@catnap707 ねこさん⚡(ΦωΦ)

ねこさん⚡(ΦωΦ) posts on X about tencent, $ma, alibaba, vmware the most. They currently have [-----] followers and [----] posts still getting attention that total [-----] engagements in the last [--] hours.

Engagements: [-----] #

• [--] Week [-----] +181%
• [--] Month [------] +27%
• [--] Months [------] +134%
• [--] Year [-------] +65%

Mentions: [--] #

• [--] Month [--] -23%
• [--] Months [---] +87%
• [--] Year [---] -69%

Followers: [-----] #

• [--] Week [-----] +0.29%
• [--] Month [-----] +0.41%
• [--] Months [-----] +3%
• [--] Year [-----] +8.20%

CreatorRank: [---------] #

Social Influence

Social category influence technology brands stocks countries finance cryptocurrencies automotive brands travel destinations gaming social networks products

Social topic influence tencent, $ma #149, alibaba, vmware, microsoft, fortinet, google, $googl, has been, cloudflare

Top accounts mentioned or mentioned by @aeoncardjp @smcccard @applesupport @amazonhelp @uncommongoods @buzzapjp @threatpost @aupayofficial @kaorisaison @tochosuido @eposcard @tepcopg @officialtepco @manfp @tmmalanalyst

Top assets mentioned Mastercard, Inc. (MA) Microsoft Corp. (MSFT) Fortinet Inc (FTNT) Alphabet Inc Class A (GOOGL) Cloudflare, Inc. (NET) Zscaler Inc (ZS) Crowdstrike Holdings Inc (CRWD) UNCOMMON•GOODS (UNCOMMONGOODS) Bitcoin (BTC) IBM (IBM) Broadcom, Inc. (AVGO) Nano (XNO) CyberConnect (CYBER) April (APRIL) Toyota Motor Corporation (TM) Balancer (BAL)

Top Social Posts

Top posts by engagements in the last [--] hours

"Telnet Backdoor Opens More Than 1M IoT Radios to Hijack: @threatpost "The issue (CVE-2019-13473) exists in an always-on undocumented Telnet service (Telnetd) that connects to Port [--] of the radio. " https://threatpost.com/million-iot-radios-hijack-telnet-backdoor/148123/ https://threatpost.com/million-iot-radios-hijack-telnet-backdoor/148123/"
X Link 2019-09-10T13:41Z [----] followers, [--] engagements

"Hackers can bypass Cisco security products in data theft attacks "Using SNIcat or a similar tool a remote attacker can exfiltrate data in an SSL client hello packet because the return server hello packet from a server on the blocked list is not filtered" https://www.bleepingcomputer.com/news/security/hackers-can-bypass-cisco-security-products-in-data-theft-attacks/ https://www.bleepingcomputer.com/news/security/hackers-can-bypass-cisco-security-products-in-data-theft-attacks/"
X Link 2021-08-20T01:41Z [----] followers, [--] engagements

"2022/10/23 #auPAY @au_PAY_official #URL # IP 137.184.73.52 137.184.105.170"
X Link 2022-10-22T23:00Z [----] followers, [--] engagements

"4/5 sxshjw.cn tncoin.cn tqkjeis.cn tzzedu.cn udzzqj.cn uqdgaua.cn uzesvyq.cn wandeng.com.cn wnwan.cn wzijq.cn wzpou.cn xjutc.cn xokxwlm.cn ygzs.com.cn ynnec.cn"
X Link 2024-06-22T23:20Z [----] followers, [--] engagements

"5/5 ynnec.cn ywxme.cn zhlpa.cn zjqx.com.cn zysp.com.cn [--] URLs"
X Link 2024-06-22T23:21Z [----] followers, [--] engagements

"4/5 sdtw373.cn sheng2m.cn shiyingshajg.cn shjuxiang.cn six-mall.cn slywvft.cn smartlunch.cn somajk.cn syqhjs.cn sysssm.cn syui155.cn tangbaomom.cn tceonline.cn tttpool.cn tupfzcm.cn"
X Link 2024-06-24T23:05Z [----] followers, [---] engagements

"3/10 www.chgddxd.cn www.cnyuhengyuan.cn www.crltton.cn www.d-pub.cn www.dbahfqf.cn www.dpquamb.cn www.drdgybu.cn www.dyohers.cn www.e-s-c.cn www.efgaknv.cn"
X Link 2024-07-07T21:50Z [----] followers, [--] engagements

