Poland's energy systems breached - Openclaws unsafe - Claude Opus 4.6 - F5 - NGINX vulns - APT_Q_27
YouTube video by Alexandre Blanc (Cyber Security)
www.youtube.com/watch?v=X3mp...
10.02.2026 16:15
π 0
π 0
π¬ 0
π 0
Your electricity bill is going up because data centers are raising demand, not because your utility started scaling out some renewables. Pass it on.
05.09.2025 02:34
π 6133
π 2126
π¬ 108
π 64
Acting for good, at all scale and any scale is the only thing that matters.
05.09.2025 13:18
π 1
π 0
π¬ 0
π 0
Dozens of malicious packages on NPM collect host and network data
60 packages have been discovered in the NPM index that attempt toΒ collect sensitive host and network data and send it to a Discord webhook controlled by the threat actor.
Threat actors start by publishing legitimate packages to build trust, then
π Dozens of malicious packages on NPM collect host and network data
These malicious packages collect :
βΆοΈHostname
βΆοΈInternal IP address
βΆοΈUser home directory
βΆοΈCurrent working directory
βΆοΈUsername
βΆοΈSystem DNS servers
23.05.2025 18:41
π 0
π 0
π¬ 0
π 0
The Computer Dudes Inc
Computer Dudes is a computer services, engineering, research, security and programming company that works with all Systems and Operating Systems. Computer Dudes was founded by Todd W. Byars in Tallah...
A theoretical model for deep-space coms using high-powered laser signals that exploit relativistic and gravitational phenomena named "The Great Loopback" has been verified by chatGPT.
The Theorem explores laser overcoming classical spacetime constraints.
www.thecomputerdudesinc.com/index.php
17.05.2025 14:41
π 1
π 1
π¬ 0
π 0
VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked - Pwn2Own Day 2
Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering critical vulnerabilities.
It's only a matter of time and effort to hack systems. Pwn20wn is interesting in this, reminding that everything can be hacked.
Security is about to reduce the likelihood of an incident, but nothing is bullet proof.
connected=hacked
gbhackers.com/vmware-esxi-...
17.05.2025 15:33
π 2
π 0
π¬ 0
π 0
Printer Company Distributes Malicious Drivers Infected with XRed Malware
Procolored, a printer manufacturing company, has been found distributing software drivers infected with malicious code.
Printer Company Distributes Malicious Drivers Infected with XRed Malware
Procolored initially dismissed the antivirus alerts as false positives but removed the downloads from their website around May 8, 2025, after persistent concerns.
They have since provided clean software packages.
16.05.2025 17:50
π 0
π 0
π¬ 0
π 0
New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads
A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through a highly sophisticated phishing-based attack.
New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads
Multi-stage infection chain that begins with a deceptive PDF document titled βPay Adjustment.β This document lures victims into downloading a malicious ZIP file hosted on Netlify, a popular web hosting platform.
16.05.2025 17:46
π 0
π 0
π¬ 0
π 0
Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication
A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign embedded within the innocuous package.
A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign embedded within the seemingly innocuous package os-info-checker-es6. First published on March 19, 2025, with initial versions appearing benign, the package rapidly evolved into a complex threat.
16.05.2025 17:44
π 0
π 0
π¬ 0
π 0
BREAKING: 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. - Dutch Operation
Dutch and U.S. law enforcement have dismantled a long-running criminal proxy botnet powered by over 7,000 infected IoT and end-of-life (EoL) devices
You can go for opensense, pfsense, and many other options, it can run on small PCs with 2 network cards, or in virtual machines if you have the setup.
Just don't keep outdated EOL firewalls and routers !
connected=hacked
#cybersecurity
thehackernews.com/2025/05/brea...
09.05.2025 20:42
π 1
π 0
π¬ 0
π 0
Ascension says recent data breach affects over 430,000 patients
Ascension, one of the largest private healthcare systems in the United States, has revealed that the personal and healthcare information of over 430,000 patients was exposed in a data breach disclosed...
The bigger an organization is, the bigger the challenge is to protect data.
π¬ Ascension says recent data breach affects over 430,000 patients
Zero day, third party vulnerable tools, and lack of visibility on complex tech stack kind of make it challenging to assess the impact.
connected=hacked
09.05.2025 20:41
π 0
π 0
π¬ 0
π 0
New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems
Multiple AI jailbreaks and tool poisoning flaws expose GenAI systems like GPT-4.1 and MCP to critical security risks.
With AI, you don't need much to hack the system, you just have to talk like a care salesman, and it will give it all !
