Paxion Cybersecurity
@paxioncyber.bsky.social
Paxion (Pax-ee-on) is a full-purpose cybersecurity tech & services firm HQ’d in Madison, WI. Our flagship cybersecurity SaaS tech product - PAXIE.ai (Proprietary Artificial XDR Intelligence for Enterprise) has an expected GTM of mid 2026. MVP early 2026.
Reposted by Paxion Cybersecurity
Cyber authorities issued their second emergency directive in three weeks. This one requires agencies to mitigate or disconnect potentially compromised F5 devices and services. via @mattkapko.com cyberscoop.com/cisa-emergen...
CISA warns of imminent risk posed by thousands of F5 products in federal agencies
Cyber authorities issued their second emergency directive in three weeks. This one requires agencies to mitigate or disconnect potentially compromised F5 devices and services.
cyberscoop.com
October 15, 2025 at 8:04 PM
Cyber authorities issued their second emergency directive in three weeks. This one requires agencies to mitigate or disconnect potentially compromised F5 devices and services. via @mattkapko.com cyberscoop.com/cisa-emergen...
Reposted by Paxion Cybersecurity
A stealth #phishing campaign hid on Google Cloud & Cloudflare for 3+ years.
📌 48K+ hosts across 86 clusters
📌 Expired domains hijacked
📌 Brand clones tricking victims
👉 Lesson: Continuous monitoring & domain vigilance are non-negotiable.
#CyberSecurity #InfoSec #Cloud
📌 48K+ hosts across 86 clusters
📌 Expired domains hijacked
📌 Brand clones tricking victims
👉 Lesson: Continuous monitoring & domain vigilance are non-negotiable.
#CyberSecurity #InfoSec #Cloud
September 3, 2025 at 3:23 PM
A stealth #phishing campaign hid on Google Cloud & Cloudflare for 3+ years.
📌 48K+ hosts across 86 clusters
📌 Expired domains hijacked
📌 Brand clones tricking victims
👉 Lesson: Continuous monitoring & domain vigilance are non-negotiable.
#CyberSecurity #InfoSec #Cloud
📌 48K+ hosts across 86 clusters
📌 Expired domains hijacked
📌 Brand clones tricking victims
👉 Lesson: Continuous monitoring & domain vigilance are non-negotiable.
#CyberSecurity #InfoSec #Cloud
In remembrance of all the victims. 24 years ago today. Never forget 9/11.
September 11, 2025 at 2:10 PM
In remembrance of all the victims. 24 years ago today. Never forget 9/11.
Reposted by Paxion Cybersecurity
Hackers exploit trusted AI platforms to steal Microsoft 365 credentials.
👉A recent campaign used Simplified AI to host fake login portals, evading traditional defenses.
Would your team detect phishing from a “legitimate” AI tool?
#CyberSec #Phishing #Microsoft365 #AI #InfoSec
👉A recent campaign used Simplified AI to host fake login portals, evading traditional defenses.
Would your team detect phishing from a “legitimate” AI tool?
#CyberSec #Phishing #Microsoft365 #AI #InfoSec
September 5, 2025 at 1:17 PM
Hackers exploit trusted AI platforms to steal Microsoft 365 credentials.
👉A recent campaign used Simplified AI to host fake login portals, evading traditional defenses.
Would your team detect phishing from a “legitimate” AI tool?
#CyberSec #Phishing #Microsoft365 #AI #InfoSec
👉A recent campaign used Simplified AI to host fake login portals, evading traditional defenses.
Would your team detect phishing from a “legitimate” AI tool?
#CyberSec #Phishing #Microsoft365 #AI #InfoSec
Hackers exploit trusted AI platforms to steal Microsoft 365 credentials.
👉A recent campaign used Simplified AI to host fake login portals, evading traditional defenses.
Would your team detect phishing from a “legitimate” AI tool?
#CyberSec #Phishing #Microsoft365 #AI #InfoSec
👉A recent campaign used Simplified AI to host fake login portals, evading traditional defenses.
Would your team detect phishing from a “legitimate” AI tool?
#CyberSec #Phishing #Microsoft365 #AI #InfoSec
September 5, 2025 at 1:17 PM
Hackers exploit trusted AI platforms to steal Microsoft 365 credentials.
👉A recent campaign used Simplified AI to host fake login portals, evading traditional defenses.
Would your team detect phishing from a “legitimate” AI tool?
