A threat actor is offering a potential 0-day remote code execution exploit for Fortinet FortiOS versions 7.4-7.6 for 0.5BTC (~$60k) past activity from the actor focused on selling access to Fortinet instances.
Threat Level: Moderate
#cybersecurity #fortinet #cybercrime #zeroday #RCE
Threat Level: Moderate
#cybersecurity #fortinet #cybercrime #zeroday #RCE
August 12, 2025 at 3:33 PM
A threat actor is offering a potential 0-day remote code execution exploit for Fortinet FortiOS versions 7.4-7.6 for 0.5BTC (~$60k) past activity from the actor focused on selling access to Fortinet instances.
Threat Level: Moderate
#cybersecurity #fortinet #cybercrime #zeroday #RCE
Threat Level: Moderate
#cybersecurity #fortinet #cybercrime #zeroday #RCE
A threat actor is selling a zero day to an undisclosed VPS/VDS provider that allows to bypass the payment before deployment. You'd think these providers would eventually find out but this raises a question on their security practices and makes you wonder how safe is your infra #0day #ThreatIntel
August 5, 2025 at 4:00 AM
A threat actor is selling a zero day to an undisclosed VPS/VDS provider that allows to bypass the payment before deployment. You'd think these providers would eventually find out but this raises a question on their security practices and makes you wonder how safe is your infra #0day #ThreatIntel
Venta de acceso a una firma inmobiliaria brasileña no identificada. El actor malicioso afirma vender acceso VPN de administrador de dominio, comprometiendo 60 PCs protegidas por Kaspersky y una empresa con ingresos de $88M. #Ciberseguridad #LATAM #Hack #Brazil
May 20, 2025 at 6:37 PM
Venta de acceso a una firma inmobiliaria brasileña no identificada. El actor malicioso afirma vender acceso VPN de administrador de dominio, comprometiendo 60 PCs protegidas por Kaspersky y una empresa con ingresos de $88M. #Ciberseguridad #LATAM #Hack #Brazil
Venta de acceso a una firma brasileña de servicios empresariales. El actor malicioso afirma vender acceso VPN de administrador de dominio, comprometiendo 7 PCs protegidas por TrendMicro en una empresa con ingresos de $7M. #Ciberseguridad #LATAM #Hack #Amenaza #Brazil
May 20, 2025 at 6:34 PM
Venta de acceso a una firma brasileña de servicios empresariales. El actor malicioso afirma vender acceso VPN de administrador de dominio, comprometiendo 7 PCs protegidas por TrendMicro en una empresa con ingresos de $7M. #Ciberseguridad #LATAM #Hack #Amenaza #Brazil
North Korean hackers are now creating entire fake crypto companies with AI-generated staff profiles to conduct job interviews that are actually malware delivery operations.
Beyond basic verification, what's your security protocol for vetting potential employers?
www.silentpush.com/blog/contagi...
Beyond basic verification, what's your security protocol for vetting potential employers?
www.silentpush.com/blog/contagi...
Contagious Interview (DPRK) Launches a New Campaign Creating Three Front Companies to Deliver a Trio of Malware: BeaverTail, InvisibleFerret, and OtterCookie
Contagious Interview (DPRK) launched a campaign using three front companies to deliver BeaverTail, InvisibleFerret, and OtterCookie malware.
www.silentpush.com
April 29, 2025 at 5:36 PM
North Korean hackers are now creating entire fake crypto companies with AI-generated staff profiles to conduct job interviews that are actually malware delivery operations.
Beyond basic verification, what's your security protocol for vetting potential employers?
www.silentpush.com/blog/contagi...
Beyond basic verification, what's your security protocol for vetting potential employers?
www.silentpush.com/blog/contagi...
Reposted by Mario Rojas
📢 The Internet Archive needs your help.
At a time when information is being rewritten or erased online, a $700 million lawsuit from major record labels threatens to destroy the Wayback Machine.
Tell the labels to drop the 78s lawsuit.
👉 Sign our open letter: www.change.org/p/defend-the...
🧵⬇️
At a time when information is being rewritten or erased online, a $700 million lawsuit from major record labels threatens to destroy the Wayback Machine.
Tell the labels to drop the 78s lawsuit.
👉 Sign our open letter: www.change.org/p/defend-the...