"4/10 www.ezillion.cn www.favolutionparis.cn www.fremkak.cn www.gephaok.cn www.gfbufmk.cn www.ghubjep.cn www.gxywwip.cn www.gzsxinhao.cn www.gzxuxiang.cn www.hawkstar.cn"
X Link 2024-07-07T21:50Z [----] followers, [--] engagements

"4/5 diamantine.cn dicentra.cn dickcissel.cn dioch.cn dodecagon.cn doeskin.cn dovekie.cn dupion.cn fcugov.cn gcjgov.cn goblinshark.cn indexfinger.cn jewfish.cn keaki.cn kerbstone.cn"
X Link 2025-01-13T21:24Z [----] followers, [--] engagements

"2/3 gzigov.cn gzxvy.cn hadgov.cn hajgov.cn hbgbe.cn hcggov.cn hchgov.cn kcvkim.cn lazlqj.cn ljycqk.cn lupvb.cn mxdbm.cn npcjk.cn nuuex.cn oakqu.cn"
X Link 2025-02-08T03:23Z [----] followers, [--] engagements

"2/3 paypay-info.lbhmq.cn paypay-info.pcwnm.cn paypay-info.qgssm.cn paypay-info.wlycm.cn paypay-info.zmppx.cn paypay-uptade.btxxd.cn paypay-uptade.jbzpz.cn paypay-uptade.khggy.cn paypay-uptade.lnszd.cn"
X Link 2025-02-09T21:44Z [----] followers, [--] engagements

"2/10 3s2ika.cn 3z5pwg.cn 4js3nb.cn 4wjyof.cn 4ymsuk.cn 51ebuy.cn 5r1gtd.cn 5yr9zh.cn 5yu0nh.cn 7dfxma.cn 7qyl6e.cn 7rxlzh.cn"
X Link 2025-02-11T02:03Z [----] followers, [--] engagements

"3/10 7winjb.cn 7xqy9i.cn 8ktr3d.cn 8msc7a.cn 8ovp9c.cn 8vk9ye.cn 9b3sja.cn 9whqtf.cn aavql.cn acsti.cn arov.cn asivk.cn"
X Link 2025-02-11T02:04Z [----] followers, [--] engagements

"4/10 asoz.cn avkp.cn b8317.cn bkabf.cn bkhwd.cn bncmr.cn bvkw.cn bvnu.cn cns2b2c.cn cqliantu.cn cy7szb.cn d2wg3c.cn"
X Link 2025-02-11T02:04Z [----] followers, [--] engagements

"Palo Alto Networks Patches Authentication Bypass Exploit in PAN-OS Software The vulnerability tracked as CVE-2025-0108 carries a CVSS score of [---] out of [----]. The score however drops to [---] if access to the management interface is restricted to https://thehackernews.com/2025/02/palo-alto-networks-patches.html https://thehackernews.com/2025/02/palo-alto-networks-patches.html"
X Link 2025-02-13T22:46Z [----] followers, [---] engagements

"PAN-OS authentication bypass hole plugged PoC is public (CVE-2025-0108) - Help Net Security "CVE-2025-0108 was discovered by Assetnote researchers aftey they decided to analyze the patches for CVE-2024-0012 and CVE-2024-9474" https://www.helpnetsecurity.com/2025/02/13/pan-os-authentication-bypass-palo-alto-networks-poc-cve-2025-0108/ https://www.helpnetsecurity.com/2025/02/13/pan-os-authentication-bypass-palo-alto-networks-poc-cve-2025-0108/"
X Link 2025-02-13T22:46Z [----] followers, [---] engagements

"2/3 mfmoi.cn nkqaf.cn ntxzg.cn nxkhh.cn oihth.cn oilvl.cn qhzrm.cn qkxje.cn qqcyn.cn rfncv.cn rknse.cn rmidp.cn rwmit.cn rygxj.cn sngoz.cn"
X Link 2025-02-14T01:37Z [----] followers, [---] engagements

"New "whoAMI" Attack Exploits AWS AMI Name Confusion for Remote Code Execution whoAMI that allows anyone who publishes an Amazon Machine Image (AMI) with a specific name to gain code execution within the Amazon Web Services (AWS) account. https://thehackernews.com/2025/02/new-whoami-attack-exploits-aws-ami-name.html https://thehackernews.com/2025/02/new-whoami-attack-exploits-aws-ami-name.html"
X Link 2025-02-14T21:38Z [----] followers, [---] engagements

"Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug "Researchers warn that threat actors are exploiting a recently disclosed vulnerability tracked as CVE-2025-0108 in Palo Alto Networks PAN-OS firewalls." https://securityaffairs.com/174237/hacking/exploitation-palo-alto-networks-pan-os-firewalls-bug.html https://securityaffairs.com/174237/hacking/exploitation-palo-alto-networks-pan-os-firewalls-bug.html"
X Link 2025-02-15T22:15Z [----] followers, [---] engagements