Hopefully you run your local private GenAI stack, so as you limit the exposure of it. Yet, when hosting your own instance, be aware of the models you use. #cybersecurity #AI
29.04.2025 19:00
π 0
π 0
π¬ 0
π 0
44% of the zero-days exploited in 2024 were in enterprise solutions - Help Net Security
In 2024, threat actors exploited 75 zero-days - i.e., unknown vulnerabilities without an available patch - in a wide variety of attacks.
It makes sense to see more exploit targeting enterprise, as this is where transnational criminal organizations actually can take money.
π‘ This is a good reminder for organization to make sure they keep their enterprise solutions patched, with best security practices in place.
#cybersecurity
29.04.2025 18:54
π 0
π 0
π¬ 0
π 0
Multiple Cisco Tools at Risk from Erlang/OTP SSH Remote Code Execution Flaw
Cisco has issued a high-severity advisory (cisco-sa-erlang-otp-ssh-xyZZy) warning of a critical remote code execution (RCE) vulnerability in products using Erlang/OTPβs SSH server.
It's almost like a backdoor π
A critical remote code execution (RCE) vulnerability has been discovered in Cisco products using Erlang/OTP's SSH server.
π― The flaw, with a CVSS score of 10.0, allows unauthenticated attackers to execute arbitrary code on vulnerable devices.
#cybersecurity #cisco
25.04.2025 19:15
π 1
π 0
π¬ 0
π 0
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools
ARMO shows io_uring-based rootkits evade Falco, Tetragon, and Defender, risking Linux runtime security.
π§ Researchers have demonstrated a PoC rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring.
βοΈ ARMO's analysis highlights the need for better detection mechanisms to address the vulnerabilities posed by io_uring.
24.04.2025 13:29
π 1
π 0
π¬ 0
π 0
New Malware Hijacks Docker Images Using Unique Obfuscation Technique
A recently uncovered malware campaign targeting Docker, one of the most frequently attacked services according to Darktrace's honeypot data.
β‘οΈ A sophisticated malware campaign targets Docker, exploiting its popularity as a frequently attacked service.
πͺ€ The campaign uses intricate obfuscation techniques to conceal malicious payload within Python scripts, making it difficult for analysts to detect and reverse-engineer.
#cybersecurity
23.04.2025 20:15
π 0
π 0
π¬ 0
π 0
ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware
CVE-2025-2492 flaw in ASUS AiCloud routers allows remote control; firmware fix issued for 4 versions.
I mean, who calls a product "AiCloud" and not expect it to leak as hell ! π€£ π
β οΈ ASUS Confirms Critical Flaw in AiCloud Routers; Users Urged to Update Firmware
Patch it ! (see if you can rename this, likelihood of breach is highly reduced without Ai and Cloud in the product)
#cybersecurity #asus
19.04.2025 19:17
π 0
π 0
π¬ 0
π 0
β οΈ Immediate patching to the latest version is recommended, along with monitoring for unauthorized access attempts and implementing additional security measures.
connected=hacked
#cybersecurity #ivanti
gbhackers.com/hackers-expl...
19.04.2025 19:13
π 0
π 0
π¬ 0
π 0
Rogue npm Packages Mimic Telegram Bot API to Plant SSH Backdoors on Linux Systems
3 fake npm packages mimicking Telegram Bot API added SSH backdoors on Linux, risking persistent access.
β οΈ Removing the packages does not eliminate the threat, as inserted SSH keys grant remote access for subsequent code execution and data exfiltration.
connected=hacked
#cybersecurity
thehackernews.com/2025/04/rogu...
19.04.2025 18:56
π 0
π 0
π¬ 0
π 0
18.04.2025 14:37
π 19746
π 4500
π¬ 301
π 164
This is an obvious point, but cannot overstated. There is an enormous difference between deporting someone - where they get off a plane as a free citizen in their home country AND FUNNELING THEM INTO A BRUTAL PRISON FROM WHICH THEY HAVE NO CHANCE OF EVER EMERGING!!!
18.04.2025 23:08
π 86404
π 20196
π¬ 1689
π 724
Claude copies ChatGPT with $200 Max plan, but users aren't happy
Claude has a new subscription tier called "MAX," but it costs a whopping $200 per month, and users aren't happy with how the company enforces rate limits.
Your local LLM may not have all the latest hype, but has no time restrictions !
β οΈ Claude copies ChatGPT with $200 Max plan, but users aren't happy
"However, Claude Max limits users to 50 sessions per month. A session is a 5-hour period that starts when you send your first message to Claude."
10.04.2025 20:31
π 0
π 0
π¬ 0
π 0