🧵⬇️
April 17, 2025 at 4:51 PM
📢 The Internet Archive needs your help.
At a time when information is being rewritten or erased online, a $700 million lawsuit from major record labels threatens to destroy the Wayback Machine.
Tell the labels to drop the 78s lawsuit.
👉 Sign our open letter: www.change.org/p/defend-the...
🧵⬇️
At a time when information is being rewritten or erased online, a $700 million lawsuit from major record labels threatens to destroy the Wayback Machine.
Tell the labels to drop the 78s lawsuit.
👉 Sign our open letter: www.change.org/p/defend-the...
🧵⬇️
With CVSS 6.5 and EPSS 0.6% this would fly under the radar.
But it has already been used to target governments, requires almost no user interaction (drag and drop) and can leak user credentials? Its Friday but you should patch this now! #CVE #Cyber #ThreatIntel research.checkpoint.com/2025/cve-202
But it has already been used to target governments, requires almost no user interaction (drag and drop) and can leak user credentials? Its Friday but you should patch this now! #CVE #Cyber #ThreatIntel research.checkpoint.com/2025/cve-202
CVE-2025-24054, NTLM Exploit in the Wild - Check Point Research
Key Points Introduction NTLM (New Technology LAN Manager) is a suite of authentication protocols developed by Microsoft to verify user identities and protect the integrity and confidentiality of netwo...
research.checkpoint.com
April 18, 2025 at 7:20 AM
With CVSS 6.5 and EPSS 0.6% this would fly under the radar.
But it has already been used to target governments, requires almost no user interaction (drag and drop) and can leak user credentials? Its Friday but you should patch this now! #CVE #Cyber #ThreatIntel research.checkpoint.com/2025/cve-202
But it has already been used to target governments, requires almost no user interaction (drag and drop) and can leak user credentials? Its Friday but you should patch this now! #CVE #Cyber #ThreatIntel research.checkpoint.com/2025/cve-202
Slow Pisces, a North Korean state actor is targeting crypto orgs with some solid tradecraft.
They’re posing as recruiters on LinkedIn, baiting devs with coding challenges that drop custom Python malware.
unit42.paloaltonetworks.com/slow-pisces-...
#APT #ThreatIntel #Cyber #OSINT #Crypto #Malware
They’re posing as recruiters on LinkedIn, baiting devs with coding challenges that drop custom Python malware.
unit42.paloaltonetworks.com/slow-pisces-...
#APT #ThreatIntel #Cyber #OSINT #Crypto #Malware
April 17, 2025 at 7:10 AM
Slow Pisces, a North Korean state actor is targeting crypto orgs with some solid tradecraft.
They’re posing as recruiters on LinkedIn, baiting devs with coding challenges that drop custom Python malware.
unit42.paloaltonetworks.com/slow-pisces-...
#APT #ThreatIntel #Cyber #OSINT #Crypto #Malware
They’re posing as recruiters on LinkedIn, baiting devs with coding challenges that drop custom Python malware.
unit42.paloaltonetworks.com/slow-pisces-...
#APT #ThreatIntel #Cyber #OSINT #Crypto #Malware
Just read about a new supply chain threat: slopsquatting, attackers could create malicious packages using AI-hallucinated dependency names. apparently ~20% of AI-generated code references non-existent packages. #AI #Cyber #ThreatIntel #Infosec socket.dev/blog/slopsqu...
The Rise of Slopsquatting: How AI Hallucinations Are Fueling...
Slopsquatting is a new supply chain threat where AI-assisted code generators recommend hallucinated packages that attackers register and weaponize.
socket.dev
April 14, 2025 at 7:19 AM
Just read about a new supply chain threat: slopsquatting, attackers could create malicious packages using AI-hallucinated dependency names. apparently ~20% of AI-generated code references non-existent packages. #AI #Cyber #ThreatIntel #Infosec socket.dev/blog/slopsqu...