"3/3 terebigemu.com thejasmins.com thekitchenproducts.com tungstencarbidenozzle.com usadoctorfind.com [--] URLs #Amazon # #Phishing #"
X Link 2025-02-17T21:48Z [----] followers, [--] engagements

"2/4 gxfrrs.cn haoooi.cn hnfdf.cn hwdfd.cn iaxyo.cn ihqjc.cn jbcdd.cn jpptt.cn jzjqw.cn kmncy.cn kzadp.cn lmlfk.cn lsfsk.cn lstql.cn microbrachis.cn mpmpx.cn mxhdhrrscse4.cn nywhs.cn"
X Link 2025-02-17T22:02Z [----] followers, [--] engagements

"3/4 qianqijibend1.cn qtyfy.cn rkrbb.cn rwkne.cn sfkrt.cn sjdjdjdus44.cn spmzk.cn sqtzj.cn tiepb.cn tkbpq.cn tlfgs.cn tvtuf.cn txwgp.cn uhkzls.cn vkmoo.cn vntin.cn wauce.cn wfykdx.cn"
X Link 2025-02-17T22:02Z [----] followers, [---] engagements

"Patch Now: Palo Alto Flaw Exploited in the Wild Patch info is available in Palo Alto's security advisory on CVE-2025-0108 which is rated as [---] and therefore of high severity on the CVSS. https://www.darkreading.com/remote-workforce/patch-now-cisa-researchers-warn-palo-alto-flaw-exploited-wild https://www.darkreading.com/remote-workforce/patch-now-cisa-researchers-warn-palo-alto-flaw-exploited-wild"
X Link 2025-02-19T23:20Z [----] followers, [---] engagements

"2/2 coolcc.appstorepay.gujarat.in coolcc.appstorepay.ind.in coolcc.appstorepay.io.in coolcc.appstorepay.pg.in coolcc.appstorepay.travel.in [--] URLs #AppleID #iCloud # #Phishing"
X Link 2025-02-22T00:26Z [----] followers, [---] engagements

"2025/02/24 # # #Phishing #Scam #Amazon #PayPay #AppleID #iCloud #NHK #NHK #MasterCard #VPASS # # #ORICO #UC # # #"
X Link 2025-02-23T22:03Z [----] followers, [---] engagements

"2/2 marmoladadesign.com nerisgroup.com njcaihong.com online-judge.com roxhart.com saridaun.com shinydaytours.com tjjmzyy.com xiangfa88.com yclhjy.com zenshiatsuparis.com zimwebhosting.com [--] URLs #Amazon # #Phishing"
X Link 2025-02-25T02:09Z [----] followers, [---] engagements

"myaupay-cardco.shop myaupay-inco.shop myaupay-notco.shop #auPay # #Phishing https://x.com/catnap707/status/1894604523249021190 https://x.com/catnap707/status/1894604523249021190"
X Link 2025-02-26T04:25Z [----] followers, [--] engagements

"4/5 othxvr.cn oucnrj.cn prrfal.cn qdqgh.cn qfdqm.cn qnlzt.cn qtoyj.cn rvgtk.cn shusl.cn szorjo.cn tdvxm.cn ucpzd.cn uejfy.cn"
X Link 2025-05-17T01:55Z [----] followers, [---] engagements

"Botnet hacks 9000+ ASUS routers to add persistent SSH backdoor Over [----] ASUS routers are compromised by a novel botnet dubbed "AyySSHush" that was also observed targeting SOHO routers from Cisco D-Link and Linksys. https://www.bleepingcomputer.com/news/security/botnet-hacks-9-000-plus-asus-routers-to-add-persistent-ssh-backdoor/ https://www.bleepingcomputer.com/news/security/botnet-hacks-9-000-plus-asus-routers-to-add-persistent-ssh-backdoor/"
X Link 2025-05-28T21:20Z [----] followers, [---] engagements

"2025/10/04 # # #Phishing #Scam #Amazon #AppleID #iCloud # # #DHL # #ANA # # #UCS #MasterCard #JACCS #EX"
X Link 2025-10-04T04:38Z [----] followers, [---] engagements

"2025/10/05 # # #Phishing #Scam #AppleID #iCloud # # #DHL # #myTOKYOGAS # # #eTax #Ponta #ANA # # #UCS #MasterCard #JACCS #EX #"
X Link 2025-10-05T01:14Z [----] followers, [---] engagements