#CyberSec #Phishing #Microsoft365 #AI #InfoSec
👉A recent campaign used Simplified AI to host fake login portals, evading traditional defenses.
Would your team detect phishing from a “legitimate” AI tool?
#CyberSec #Phishing #Microsoft365 #AI #InfoSec
Nevada cyber attack forced state offices to shut down, disrupted services, & led to personal data theft.
🔐 Gov’t systems remain high-value targets for attackers.
👉 Strengthen resilience with: paxioncyber.com
#CyberAttack #DataBreach #Ransomware #IncidentResponse
🔐 Gov’t systems remain high-value targets for attackers.
👉 Strengthen resilience with: paxioncyber.com
#CyberAttack #DataBreach #Ransomware #IncidentResponse
September 4, 2025 at 2:08 PM
Nevada cyber attack forced state offices to shut down, disrupted services, & led to personal data theft.
🔐 Gov’t systems remain high-value targets for attackers.
👉 Strengthen resilience with: paxioncyber.com
#CyberAttack #DataBreach #Ransomware #IncidentResponse
🔐 Gov’t systems remain high-value targets for attackers.
👉 Strengthen resilience with: paxioncyber.com
#CyberAttack #DataBreach #Ransomware #IncidentResponse
A stealth #phishing campaign hid on Google Cloud & Cloudflare for 3+ years.
📌 48K+ hosts across 86 clusters
📌 Expired domains hijacked
📌 Brand clones tricking victims
👉 Lesson: Continuous monitoring & domain vigilance are non-negotiable.
#CyberSecurity #InfoSec #Cloud
📌 48K+ hosts across 86 clusters
📌 Expired domains hijacked
📌 Brand clones tricking victims
👉 Lesson: Continuous monitoring & domain vigilance are non-negotiable.
#CyberSecurity #InfoSec #Cloud
September 3, 2025 at 3:23 PM
A stealth #phishing campaign hid on Google Cloud & Cloudflare for 3+ years.
📌 48K+ hosts across 86 clusters
📌 Expired domains hijacked
📌 Brand clones tricking victims
👉 Lesson: Continuous monitoring & domain vigilance are non-negotiable.
#CyberSecurity #InfoSec #Cloud
📌 48K+ hosts across 86 clusters
📌 Expired domains hijacked
📌 Brand clones tricking victims
👉 Lesson: Continuous monitoring & domain vigilance are non-negotiable.
#CyberSecurity #InfoSec #Cloud
🚨 Palo Alto Networks confirms data breach!
Hackers exploited OAuth tokens in the Salesloft Drift–#Salesforce integration to steal:
🔹 Contact info
🔹 Sales data
🔹 Credentials for cloud services
👉 Lesson: 3rd-party risks are real.
#Cybersecurity #DataBreach #ZeroTrust
Hackers exploited OAuth tokens in the Salesloft Drift–#Salesforce integration to steal:
🔹 Contact info
🔹 Sales data
🔹 Credentials for cloud services
👉 Lesson: 3rd-party risks are real.
#Cybersecurity #DataBreach #ZeroTrust
September 2, 2025 at 1:25 PM
🚨 Palo Alto Networks confirms data breach!
Hackers exploited OAuth tokens in the Salesloft Drift–#Salesforce integration to steal:
🔹 Contact info
🔹 Sales data
🔹 Credentials for cloud services
👉 Lesson: 3rd-party risks are real.
#Cybersecurity #DataBreach #ZeroTrust
Hackers exploited OAuth tokens in the Salesloft Drift–#Salesforce integration to steal:
🔹 Contact info
🔹 Sales data
🔹 Credentials for cloud services
👉 Lesson: 3rd-party risks are real.
#Cybersecurity #DataBreach #ZeroTrust
Reposted by Paxion Cybersecurity
September 1, 2025 at 8:24 PM
September 1, 2025 at 8:24 PM
🚨 New Threat: AI Waifu RAT Malware 🚨
Disguised as an “AI companion tool,” it:
⚠️ Executes arbitrary commands
⚠️ Reads/exfiltrates files
⚠️ Disables antivirus
DM us and stay protected. paxioncyber.com
#CyberSecurity #Malware #RAT #AI #InfoSec #PaxionCyber
Disguised as an “AI companion tool,” it:
⚠️ Executes arbitrary commands
⚠️ Reads/exfiltrates files
⚠️ Disables antivirus
DM us and stay protected. paxioncyber.com
#CyberSecurity #Malware #RAT #AI #InfoSec #PaxionCyber
September 1, 2025 at 12:04 PM
🚨 New Threat: AI Waifu RAT Malware 🚨
Disguised as an “AI companion tool,” it:
⚠️ Executes arbitrary commands
⚠️ Reads/exfiltrates files
⚠️ Disables antivirus
DM us and stay protected. paxioncyber.com
#CyberSecurity #Malware #RAT #AI #InfoSec #PaxionCyber
Disguised as an “AI companion tool,” it:
⚠️ Executes arbitrary commands
⚠️ Reads/exfiltrates files
⚠️ Disables antivirus
DM us and stay protected. paxioncyber.com
#CyberSecurity #Malware #RAT #AI #InfoSec #PaxionCyber
Reposted by Paxion Cybersecurity
Reposted by Paxion Cybersecurity
7,500 Instacart and Shipt gig worker accounts hacked.
