@proficioinc profile picture
Proficio @proficioinc

#Proficio is a World-Class #Cybersecurity Service Provider. We are changing the way organizations meet security & compliance requirements. #MDR

Joined January 2012
  • Tweets 11,704
  • Following 576
  • Followers 1,017
697 Photos and videos
Google Patches Actively Exploited Android Flaw (CVE-2025-48595) Affecting Millions of Devices via @SecurityAffairs #Proficio #ThreatNews #Cybersecurity #MSSP #MDR securityaffairs.com/193057/b…

Google Patches Actively Exploited Android Flaw Affecting Millions of Devices

Google fixed 124 Android flaws, including CVE-2025-48595, an actively exploited privilege escalation bug linked to targeted attacks.

securityaffairs.com
1
137
Threat Hunting Case Study: FileFix via @Intel471Inc #Proficio #ThreatNews #Cybersecurity #MSSP #MDR intel471.com/blog/threat-hun…

Threat Hunting Case Study: FileFix

FileFix bypasses Mark of the Web (MotW) protections by hijacking the Windows File Explorer address bar. Here is how to hunt for it.

intel471.com
99
The Meta AI exploit: how a prompt injection flaw bypassed 2FA to steal million-dollar Instagram accounts via @TheCyberSecGuru #Proficio #ThreatNews #Cybersecurity #MSSP #MDR thecybersecguru.com/news/ins…

Instagram Meta AI Vulnerability: How Hackers Bypassed 2FA with Prompt Injection | The CyberSec Guru

A critical Meta AI vulnerability on Instagram allowed hackers to bypass 2FA and hijack high-value OG accounts. Discover how the exploit worked

thecybersecguru.com
1
6
437
Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor via @Unit42_Intel #Proficio #ThreatNews #Cybersecurity #MSSP #MDR unit42.paloaltonetworks.com/…

Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor

Operation FlutterBridge is a malvertising campaign targeting macOS users. It distributed the new backdoor FlutterShell, built using the Flutter framework.

unit42.paloaltonetworks.com
64
The HazyBeacon Protocol: How Malware Weaponizes Amazon Web Services Lambda Function URLs via @qualys #Proficio #ThreatNews #Cybersecurity #MSSP #MDR blog.qualys.com/qualys-insig…

HazyBeacon and AWS Lambda Function URL Abuse | Cloud-Native C2 Explained | Qualys

What is HazyBeacon? Learn how attackers use AWS Lambda Function URLs for command and control, why cloud-native C2 is difficult to detect, and how to defend against serverless infrastructure abuse.

blog.qualys.com
1
1
88
Meet DriveSurge: A New Threat Actor Using ClickFix and Fake Update Drive-By Attacks in Thousands of Compromised Sites via @SilentPush #Proficio #ThreatNews #Cybersecurity #MSSP #MDR silentpush.com/blog/drivesur…

Meet DriveSurge: A New Threat Actor Using ClickFix and Fake Update Drive-By Attacks in Thousands of...

Silent Push observed several drive-by attack clusters using ClickFix and FakeUpdates campaigns. We named the primary driver DriveSurge.

silentpush.com
115
Why an HP Poly VoIP Phones Bug (CVE-2026-0826) Could Become an Enterprise Foothold via @SecurityAffairs #Proficio #ThreatNews #Cybersecurity #MSSP #MDR securityaffairs.com/193045/s…

Why an HP Poly VoIP Phones Bug Could Become an Enterprise Foothold

Rapid7 details a critical unauthenticated overflow in HP Poly VoIP phones that can lead to root RCE, with patches available for affected models.

securityaffairs.com
1
1
258
New Wave Of Phishing Emails with SVG Files via @sans_isc #Proficio #ThreatNews #Cybersecurity #MSSP #MDR isc.sans.edu/diary/New Wav…

New Wave Of Phishing Emails with SVG Files - SANS ISC

New Wave Of Phishing Emails with SVG Files, Author: Xavier Mertens

isc.sans.edu
1
1
115
Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign via @msftsecurity #Proficio #ThreatNews #Cybersecurity #MSSP #MDR microsoft.com/en-us/security…

Preinstall to persistence: Inside the Red Hat npm Miasma credential-stealing campaign | Microsoft...