"TP-Link Router Flaw CVE-2023-28760 Allows Root RCE via LAN PoC Available "the TP-Link AX1800 WiFi [--] Router (Archer AX21/AX20) that allows attackers on the local network to achieve remote code execution (RCE) as the root user." https://securityonline.info/tp-link-router-flaw-cve-2023-28760-allows-root-rce-via-lan-poc-available/ https://securityonline.info/tp-link-router-flaw-cve-2023-28760-allows-root-rce-via-lan-poc-available/"
X Link 2025-10-10T00:28Z [----] followers, [---] engagements

"RondoDox Botnet targets [--] flaws across 30+ device types worldwide "the latest RondoDox campaign adopts an exploit shotgun approach firing multiple exploits to see which succeed." https://securityaffairs.com/183183/malware/rondodox-botnet-targets-56-flaws-across-30-device-types-worldwide.html https://securityaffairs.com/183183/malware/rondodox-botnet-targets-56-flaws-across-30-device-types-worldwide.html"
X Link 2025-10-10T08:50Z [----] followers, [---] engagements

"2025/10/12 # # #Phishing #Scam #Amazon #AppleID #iCloud # #MyJCB #JCB #VISA #V # #EX #"
X Link 2025-10-12T00:44Z [----] followers, [---] engagements

"2025/10/13 # # #Phishing #Scam #Amazon #AppleID #iCloud # # # # #eTax # # #MyJCB #JCB # #JACCS #VISA #V #EX #"
X Link 2025-10-13T00:22Z [----] followers, [---] engagements

""Google attempted to fix the problem (CVE-2025-48561)in theSeptember Android update. However researchers were able to bypass the mitigationand an effective solution is expected in the December [----] Android security update." https://www.bleepingcomputer.com/news/security/new-android-pixnapping-attack-steals-mfa-codes-pixel-by-pixel/ https://www.bleepingcomputer.com/news/security/new-android-pixnapping-attack-steals-mfa-codes-pixel-by-pixel/"
X Link 2025-10-15T00:22Z [----] followers, [---] engagements

"2025/10/16 # # #Phishing #Scam # # #AMEX #JACCS #MasterCard #MyJCB #JCB #V #VISA # #"
X Link 2025-10-15T21:49Z [----] followers, [---] engagements

"2025/10/17 # # #Phishing #Scam #AppleID #iCloud # # # #DHL # # #eTax #AMEX #JACCS #MasterCard #MyJCB #JCB #V #VISA #"
X Link 2025-10-16T23:08Z [----] followers, [---] engagements

"Qilin Ransomware's Resilience Exposed: Bulletproof Hosting Network Underpins Asahi Group Holdings Attack "Qilins resilience and global reach rely heavily on a sprawling underground hosting ecosystem spanning Russia Hong Kong Cyprus and the UAE" https://securityonline.info/qilin-ransomwares-resilience-exposed-bulletproof-hosting-network-underpins-asahi-group-holdings-attack/ https://securityonline.info/qilin-ransomwares-resilience-exposed-bulletproof-hosting-network-underpins-asahi-group-holdings-attack/"
X Link 2025-10-17T01:01Z [----] followers, [---] engagements

"2025/10/18 # # #Phishing #Scam #Amazon #AppleID #iCloud # # # #DHL # # #eTax # # #AMEX #JACCS #MasterCard #MyJCB #JCB #V #VISA #ETC #"
X Link 2025-10-18T02:29Z [----] followers, [---] engagements

"2025/10/21 # # #Phishing #Scam #ANA # # #MyTokyoGAS # # # # # #Nintendo #DHL #PayPay #VISA #"
X Link 2025-10-20T21:47Z [----] followers, [---] engagements

"Japanese retailer Muji halted online sales after a ransomware attack on logistics partner "Japanese retailer giant Muji suspended online sales after a ransomware attack hit its logistics partner Askul." https://securityaffairs.com/183639/breaking-news/japanese-retailer-muji-halted-online-sales-after-a-ransomware-attack-on-logistics-partner.html https://securityaffairs.com/183639/breaking-news/japanese-retailer-muji-halted-online-sales-after-a-ransomware-attack-on-logistics-partner.html"
X Link 2025-10-21T21:31Z [----] followers, [---] engagements

"2025/10/22 # # #Phishing #Scam #AppleID #iCloud #PlaystationOnline # # #MyTokyoGAS # # # # # #DHL #AMEX #VISA # #"
X Link 2025-10-21T21:46Z [----] followers, [---] engagements

