🚨 [New supply chain attack declared]: flow-lending flow-lending is an npm package posing as a DeFi lending/Flow-blockchain utility, part of a cluster of malicious "flow" packages (alongside flow-lending-sdk and janus-flow) now flagged on npm. Malware was found in it (GHSA-pgcr-8w67-72j9). Any system with it installed or running is fully compromised, with full control possibly handed to an outside entity. → Isolate from network, rotate all secrets from a clean machine, remove the package, then audit/reimage Full details 👇 supplychainattack.org/incide… #supplychain #SupplyChainSecurity #infosec #CyberSecurity #npm #flowlending #malware #DevSecOps #Web3Security #ThreatIntel #OpenSource

Reimage the playoffs with Luka and defensive wing/center. Not sure if its enough to win against OKC/Spurs but would love to see it.

The patch complied. FIRESTARTER still had a home on your Cisco ASA/FTD. ArcaneDoor/UAT-4356/Storm-1849 is a nasty reminder that "fixed" releases and reboot scripts do NOT equal eviction: - FXOS-level persistence - Survives upgrades firmware updates - Needs reimage cold power cycle to be sure If your IR playbook treats edge appliances like boring Linux servers, you’re subsidizing the actor’s strategy. The article walks through the game theory: why serious operators will keep investing in persistence on firewalls, VPNs, and other under-instrumented edge boxes—and how defenders need to change what “remediated” means. Full breakdown: blog.alphahunt.io/game-theor… #Cisco #ArcaneDoor #FIRESTARTER #ASA #FTD #DFIR

✦ Hadiah edisi pertama volume 7: Fotokartu & fotokartu transparan ✦ Hadiah edisi pertama volume 8: Fotokartu & kartu gaya polaroid ✦ Halaman bonus edisi terbatas (per volume) ✦ Event hadiah pembelian di Reimage Shop ✦ Event poster bertanda tangan langsung oleh penulis

🚨 Alert => [New supply chain attack declared]: vite-config-react vite-config-react is an npm package posing as a Vite React config helper, riding on the popularity of the Vite build tool to lure front-end developers into installing it. Malware was found in it (GHSA-9j99-p89c-pjwq). Any system with it installed or running is fully compromised, with attackers gaining full control. → Isolate from network, rotate all secrets and signing keys from a clean machine, remove the package, then audit/reimage Full details 👇 supplychainattack.org/incide… #supplychain #SupplyChainSecurity #infosec #CyberSecurity #npm #viteconfigreact #malware #DevSecOps #AppSec #ThreatIntel #OpenSource

🚨 [New supply chain attack declared]: websocket-slot websocket-slot is an npm package presenting itself as a WebSocket connection/slot management utility for real-time JS apps, named to blend into backend dependency trees. Malware was found in it (GHSA-27vg-w6vw-2rq8). Any system with it installed or running is fully compromised, with attackers gaining full control. → Isolate from network, rotate all secrets from a clean machine, remove the package, then audit/reimage Full details 👇 supplychainattack.org/incide… #supplychain #SupplyChainSecurity #infosec #CyberSecurity #npm #websocketslot #malware #DevSecOps #AppSec #ThreatIntel #OpenSource

🚨 [New supply chain attack declared]: ect-472839 ect-472839 is an npm package with a randomized, throwaway-style name, the kind used in automated malware-flooding campaigns to slip into dependency trees unnoticed. Malware was found in it (GHSA-6mm4-66fp-hmxv). Any system with it installed or running is fully compromised, with attackers gaining full control. → Isolate from network, rotate all secrets from a clean machine, remove the package, then audit/reimage Full details 👇 supplychainattack.org/incide… #supplychain #SupplyChainSecurity #infosec #CyberSecurity #npm #ect472839 #malware #DevSecOps #AppSec #ThreatIntel #OpenSource

Misery Signals - Of Malice and the Magnum Heart Reimage

Thank you for not using AI to reimage portraits of the saints of long ago!

Devourment - Pious Impiety Reimage

🚨 [New supply chain attack declared]: ecto-flag-read-m7p2 ecto-flag-read-m7p2 is an npm package with a randomized, throwaway-style name, part of a cluster of malicious "ecto" packages now flagged on npm. Malware was found in it (GHSA-ggf2-rhq7-qqgg). Any system with it installed or running is fully compromised, with full control granted to an outside entity. → Rotate all secrets from a clean machine, remove the package, then audit/reimage Full details 👇 supplychainattack.org/incide… #supplychain #SupplyChainSecurity #infosec #CyberSecurity #npm #ecto #malware #DevSecOps #AppSec #ThreatIntel #OpenSource