Cellular router APIs exploited in covert smishing campaign

October 1, 2025

Bloggers touch screen smartphone light night city, girls using in hands mobile phone closeup, online wi-fi internet, woman texting text message

(Adobe Stock)

Threat actors have abused Milesight Industrial Cellular routers' APIs to launch a wave of smishing attacks across Europe, according to Infosecurity Magazine.

Belgium was primarily targeted by such campaigns between November 2022 and July 2025, with routers exploited to deliver malicious SMS messages purporting to be from its government platforms CSAM and eBox, a report from Sekoia.io's Threat Detection & Research team showed.

Other attacks exploiting the router APIs involved the impersonation of French banking and postal entities, as well as Swedish and Danish telecommunications providers in smishing campaigns, noted researchers, who also found the use of NameSilo-registered phishing domains and infrastructure associated with Podaon, a hosting provider in Lithuania, in the intrusions.

"In light of this, heightened vigilance remains essential. Users should be cautious of unsolicited messages especially those containing shortened or suspicious URLs, spelling or grammatical errors or urgent calls to action. Awareness and skepticism are among the most effective defences against smishing attempts, which increasingly target both individuals and organisations on a global scale," said researchers.

SC Staff

Upcoming FIFA World Cup event in 2026 with soccer ball and flags of USA, Canada, and Mexico

API security

Security researcher reportedly accesses FIFA World Cup broadcast controls via API flaw

SC StaffJune 16, 2026

The researcher, known as BobDaHacker, said they exploited a flaw in FIFA's back-end API by registering as a player agent.

A stock illustration that represents the concept of e-commerce phishing in pastel orange and cobalt blue, incorporating fake shopping carts and conceptual metaphors of stolen data and false security for an engaging and intuitive understanding of the concept. Utilize soft gradients and layered shadows to create a hint of spatial complexity and priority. --ar 16:9 --v 6.1 Job ID: b12556c8-93ea-4d94-91b3-9ca3f4a58a7b

API security

Magecart campaign exploits Stripe API for credit card theft

SC StaffJune 5, 2026

The sophisticated attack utilizes Google Tag Manager (GTM) and Stripe domains, which are implicitly trusted by e-commerce sites, allowing the malicious code to bypass security measures.

Glowing digital key on a dark circuit board symbolizing cybersecurity and data encryption. Cybersecurity awareness, data protection, digital security, IT, information safety, encryption concept.

API security

Deleted Google API keys remain active for up to 23 minutes, study finds

SC StaffMay 21, 2026

While the Google Cloud Platform console indicates immediate deletion, researchers found that keys take an average of 16 minutes to become fully inactive, with the longest observed delay reaching 23 minutes.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

Related Terms

API Security Cloud Computing Greynet