Cyber awareness and strong defenses are crucial for gig workers and companies handling sensitive customer data.
⚠️ Always verify code requests!
🔒 Paxion Cyber: Simplify. Educate. Secure.
#CyberSecurity #PhishingAwareness
Cyber awareness and strong defenses are crucial for gig workers and companies handling sensitive customer data.
⚠️ Always verify code requests!
🔒 Paxion Cyber: Simplify. Educate. Secure.
#CyberSecurity #PhishingAwareness
August 28, 2025 at 1:31 PM
7,500 Instacart and Shipt gig worker accounts hacked.
Cyber awareness and strong defenses are crucial for gig workers and companies handling sensitive customer data.
⚠️ Always verify code requests!
🔒 Paxion Cyber: Simplify. Educate. Secure.
#CyberSecurity #PhishingAwareness
Cyber awareness and strong defenses are crucial for gig workers and companies handling sensitive customer data.
⚠️ Always verify code requests!
🔒 Paxion Cyber: Simplify. Educate. Secure.
#CyberSecurity #PhishingAwareness
Reposted by Paxion Cybersecurity
New Chrome 0-Day (CVE-2025-9478)
Critical use-after-free flaw in Chrome’s ANGLE library allows arbitrary code execution. Full system compromise is possible.
✅ Update Chrome to v139.0.7258.154/.155+
🔐 Use EDR, browser isolation, and CSP.
#CyberSecurity #Chrome #0day #InfoSec
Critical use-after-free flaw in Chrome’s ANGLE library allows arbitrary code execution. Full system compromise is possible.
✅ Update Chrome to v139.0.7258.154/.155+
🔐 Use EDR, browser isolation, and CSP.
#CyberSecurity #Chrome #0day #InfoSec
August 27, 2025 at 3:13 PM
New Chrome 0-Day (CVE-2025-9478)
Critical use-after-free flaw in Chrome’s ANGLE library allows arbitrary code execution. Full system compromise is possible.
✅ Update Chrome to v139.0.7258.154/.155+
🔐 Use EDR, browser isolation, and CSP.
#CyberSecurity #Chrome #0day #InfoSec
Critical use-after-free flaw in Chrome’s ANGLE library allows arbitrary code execution. Full system compromise is possible.
✅ Update Chrome to v139.0.7258.154/.155+
🔐 Use EDR, browser isolation, and CSP.
#CyberSecurity #Chrome #0day #InfoSec
7,500 Instacart and Shipt gig worker accounts hacked.
Cyber awareness and strong defenses are crucial for gig workers and companies handling sensitive customer data.
⚠️ Always verify code requests!
🔒 Paxion Cyber: Simplify. Educate. Secure.
#CyberSecurity #PhishingAwareness
Cyber awareness and strong defenses are crucial for gig workers and companies handling sensitive customer data.
⚠️ Always verify code requests!
🔒 Paxion Cyber: Simplify. Educate. Secure.
#CyberSecurity #PhishingAwareness
August 28, 2025 at 1:31 PM
7,500 Instacart and Shipt gig worker accounts hacked.
Cyber awareness and strong defenses are crucial for gig workers and companies handling sensitive customer data.
⚠️ Always verify code requests!
🔒 Paxion Cyber: Simplify. Educate. Secure.
#CyberSecurity #PhishingAwareness
Cyber awareness and strong defenses are crucial for gig workers and companies handling sensitive customer data.
⚠️ Always verify code requests!
🔒 Paxion Cyber: Simplify. Educate. Secure.
#CyberSecurity #PhishingAwareness
New Chrome 0-Day (CVE-2025-9478)
Critical use-after-free flaw in Chrome’s ANGLE library allows arbitrary code execution. Full system compromise is possible.