Xanthorox AI surfaced on the dark web as a full spectrum hacking assistant. Unlike other malicious AI tools, it uses a multi-model framework with offline capabilities and custom LLMs on private servers. What defense strategies should we develop for these new types threats? #AI #Cyber #ThreatIntel
a black toy with a yellow smiley face on its face
ALT: a black toy with a yellow smiley face on its face
media.tenor.com
April 8, 2025 at 2:44 PM
Xanthorox AI surfaced on the dark web as a full spectrum hacking assistant. Unlike other malicious AI tools, it uses a multi-model framework with offline capabilities and custom LLMs on private servers. What defense strategies should we develop for these new types threats? #AI #Cyber #ThreatIntel
NVD just marked ~20K pre-2018 CVEs as "Deferred" - dropping CVSS scores and CWE classifications for these vulnerabilities.
This major shift affects critical security data and was implemented with minimal transparency.
Time for security teams to diversify vulnerability intel sources beyond NVD.
This major shift affects critical security data and was implemented with minimal transparency.
Time for security teams to diversify vulnerability intel sources beyond NVD.
April 7, 2025 at 5:33 AM
NVD just marked ~20K pre-2018 CVEs as "Deferred" - dropping CVSS scores and CWE classifications for these vulnerabilities.
This major shift affects critical security data and was implemented with minimal transparency.
Time for security teams to diversify vulnerability intel sources beyond NVD.
This major shift affects critical security data and was implemented with minimal transparency.
Time for security teams to diversify vulnerability intel sources beyond NVD.
An AI company left 95K+ explicit images exposed online, including deepfakes and AI-generated child sexual abuse material. Prompts targeted minors. No security. No oversight. This isnt just a data leak, it raises urgent ethical, legal, and safety concerns.
www.vpnmentor.com/news/report-...
www.vpnmentor.com/news/report-...
Thousands of AI & DeepFake Images Exposed on Nudify Service Data Breach
Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to vpnMentor about a non-password-protected database that contained just under 100k records belonging to
www.vpnmentor.com
April 5, 2025 at 1:41 PM
An AI company left 95K+ explicit images exposed online, including deepfakes and AI-generated child sexual abuse material. Prompts targeted minors. No security. No oversight. This isnt just a data leak, it raises urgent ethical, legal, and safety concerns.
www.vpnmentor.com/news/report-...
www.vpnmentor.com/news/report-...
Vulnerable edge devices attract threat actors like honey. UNC5221 (China-linked Threat Actor) has been actively exploiting CVE-2025-22457 (CVSS 9.0) a critical Ivanti VPN vulnerability since mid-March 2025. Patch version 22.7R2.6
#CVE #Exploited #POC #patch #vulnerability
#CVE #Exploited #POC #patch #vulnerability
April 3, 2025 at 4:35 PM
Vulnerable edge devices attract threat actors like honey. UNC5221 (China-linked Threat Actor) has been actively exploiting CVE-2025-22457 (CVSS 9.0) a critical Ivanti VPN vulnerability since mid-March 2025. Patch version 22.7R2.6
#CVE #Exploited #POC #patch #vulnerability
#CVE #Exploited #POC #patch #vulnerability
Check Point has uncovered Blind Eagle's (APT-C-36) campaigns targeting Colombian government institutions since Nov 2024. Despite patches being available for CVE-2024-43451 (Windows) vulnerability, they've adapted their tactics and infected over 1,600 systems. research.checkpoint.com/2025/blind-e...
Blind Eagle: …And Justice for All - Check Point Research
Key Points Introduction APT-C-36, also known as Blind Eagle, is a threat group that engages in both espionage and cybercrime. It primarily targets organizations in Colombia and other Latin American co...
research.checkpoint.com
April 3, 2025 at 3:33 AM
Check Point has uncovered Blind Eagle's (APT-C-36) campaigns targeting Colombian government institutions since Nov 2024. Despite patches being available for CVE-2024-43451 (Windows) vulnerability, they've adapted their tactics and infected over 1,600 systems. research.checkpoint.com/2025/blind-e...
Using EclecticIQ’s analysis, I uncovered 39 additional domains linked to Chinese #ThreatActor #SilkSpecter, impersonating brands like IKEA, The North Face, Zalando and Zara.
Key IOCs:
trusttollsvg.js
collect.js
#ThreatIntel #OSINT #Scam #BlackFriday #Phishing
blog.eclecticiq.com/inside-intel...
Key IOCs:
trusttollsvg.js
collect.js
#ThreatIntel #OSINT #Scam #BlackFriday #Phishing
blog.eclecticiq.com/inside-intel...