A large-scale npm supply chain attack compromised over 90 versions of @redhat-cloud-services packages, silently infecting CI/CD environments and developer systems. The malicious code steals credent...

microsoft.com
82
Critical Windows Netlogon RCE flaw (CVE-2026-41089 ) now exploited in attacks via @BleepinComputer #Proficio #ThreatNews #Cybersecurity #MSSP #MDR bleepingcomputer.com/news/mi…

Critical Windows Netlogon RCE flaw now exploited in attacks

The Centre for Cybersecurity Belgium (CCB), the country's national authority for cybersecurity, warned on Friday that threat actors are now exploiting a recently patched critical Windows Netlogon...

bleepingcomputer.com
143
TeamPCP Supply Chain Campaign: Activity Through 2026-05-24 via @sans_isc #Proficio #ThreatNews #Cybersecurity #MSSP #MDR isc.sans.edu/diary/rss/33016

TeamPCP Supply Chain Campaign: Activity Through 2026-05-24

TeamPCP Supply Chain Campaign: Activity Through 2026-05-24, Author: Kenneth Hartman

isc.sans.edu
1
103
Ghost CMS SQL injection CVE-2026-26980 flaw exploited in large-scale ClickFix campaign via @BleepinComputer #Proficio #ThreatNews #Cybersecurity #MSSP #MDR bleepingcomputer.com/news/se…

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows.

bleepingcomputer.com
89
Millions of AI agents imperiled by critical vulnerability CVE-2026-48710 in open source package via @arstechnica #Proficio #ThreatNews #Cybersecurity #MSSP #MDR arstechnica.com/information-…

Millions of AI agents imperiled by critical vulnerability in open source package

BadHost" was found in Starlette, a package with 325 million weekly downloads.

arstechnica.com
117
U.S. CISA adds Trend Micro Apex One (CVE-2026-34926) and Langflow (CVE-2025-34291) to Known Exploited Vulnerabilities catalog via @SecurityAffairs #Proficio #ThreatNews #Cybersecurity #MSSP #MDR securityaffairs.com/192529/h…

U.S. CISA adds Trend Micro Apex One and Langflow to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Trend Micro Apex One and Langflow vulnerabilities to its Known Exploited Vulnerabilities catalog.

securityaffairs.com
1
137
Megalodon: Mass GitHub Repo Backdooring via CI Workflows via @safedepio #Proficio #ThreatNews #Cybersecurity #MSSP #MDR safedep.io/megalodon-mass-gi…
1
2
142
Hackers bypass SonicWall VPN MFA due to incomplete patching via @BleepinComputer #Proficio #ThreatNews #Cybersecurity #MSSP #MDR bleepingcomputer.com/news/se…

Hackers bypass SonicWall VPN MFA due to incomplete patching

Threat actors brute-forced VPN credentials and bypassed multi-factor authentication (MFA) on SonicWall Gen6 SSL-VPN appliances to deploy tools used in ransomware attacks.

bleepingcomputer.com
62
PinTheft Linux LPE flaw in the RDS subsystem has public exploit code, with Arch Linux users facing the highest risk via @SecurityAffairs #Proficio #ThreatNews #Cybersecurity #MSSP #MDR securityaffairs.com/192456/s…

PinTheft: Another Linux Privilege Escalation, Another Working Exploit, This Time Targeting Arch

PinTheft is a Linux LPE flaw in the RDS subsystem with public exploit code. Arch Linux users should patch it immediately

securityaffairs.com
1
88
Upcoming highly critical release on May 20, 2026, PSA-2026-05-18 via @drupal #Proficio #ThreatNews #Cybersecurity #MSSP #MDR drupal.org/psa-2026-05-18

Upcoming highly critical release on May 20, 2026 - PSA-2026-05-18

drupal.org
57
New GhostTree Attack Causing EDR Products to Hang and Leave Files Unscanned via @The_Cyber_News #Proficio #ThreatNews #Cybersecurity #MSSP #MDR cybersecuritynews.com/ghostt…

New GhostTree Attack Causing EDR Products to Hang and Leave Files Unscanned

A novel evasion technique called GhostTree, which exploits NTFS junctions to create recursive directory loops.

cybersecuritynews.com
3
141
Patch Now: Critical Flaw (CVE-2026-8153) in OT Robot OS Gives Attackers Control via @DarkReading #Proficio #ThreatNews #Cybersecurity #MSSP #MDR darkreading.com/ics-ot-secur…

Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control

An attacker can exploit the command injection flaw to gain remote access to robotic systems, causing significant disruption to the environment.

darkreading.com
1
102
Load more