✅ Update Chrome to v139.0.7258.154/.155+
🔐 Use EDR, browser isolation, and CSP.
#CyberSecurity #Chrome #0day #InfoSec
Critical use-after-free flaw in Chrome’s ANGLE library allows arbitrary code execution. Full system compromise is possible.
✅ Update Chrome to v139.0.7258.154/.155+
🔐 Use EDR, browser isolation, and CSP.
#CyberSecurity #Chrome #0day #InfoSec
August 27, 2025 at 3:13 PM
New Chrome 0-Day (CVE-2025-9478)
Critical use-after-free flaw in Chrome’s ANGLE library allows arbitrary code execution. Full system compromise is possible.
✅ Update Chrome to v139.0.7258.154/.155+
🔐 Use EDR, browser isolation, and CSP.
#CyberSecurity #Chrome #0day #InfoSec
Critical use-after-free flaw in Chrome’s ANGLE library allows arbitrary code execution. Full system compromise is possible.
✅ Update Chrome to v139.0.7258.154/.155+
🔐 Use EDR, browser isolation, and CSP.
#CyberSecurity #Chrome #0day #InfoSec
Reposted by Paxion Cybersecurity
Pirated games are a new cyber weapon.
Attackers spread HijackLoader malware via trusted piracy sites, bypassing SmartScreen + Adblockers.
Paxion offers proactive defense against evolving threats.
🔒 Stay protected. Don’t take risks.
#CyberSecurity #HijackLoader #PiratedGames
Attackers spread HijackLoader malware via trusted piracy sites, bypassing SmartScreen + Adblockers.
Paxion offers proactive defense against evolving threats.
🔒 Stay protected. Don’t take risks.
#CyberSecurity #HijackLoader #PiratedGames
August 19, 2025 at 1:29 PM
Pirated games are a new cyber weapon.
Attackers spread HijackLoader malware via trusted piracy sites, bypassing SmartScreen + Adblockers.
Paxion offers proactive defense against evolving threats.
🔒 Stay protected. Don’t take risks.
#CyberSecurity #HijackLoader #PiratedGames
Attackers spread HijackLoader malware via trusted piracy sites, bypassing SmartScreen + Adblockers.
Paxion offers proactive defense against evolving threats.
🔒 Stay protected. Don’t take risks.
#CyberSecurity #HijackLoader #PiratedGames
Reposted by Paxion Cybersecurity
RingReaper malware targets Linux servers, using io_uring to evade EDR solutions.
⚠️ Capabilities:
🔹 Process & network discovery
🔹 Privilege escalation
🔹 Self-destructs to hide traces
Our proactive defenses catch what others miss.
#RingReaper #LinuxMalware
⚠️ Capabilities:
🔹 Process & network discovery
🔹 Privilege escalation
🔹 Self-destructs to hide traces
Our proactive defenses catch what others miss.
#RingReaper #LinuxMalware
August 20, 2025 at 12:51 PM
RingReaper malware targets Linux servers, using io_uring to evade EDR solutions.
⚠️ Capabilities:
🔹 Process & network discovery
🔹 Privilege escalation
🔹 Self-destructs to hide traces
Our proactive defenses catch what others miss.
#RingReaper #LinuxMalware
⚠️ Capabilities:
🔹 Process & network discovery
🔹 Privilege escalation
🔹 Self-destructs to hide traces
Our proactive defenses catch what others miss.
#RingReaper #LinuxMalware
Reposted by Paxion Cybersecurity
Group UNC5518 hacks real websites to inject fake CAPTCHAs that trick users into running malware.
➡️ One click = malicious PowerShell command
➡️ Payload = CORNFLAKE.V3 backdoor
🔒Stay sharp. Stay secure. Stay Paxion.
#CyberSecurity #Malware #ClickFix #Paxion #FakeCAPTCHA
➡️ One click = malicious PowerShell command
➡️ Payload = CORNFLAKE.V3 backdoor
🔒Stay sharp. Stay secure. Stay Paxion.
#CyberSecurity #Malware #ClickFix #Paxion #FakeCAPTCHA
August 21, 2025 at 12:36 PM
Group UNC5518 hacks real websites to inject fake CAPTCHAs that trick users into running malware.
➡️ One click = malicious PowerShell command
➡️ Payload = CORNFLAKE.V3 backdoor
🔒Stay sharp. Stay secure. Stay Paxion.