November 18, 2024 at 10:59 AM
Using EclecticIQ’s analysis, I uncovered 39 additional domains linked to Chinese #ThreatActor #SilkSpecter, impersonating brands like IKEA, The North Face, Zalando and Zara.
Key IOCs:
trusttollsvg.js
collect.js
#ThreatIntel #OSINT #Scam #BlackFriday #Phishing
blog.eclecticiq.com/inside-intel...
Key IOCs:
trusttollsvg.js
collect.js
#ThreatIntel #OSINT #Scam #BlackFriday #Phishing
blog.eclecticiq.com/inside-intel...
I’ve received multiple requests to expand the input options, and I’m happy to share that #CVE_Prioritizer can now process scan results from Nessus and OpenVAS! #SOC #blueteam #vulnerability #CVE #EPSS #KEV #ThreatIntel #Exploit #RedTeam #Nessus #OpenVAS #Patching github.com/TURROKS/CVE_...
November 5, 2024 at 5:42 AM
I’ve received multiple requests to expand the input options, and I’m happy to share that #CVE_Prioritizer can now process scan results from Nessus and OpenVAS! #SOC #blueteam #vulnerability #CVE #EPSS #KEV #ThreatIntel #Exploit #RedTeam #Nessus #OpenVAS #Patching github.com/TURROKS/CVE_...
New phishing domain associated with Scattered Spider APT, targeting Gemini Crypto Exchange
IP: 24.144.123.156
Domain: stargate-gemini[.]com
TTPs align with Sekoia's latest findings blog.sekoia.io/scattered-sp... #ThreatHunting #APT #Phishing #CyberSecurity
IP: 24.144.123.156
Domain: stargate-gemini[.]com
TTPs align with Sekoia's latest findings blog.sekoia.io/scattered-sp... #ThreatHunting #APT #Phishing #CyberSecurity
October 18, 2024 at 7:47 AM
New phishing domain associated with Scattered Spider APT, targeting Gemini Crypto Exchange
IP: 24.144.123.156
Domain: stargate-gemini[.]com
TTPs align with Sekoia's latest findings blog.sekoia.io/scattered-sp... #ThreatHunting #APT #Phishing #CyberSecurity
IP: 24.144.123.156
Domain: stargate-gemini[.]com
TTPs align with Sekoia's latest findings blog.sekoia.io/scattered-sp... #ThreatHunting #APT #Phishing #CyberSecurity
Reposted by Mario Rojas
Latest update, @brewster.kahle.org:
“The Internet Archive’s Wayback Machine resumed in a provisional, read-only manner.
Sorry, no Save Page Now yet.
Safe to resume but might need further maintenance, in which case it will be suspended again.
Please be gentle web.archive.org
More as it happens.”
“The Internet Archive’s Wayback Machine resumed in a provisional, read-only manner.
Sorry, no Save Page Now yet.
Safe to resume but might need further maintenance, in which case it will be suspended again.
Please be gentle web.archive.org
More as it happens.”
October 14, 2024 at 11:29 AM
Latest update, @brewster.kahle.org:
“The Internet Archive’s Wayback Machine resumed in a provisional, read-only manner.
Sorry, no Save Page Now yet.
Safe to resume but might need further maintenance, in which case it will be suspended again.
Please be gentle web.archive.org
More as it happens.”
“The Internet Archive’s Wayback Machine resumed in a provisional, read-only manner.
Sorry, no Save Page Now yet.
Safe to resume but might need further maintenance, in which case it will be suspended again.
Please be gentle web.archive.org
More as it happens.”
Hey everyone, wanted to share a new post I wrote on gathering OSINT for threat hunting for beginners. I hope you'll find it useful. medium.com/the-first-di...
#ThreatHunting #OSINT #Cybersecurity #ThreatIntelligence
#ThreatHunting #OSINT #Cybersecurity #ThreatIntelligence
Gathering OSINT for Threat Hunting
Mastering the Art of Gathering OSINT for Threat Hunting.
medium.com
October 14, 2024 at 2:41 PM
Hey everyone, wanted to share a new post I wrote on gathering OSINT for threat hunting for beginners. I hope you'll find it useful. medium.com/the-first-di...
#ThreatHunting #OSINT #Cybersecurity #ThreatIntelligence
#ThreatHunting #OSINT #Cybersecurity #ThreatIntelligence