Hacker y divulgador de ciberseguridad 👨🏻💻 Hago videos cortos y te enseño a protegerte. De momento ando en Data Security. 🕵🏻♂️ ~# whoami pablo
Joined November 2021
- Tweets 2,072
- Following 344
- Followers 10,222
- Likes 2,506
340 Photos and videos
Pinned Tweet
12 Sep 2023
Acabo de crear la lista de reproducción de #Spotify 🎶
Tenéis unas 5h de Electro Funk, Drum & Bass, Dubstep, Glitch-hop y algo de Rock. Y una canción del Kanka para terminar, de gratis 😎
Para hacking o ejercicio 👨🏻💻💪🏻
Ya me diréis qué os parece!
open.spotify.com/playlist/5j…
1
27
9,947
Hackermate retweeted
Feb 17
🚨Cyber Alert ‼️
🇪🇸Spain - Multiple Government And Public Sector Entities
SERVER KILLERS and Noname057(16) hacktivist groups claim to have launched coordinated DDoS attacks against multiple Spanish government and public sector entities.
Claimed targeted entities:
- Secretaría De Estado De Turismo
- Ministerio de Industria y Turismo
- Ministerio de Economía, Comercio y Empresa
- Economiaindustrial
- La Moncloa
- Sede electrónica de la Policía Nacional
- Cybersecurity Coordination Office
- Ministerio de Transportes y Movilidad Sostenible
- Ministerio de Hacienda
- Ministerio del Interior
- Ministerio De Energía, Turismo Y Agenda Digital
- Ministerio De Industria Y Turismo
- Eusko Legebiltzarra - Parlamento Vasco
- Patronato Provincial de Turismo de Granada
- TRAM D’Alacant
- Metrovalencia
- Transportepublico[.]es
- El Casco
- Transportes Rober
- Concello da Coruña
- Parlamento de Canarias
- Instituto IMDEA Energía
Threat actor: SERVER KILLERS; Noname057(16)
Sector: Gov / Mil / LE; Transportation; Manufacturing; Professional
Data exposure (claimed): /
Data type: /
Observed: Feb 16–17, 2026
Status: Confirmed
ESIX© (avg): 3.16
Full details and impact assessment on HackRisk.io
46
294
737
117,647
Hackermate retweeted
15 Oct 2025
🚨🚨Cyberattack Alert ‼️
🇪🇸Spain - Agencia Tributaria
Qilin hacking group claims to have breached Agencia Tributaria.
According to the attackers, 60 GB of data (238,799 files) have been exfiltrated. Sample have been provided.
Observed: Oct 15, 2025
Status: Unverified claim
Sector: Gov / Mil / LE
Claim observed on a dark web leak site monitored by Hackmanac Team.
—
Hackmanac provides Strategic Cyber Threat Intelligence and our posts are shared for early warning and awareness.
Data derived from open and dark web monitoring, no confidential or leaked material is redistributed.
Full analyses, ESIX metrics, and further insights available on HackRisk.io
166
1,089
2,225
512,611
Hackermate retweeted
10 Aug 2025
Hackers can now hijack Microsoft Domain Controllers into a global DDoS botnet—no malware, no creds, no trace.
At DEF CON, researchers revealed “Win-DDoS”: a flaw that can weaponize tens of thousands of public DCs to flood targets, crash systems, or trigger BSODs—remotely.
Here’s how it works → thehackernews.com/2025/08/ne…
14
178
501
56,880
Hackermate retweeted
4 Aug 2025
Chema Alonso se incorpora a Cloudflare como vicepresidente y responsable de desarrollo internacional
zonamovilidad.es/movil/notic…
127
154
1,056
1,124,512
2 Jul 2025
Gente, sed amables con los demás.
La inteligencia o los reconocimientos que tengáis no os definen como persona, pero la bondad, empatía y comprensión sí.
Vuestra humanidad se mide en lo que hagáis valer a los demás 🫶🏻
Algunos no lo tienen demasiado claro aún.
3
26
105
5,996
10 Apr 2025
Super interesante amigos!
9 Apr 2025
Me complace anunciar el lanzamiento de Cybersecurity AI (CAI), un framework open source de agentes autónomos diseñado para abordar escenarios y ejercicios de ciberseguridad.
Junto a este framework, publicamos el paper:
📄:“CAI, a bug bounty-ready Cybersecurity AI”,
🧬: arxiv.org/abs/2504.06017
una contribución al avance del estado del arte abierto en agentes aplicados a seguridad informática.
pip3 install cai-framework
cai
📊 Resultados destacados de CAI relatados en el paper:
• 🧪 Top 30 en HackTheBox España en <1 semana
• 🤖 Top 1 en agentes de IA del CTF competitivo “AI vs Humans” de HackTheBox
• ⚔️ Máquinas medium y hard resueltas de forma completamente autónoma
• 🧭 Máquinas insane con un mínimo nivel de Human-in-the-Loop
• 🐞 Bug bounties reales completados exitosamente
📚 En el artículo analizamos las capacidades reales de modelos fundacionales (SOTA LLMs) aplicados al pentesting, CTFs competitivos y escenarios ofensivos realistas.
🔗 CAI es un framework multiagente, modular, agnóstico al modelo y que ofrece un SDK de agentes para ciberseguridad, con soporte integrado para:
DeepSeek-V3, Qwen 2.5, LLaMA 3, GPT (3.5/4), Claude (Opus/Sonnet), Gemini, O1/O3… y otros modelos abiertos y propietarios.
