OSINT Researcher & Threat Intelligence Specialist | OPSEC | SOCMINT | Disinformation Defense | Let the data tell the story
Joined May 2025
- Tweets 102
- Following 72
- Followers 26
- Likes 596
6 Photos and videos
Velvet Tempest now pairing ClickFix social engineering with CastleRAT to deploy Termite ransomware. Using legitimate Windows utilities for defense evasion makes this harder to catch with standard EDR.
bleepingcomputer.com
42
OpenAI launched Codex Security to automate vuln discovery and remediation. The arms race is now AI vs AI. Defenders get automated patching, but attackers get automated exploit generation. Expect the window between disclosure and exploitation to shrink dramatically.
gbhackers.com
30
Claude Opus 4.6 found 22 novel vulns in Firefox in 14 days. AI models are now operating at the level of elite vulnerability researchers. The economics of bug discovery just changed permanently. Defenders need to assume adversaries have this capability too.
anthropic.com
30
China-linked group hitting South American telecom providers with three new malware families since 2024. Telecom espionage remains Beijing's most consistent targeting pattern globally. New tooling suggests dedicated operational investment in the region.
bankinfosecurity.com
26
New national cyber strategy shifts significant defensive burden to private sector while notably avoiding direct attribution of China and Russia. Six pillars, light on implementation detail.
cybersecuritydive.com
24
Barracuda SOC data shows a 10x spike in malicious network traffic from Iran to the US on Feb 25, just before kinetic operations escalated. Cyber surges preceding military action is a consistent Iranian pattern.
blog.barracuda.com
22
Cisco just dropped patches for 48 firewall vulns including two CVSS 10 flaws affecting Secure Firewall and Adaptive Security Appliance. Two perfect 10s in one advisory is rare. If you run Cisco firewalls, this is your weekend.
hackread.com
12
China suspected of breaching FBI surveillance network used for wiretaps and foreign intelligence collection. If confirmed, this is one of the most sensitive US law enforcement compromises in years.
reuters.com
13
Iranian APT Dust Specter targeting Iraqi government officials with new malware. Tehran's cyber ops against regional neighbors are intensifying alongside kinetic operations. Pattern is consistent: espionage campaigns expand during geopolitical escalation.
securityaffairs.com
32
CVE-2026-1492 in WordPress User Registration plugin allows unauthenticated admin account creation with zero interaction. CVSS 9.8. Over 60,000 active installs. If you run WordPress with third-party membership plugins, audit your admin user list today.
cybersecuritynews.com
55
VMware Aria Operations CVE-2026-22719 now actively exploited. Command injection flaw giving attackers unauthorized access. If you run Aria Ops and haven't patched yet, assume you're a target. This is the third major VMware vuln exploited in the wild this quarter.
petri.com
42
CVE-2021-22681 in Rockwell ICS products is now confirmed exploited in the wild. This is a 4-year-old auth bypass. Attackers are hitting industrial control systems with vulns that should have been patched long ago.
securityweek.com
38
JBS Brazil allegedly hit by Coinbasecartel ransomware group claiming 3TB exfiltrated. Ransomware crews are increasingly targeting food and agriculture sector supply chains. Industrial firms saw a 50% surge in ransomware attacks this cycle.
securitybrief.co.nz
1
54
Source: Russian APT targets Ukraine with BadPaw and MeowMeow malware securityaffairs.com/188974/a…
31
Source: MuddyWater backdoor targeting US networks theregister.com/2026/03/05/m…
32
Source: Google says 90 zero-days exploited in 2025 as commercial vendor activity grows therecord.media/google-says-…
23