@AlvieriD profile picture
Dominic Alvieri @AlvieriD

Cybersecurity Analyst | Security Researcher | CTI Deleted my own Facebook and hacked yours. thecybershow.blogspot.com

Joined July 2015
  • Tweets 13,432
  • Following 324
  • Followers 19,882
6,747 Photos and videos
Pinned Tweet
Dominic Alvieri
@AlvieriD
20 Mar 2022
BREAKING Microsoft allegedly breached. @campuscodi @vxunderground #cybersecurity #infosec @Microsoft
32
323
934
Dominic Alvieri retweeted
vx-underground
@vxunderground
13h
Holy cow Unlimited AI usage!!!! Just run GPT_Claude_Free.exe as admin
225
180
5,008
319,922
The Council of Europe has been breached by ShinyHunters. Human resources and payroll data from the Secretariat, Directorate of Human Resources, Parliamentary Assembly, EDQM and CVs, pay slips… @coe
1
11
26
1,779
Nintendo breached by Shadowbyt3s? First I’ve heard or seen Sorry to interrupt your video game
4
6
33
4,155
idk about the validity of this claim I need a break
1
4
888
Dominic Alvieri retweeted
Mandiant (part of Google Cloud)@Mandiant
Jun 11
🚨 ShinyHunters is exploiting an Oracle PeopleSoft vulnerability (CVE-2026-35273) as part of an extortion campaign targeting higher education. Read the full analysis, and get IOCs and remediation guidance to stay ahead of the threat: goo.gle/4e52jOz
3
40
105
14,211
New York Knicks won! Wouldn’t you know ShinyHunters wants to ruin the party - Madison Square Garden Sports Corp was breached by ShinyHunters Also New: American Tower Corporation JC Penny Allstream Zayo Authentic Brands & Catalyst subsidiaries
6
16
1,815
ShinyHunters has lots of bigs names left from two prior campaigns New Pink leak site “Passkey” domains found in prior intrusion set cluster confirming new derivatives to watch for Lapsus clearnet down all week but onion dls up. Must be killing them not to be able to shitpost
Dominic Alvieri
@AlvieriD
Jun 11
Ralph Lauren and Nexstar have been breached by ShinyHunters. @RalphLauren @NXSTMediaGroup
8
28
4,713
Ralph Lauren and Nexstar have been breached by ShinyHunters. @RalphLauren @NXSTMediaGroup
14
24
8,588
Nottingham University compromised - China and Malaysia campuses compromised as well by ShinyHunters
2
7
17
5,099
Dominic Alvieri retweeted
vx-underground
@vxunderground
Jun 5
> Microsoft GitHub repos banned > "Terms of Service violation" > ??? > Look inside > Was compromised ... was Microsoft going to become a victim of a supply chain attack on their own platform via their own product?
Rami McCarthy@ramimacisabird
Jun 5
🚒More fallout from the Mini Shai-Hulud campaign 49 Microsoft, Azure, and Azure-Samples GitHub repos were removed at 16:00 UTC for Terms of Service violations This is linked to news this morning that attackers had regained access, after the previous durabletask compromise
34
284
2,696
162,324
Dominic Alvieri retweeted
Unit 42@Unit42_Intel
Jun 3
We are tracking Pink (CL-CRI-1147), a new Com-affiliated extortion brand whose leak site went live 5/31/26. Pink uses vishing and IT impersonation to phish credentials/MFA, then exfiltrates enterprise cloud storage and productivity data to extort victims: bit.ly/4en565G
Map of the United States highlighting specific states in pink. The map is labeled, "You've made it to PINK," with options for "Pink Station," "Feed," "Who Are We," and "Verify." At the bottom, there's a key indicating "4 incidents" and "3 active states."

ALT Map of the United States highlighting specific states in pink. The map is labeled, "You've made it to PINK," with options for "Pink Station," "Feed," "Who Are We," and "Verify." At the bottom, there's a key indicating "4 incidents" and "3 active states."

Screenshot of ransomware leak site titled "What's happening right now." It has sections labeled "Announcements," "New Leaks," and "Headlines." The design is simple, with a dark background and white text.

ALT Screenshot of ransomware leak site titled "What's happening right now." It has sections labeled "Announcements," "New Leaks," and "Headlines." The design is simple, with a dark background and white text.

Screenshot of ransomware leak site introduction page with a summary of who PINK is.

ALT Screenshot of ransomware leak site introduction page with a summary of who PINK is.
22
68
8,960
The data leak threat is real
Dominic Alvieri
@AlvieriD
May 29
ShinyHunters again threatening ⚠️ I don’t think they have access to push a ransom note but the same hint posted ⚠️ Global corporate travel management giant BCD Travel has been breached Here are a few companies impacted: LinkedIn Pepsi Siemens Bloomberg NetApp Comcast Toshiba Merck Toyota T-Mobile AstrZeneca Lockheed Martin…
6
22
4,144
The ransom dumb ass of the day Nova Ransomware issues an apology to Eriell Group after realizing Eriell is in Uzbekistan Uzbekistan is part of the CIS
1
10
2,526
Lapsus breached INGKA Group INGKA controls 367 of 422 IKEA stores @IKEA
1
6
16
2,920
ShinyHunters again threatening ⚠️ I don’t think they have access to push a ransom note but the same hint posted ⚠️ Global corporate travel management giant BCD Travel has been breached Here are a few companies impacted: LinkedIn Pepsi Siemens Bloomberg NetApp Comcast Toshiba Merck Toyota T-Mobile AstrZeneca Lockheed Martin…
4
22
46
11,361
This exposes corporate employees and their travels so I doubt you’ll hear or see anything and their internal platform is segregated (allegedly)
1
6
1,163
Might have a new ShinyHunters clearnet /shinyhunte[.]red Unconfirmed but live…
6
21
151
17,684
✅ Just because the keys are listed doesn’t mean it is official…this is an easy scam to pull so stay alert
1
10
2,367
❌ officially not official ✅ always stay alert
1
14
1,891
Live Update No New ShinyHunter clearnet
Dominic Alvieri
@AlvieriD
May 27
Might have a new ShinyHunters clearnet /shinyhunte[.]red Unconfirmed but live…
3
23
2,895
Load more