Get the newest #cybersecurity updates right here. Stay informed and ahead of the curve with the latest insights.
Joined January 2020
- Tweets 445
- Following 48
- Followers 104
- Likes 29
69 Photos and videos
π¨ Malware for $100? Cybercrime is cheaper than you think.
A forum ad promotes a fully undetectable shellcode loader for just $100. Add $5 for a server, and youβre set to launch attacks.
π‘ Businesses must enhance detection with AI tools & educate teams. Cyber resilience is key!
192
π¨ HPE Data Breach Alleged by IntelBroker
IntelBroker claims to sell HPEβs sensitive data:
Private GitHub repos
API access, Docker builds
Zerto, iLO source code
Old user PII
β οΈ Risks: RCE, unauthorized access, phishing.
Stay alert for updates.
#DataBreach #CyberSecurity #HPE
140
π¨ #GiveWP plugin (100k installs) patched for a critical PHP Object Injection flaw (CVE-2025-22777, CVSS 9.8).
π₯ Exploitable via donation forms, allowing full site takeover (RCE).
π Update to v3.19.4 immediately!
#WordPress #CyberSecurity #RCE #Vulnerability
1
147
π¨ Critical bug in #Windows 11 24H2 blocks security updates!
π
Affected: Installs using media with Oct/Nov 2024 security updates.
β No impact on Windows Update installs.
π§ Fix:
Avoid outdated media.
Use Dec 2024 update or later.
Reinstall with updated media if needed.
75
π¨ Critical flaws in WPLMS & VibeBP WordPress plugins!
CVE-2024-56046: Arbitrary file uploads β RCE risk
CVE-2024-56043: Privilege escalation β Admin takeover
CVE-2024-56042: SQL injection β DB exposure
π Updates:
WPLMS v1.9.9.5.3
VibeBP v1.9.9.7.7
#CyberSecurity #WordPress
1
76
π¨ CVE-2024-49775: Critical #Siemens UMC flaw (CVSS 9.8) enables remote code execution!
Affected products:
TIA Portal (v16β19)
SIMATIC PCS neo
Opcenter apps
β οΈ Mitigation: Filter ports 4002/4004, block 4004 if RT servers unused.
Act now to secure your systems! #CyberSecurity
104
π¨ Xloader #malware via fake #SharePoint emails!
#Phishing emails with "Open Files" link
Downloads malicious document.exe
Injects into processes, steals credentials
Stay vigilant!
#CyberSecurity #Xloader
54
π¨ Claim of #Italy Police Data Leak π¨
A Telegram channel claims to sell Italian police documents, often linked to major #databreaches.
π Details unverified, but if true, this could be a critical security incident.
#CyberSecurity #InfoSec
113
π¨ CVE-2024-49112: Critical #Windows LDAP Flaw
#Microsoft fixes an RCE vulnerability (CVSS 9.8) in LDAP, exposing networks to major risk.
Affects Windows 10/11 & Server versions.
Exploitable via crafted LDAP requests.
Patch now to secure #Domain #Controllers!
#CyberSecurity
196
π¨ Critical vulnerabilities in #Volkswagen Group cars
12 flaws in #MIB3 infotainment systems allow attackers to:
Track GPS in real-time
Execute remote code
Access contacts, record conversations
#VW confirms fixes underway. Update systems now!
#CyberSecurity #AutomotiveSecurity
117
π¨ NoviSpy spyware targets journalists & activists in Serbia using Qualcomm zero-day flaws (e.g., CVE-2024-43047).
π Installs via zero-click VoLTE calls
π Targets Android kernel persistently
β οΈ Patch devices now to mitigate!
#CyberSecurity #Spyware #ZeroDay
159
π¨ 390K WordPress credentials stolen via malicious GitHub repo targeting security researchers & red teamers.
π΄ Victims lost SSH keys, AWS creds, & more
π Avoid fake PoCs & validate repositories
β οΈ Check system integrity for miners & leaks
#CyberSecurity #DataBreach #GitHub
45
π¨ #Databreach alert: Database from avisinterac.it leaked, exposing 420K blood donors' data
π©Έ Leaked info: Names, addresses, blood types, phone numbers, emails, IDs, and sensitive medical info.
βΌοΈ Users: Beware of phishing!
π’ Update your privacy settings
#DataBreach
50
π¨ convoC2: a new red team tool to execute system commands via #MicrosoftTeams
πΉ Commands embedded in span tags
πΉ Outputs hidden in Adaptive Cards URLs
πΉ Operates via MS servers, bypassing AV
β οΈ Use ethically! Blue teams must monitor Teams logs closely. #CyberSecurity
76
π¨ Microsoft fixes 72 flaws in #PatchTuesday, including an exploited CLFS privilege escalation bug (CVE-2024-49138).
π» Highlights:
* LDAP RCE flaw (CVSS 9.8)
* Ransomware-linked CLFS exploits
* CISA mandates patching by Dec 31.
π Update now!
#CyberSecurity #Microsoft
146
π¨ New #Windows #ZeroDay (CVE-2024-38193) actively exploited!
This use-after-free bug in afd.sys allows privilege escalation to SYSTEM.
Lazarus linked to attacks using malware FudModule. PoC published on GitHub.
π‘ Patch now: August 2024 updates available. #CyberSecurity
225