🧰 Además, Ofrece una CLI interactiva donde el usuario puede:
• Configurar 🛠️ agentes, herramientas ofensivas, targets y entornos
• Seleccionar modelos 🔄 y patrones agénticos
• Compatibilidad con servidores MCP (Especialmente util en Ghidra y BurpSuite)
• Iniciar, Interrumpir, reconfigurar y retomar el flujo de ejecución de los agentes
Todo bajo una filosofía híbrida: 🧑💻 usabilidad de frameworks clásicos de ciberseguridad 💬 interfaces conversacionales adaptadas a arquitecturas multiagente, con la IA como núcleo operativo.
🔬 Esta investigación ha sido posible gracias a la colaboración interdisciplinar de investigadores y apasionados en ingeniería inversa, IA generativa, red teaming y automatización.
📌 En breve publicaremos PoCs, tutoriales técnicos.
🔬 Código disponible en: github.com/aliasrobotics/cai
Unete a nuestro discord:
discord.gg/fnUFcTaQAC
Mención especial: @vmayoralv @francisco_oca
1
5
1,021
Hackermate retweeted
28 Feb 2025
A Serbian student protester's Android phone was targeted by a zero-day exploit from Cellebrite, exploiting vulnerabilities in USB drivers to bypass security and unlock the device.
Read the full article to uncover how this exploit was used: thehackernews.com/2025/02/am…
1
20
39
10,368
Hackermate retweeted
19 Nov 2024
T-Mobile confirms being targeted in a Chinese cyber espionage campaign alongside AT&T, Verizon, and others.
Salt Typhoon attack seeks sensitive communications from high-value targets.
Full analysis of this growing threat here: thehackernews.com/2024/11/ch…
#CyberSecurity #Infosec
2
63
114
15,683
Hackermate retweeted
26 Oct 2024
It's being reported that the CEO of Microsoft, Satya Nadella, is receiving a 63% pay raise. This will make his total compensation be a remarkable $73,000,000 annually.
This comes after dozens of Microsoft security oopsies and layoffs.
Very cool
47
192
2,579
99,726
Hackermate retweeted
14 Oct 2024
🔔 Update: The Tor Project has issued an emergency update (v13.5.7) to address CVE-2024-9680, a Firefox flaw currently under active exploitation, reportedly targeting Tor Browser users.
thehackernews.com/2024/10/mo…
It may allow control of the browser but likely won't affect Tails' anonymity.
10 Oct 2024
🚨 Warning: A critical #vulnerability (CVE-2024-9680) in Firefox is being actively exploited.
Don’t wait—ensure your browsers are updated now to protect against potential remote code execution.
Learn more: thehackernews.com/2024/10/mo…
#cybersecurity #hacking
2
56
129
42,555
Hackermate retweeted
12 Oct 2024
Google removing Bitcoin price from its search tells you one thing and one thing only …
489
210
3,626
645,144
7 Oct 2024
RT @Jhaddix: Pro tip for hackers who accidentally get IP banned by Akamai or Cloudflare on their home IP:
Many ISPs will requisition a new…
165
15 Sep 2024
Abro debate:
¿Las capas de sesión, presentación y “aplicación”, son todas de Aplicación o estáis de acuerdo con esta separación?
Os leo si queréis 🙄
2
3
1,259
4 Sep 2024
Y otra vez! Se nos acumulan los paquetes maliciosos, gente 💀
4 Sep 2024
New supply chain attack, Revival Hijack, could target 22,000 PyPI packages, risking thousands of malicious downloads. Removed packages are being re-registered, exposing developers to supply chain risks. Check your #DevOps pipelines!
thehackernews.com/2024/09/ha…
#cybersecurity
2
816
Hackermate retweeted
30 Aug 2024
Seems to be some confusion with some about the announcement of the OSCP . Mostly around what happens to the OSCP?
Let's be clear - The OSCP does not expire. Will not expire. And will still be issued. No changes to the OSCP are being made.
However there are a number of cert holders that work places that mandate a certification to expire. The current OSCP does not help these individuals at all. So, enter the OSCP , which was created to provide benefits to these users and does expire.
If you are not in a situation where you require an expiring certification, thats great. Nothing changes for you, you can ignore the OSCP .
If you do require an expiring cert, then starting Nov 1st the OSCP will help you out.
We set this up in a way where we are careful not to take anything away from existing cert holders or those that do not require an expiring cert. This should be fully an expansion of benefits, with nothing taken away.
Full details of the changes that were announced today are at:
help.offsec.com/hc/en-us/art…
help.offsec.com/hc/en-us/art…
Also we will be doing a webinar the morning of the 6th, and standard office hours on discord at 1pm eastern. Happy to talk through questions with everyone then! - Jim
38
71
284
107,020
Hackermate retweeted
25 Aug 2024
If only there were a political movement focused on making the government get out of the way and just leave you alone. An ideology to answer the growing prison-planet problem. Name it something that evokes the spirit of liberty, you know? We could all use some of that.
If only.
1,441
4,916
32,078
1,294,365
Hackermate retweeted
24 Aug 2024
Telegram’s founder was arrested today.
Tornado Cash’s co-founder is still in jail.
Samourai Wallet’s founders were also jailed.
Silk Road’s founder is serving two life sentences.
And how many people from the Epstein client list have also been incarcerated?
177
2,917
13,270
549,134