#CyberSecurity #Malware #ClickFix #Paxion #FakeCAPTCHA
➡️ One click = malicious PowerShell command
➡️ Payload = CORNFLAKE.V3 backdoor
🔒Stay sharp. Stay secure. Stay Paxion.
#CyberSecurity #Malware #ClickFix #Paxion #FakeCAPTCHA
Reposted by Paxion Cybersecurity
Ransomware Strikes Drug Research Firm Inotiv
Don’t let a cyberattack derail your mission. Visit paxioncyber.com to learn how we can secure your future.
#Cybersecurity #PaxionCyber #CyberResilience #InfoSec #DataProtection
Don’t let a cyberattack derail your mission. Visit paxioncyber.com to learn how we can secure your future.
#Cybersecurity #PaxionCyber #CyberResilience #InfoSec #DataProtection
August 25, 2025 at 2:43 PM
Ransomware Strikes Drug Research Firm Inotiv
Don’t let a cyberattack derail your mission. Visit paxioncyber.com to learn how we can secure your future.
#Cybersecurity #PaxionCyber #CyberResilience #InfoSec #DataProtection
Don’t let a cyberattack derail your mission. Visit paxioncyber.com to learn how we can secure your future.
#Cybersecurity #PaxionCyber #CyberResilience #InfoSec #DataProtection
Reposted by Paxion Cybersecurity
⚠️ New AI risk: Prompt Insertion Attacks.
Hackers can embed malicious instructions in an OpenAI account name, bypassing filters and exposing system prompts.
#AI #CybersecurityNews #LLM #Prompts #PaxionCyber
🔗 cybersecuritynews.com/openai-name-...
Hackers can embed malicious instructions in an OpenAI account name, bypassing filters and exposing system prompts.
#AI #CybersecurityNews #LLM #Prompts #PaxionCyber
🔗 cybersecuritynews.com/openai-name-...
August 26, 2025 at 2:29 PM
⚠️ New AI risk: Prompt Insertion Attacks.
Hackers can embed malicious instructions in an OpenAI account name, bypassing filters and exposing system prompts.
#AI #CybersecurityNews #LLM #Prompts #PaxionCyber
🔗 cybersecuritynews.com/openai-name-...
Hackers can embed malicious instructions in an OpenAI account name, bypassing filters and exposing system prompts.
#AI #CybersecurityNews #LLM #Prompts #PaxionCyber
🔗 cybersecuritynews.com/openai-name-...
⚠️ New AI risk: Prompt Insertion Attacks.
Hackers can embed malicious instructions in an OpenAI account name, bypassing filters and exposing system prompts.
#AI #CybersecurityNews #LLM #Prompts #PaxionCyber
🔗 cybersecuritynews.com/openai-name-...
Hackers can embed malicious instructions in an OpenAI account name, bypassing filters and exposing system prompts.
#AI #CybersecurityNews #LLM #Prompts #PaxionCyber
🔗 cybersecuritynews.com/openai-name-...
August 26, 2025 at 2:29 PM
⚠️ New AI risk: Prompt Insertion Attacks.
Hackers can embed malicious instructions in an OpenAI account name, bypassing filters and exposing system prompts.
#AI #CybersecurityNews #LLM #Prompts #PaxionCyber
🔗 cybersecuritynews.com/openai-name-...
Hackers can embed malicious instructions in an OpenAI account name, bypassing filters and exposing system prompts.
#AI #CybersecurityNews #LLM #Prompts #PaxionCyber
🔗 cybersecuritynews.com/openai-name-...
Ransomware Strikes Drug Research Firm Inotiv
Don’t let a cyberattack derail your mission. Visit paxioncyber.com to learn how we can secure your future.
#Cybersecurity #PaxionCyber #CyberResilience #InfoSec #DataProtection
Don’t let a cyberattack derail your mission. Visit paxioncyber.com to learn how we can secure your future.
#Cybersecurity #PaxionCyber #CyberResilience #InfoSec #DataProtection
August 25, 2025 at 2:43 PM
Ransomware Strikes Drug Research Firm Inotiv
Don’t let a cyberattack derail your mission. Visit paxioncyber.com to learn how we can secure your future.
#Cybersecurity #PaxionCyber #CyberResilience #InfoSec #DataProtection
Don’t let a cyberattack derail your mission. Visit paxioncyber.com to learn how we can secure your future.
#Cybersecurity #PaxionCyber #CyberResilience #InfoSec #DataProtection