origin remain unknown.
Blue Shield of California members may have had their data exposed in a November data breach. Information included member names, dates of birth, addresses, subscriber