"2025/10/23 # # #Phishing #Scam #AppleID #iCloud # #MyTokyoGAS # # #ANA # # # # #DHL #AMEX # #MasterCard #VISA #ETC #"
X Link 2025-10-22T23:48Z [----] followers, [---] engagements

"2025/10/24 # # #Phishing #Scam #AppleID #iCloud # #MyTokyoGAS # # #ANA # # # #DHL #AMEX # #MyJCB #JCB #MasterCard #VISA #ETC #"
X Link 2025-10-23T22:38Z [----] followers, [---] engagements

"Windows Server emergency patches fix WSUS bug with PoC exploit "Tracked as CVE-2025-59287and patched during this month's Patch Tuesday this remote code execution (RCE) security flaw affects only Windows servers with the WSUS Server Role enabled" https://www.bleepingcomputer.com/news/security/microsoft-releases-windows-server-emergency-updates-for-critical-wsus-rce-flaw/ https://www.bleepingcomputer.com/news/security/microsoft-releases-windows-server-emergency-updates-for-critical-wsus-rce-flaw/"
X Link 2025-10-24T08:16Z [----] followers, [---] engagements

"Microsoft releases urgent fix for actively exploited WSUS vulnerability (CVE-2025-59287) - Help Net Security "CVE-2025-59287 a remote code execution vulnerability in the Windows Server Update Services (WSUS) that is reportedly being exploited in the wild" https://www.helpnetsecurity.com/2025/10/24/wsus-vulnerability-cve-2025-59287-exploited/ https://www.helpnetsecurity.com/2025/10/24/wsus-vulnerability-cve-2025-59287-exploited/"
X Link 2025-10-25T23:40Z [----] followers, [---] engagements

"Critical Windows Server WSUS Vulnerability Exploited in the Wild - SecurityWeek "CVE-2025-59287 allows a remote unauthenticated attacker to execute arbitrary code and a PoC exploit is available." https://www.securityweek.com/critical-windows-server-wsus-vulnerability-exploited-in-the-wild/ https://www.securityweek.com/critical-windows-server-wsus-vulnerability-exploited-in-the-wild/"
X Link 2025-10-25T23:41Z [----] followers, [---] engagements

"Critical WSUS flaw in Windows Server now exploited in attacks "Microsoft released out-of-band security updates for all impacted Windows Server versions to "comprehensively address CVE-2025-59287" and advised IT administrators to install them" https://www.bleepingcomputer.com/news/security/hackers-now-exploiting-critical-windows-server-wsus-flaw-in-attacks/ https://www.bleepingcomputer.com/news/security/hackers-now-exploiting-critical-windows-server-wsus-flaw-in-attacks/"
X Link 2025-10-25T23:44Z [----] followers, [---] engagements

"U.S. CISA adds Microsoft WSUS and Adobe Commerce and Magento Open Source flaws to its Known Exploited Vulnerabilities catalog "The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft WSUS flaws to its KEV catalog." https://securityaffairs.com/183815/security/u-s-cisa-adds-microsoft-wsus-and-adobe-commerce-and-magento-open-source-flaws-to-its-known-exploited-vulnerabilities-catalog.html https://securityaffairs.com/183815/security/u-s-cisa-adds-microsoft-wsus-and-adobe-commerce-and-magento-open-source-flaws-to-its-known-exploited-vulnerabilities-catalog.html"
X Link 2025-10-25T23:51Z [----] followers, [---] engagements

"Microsoft Issues Emergency Patch for Windows Server Bug "Microsoft initially fixed CVE-2025-59287 in the WSUS update mechanism in the October [----] Patch Tuesday release but the company has now issued a second out-of-band update for the flaw" https://www.darkreading.com/vulnerabilities-threats/microsoft-emergency-patch-windows-server-bug https://www.darkreading.com/vulnerabilities-threats/microsoft-emergency-patch-windows-server-bug"
X Link 2025-10-25T23:54Z [----] followers, [---] engagements

"2025/10/27 # # #Phishing #Scam #AppleID #iCloud #Nintendo # # # #ANA # # # #eTax #ETC #AMEX #MyJCB #JCB # #"
X Link 2025-10-26T21:13Z [----] followers, [---] engagements

"2025/10/28 # # #Phishing #Scam #AppleID #iCloud #Nintendo # # #SBI # # # # # #eTax #ETC #AMEX #MyJCB #JCB # # #EX"
X Link 2025-10-27T20:51Z [----] followers, [---] engagements

"Microsoft WSUS attacks hit 'multiple' orgs Google warns The Register "CVE-2025-59287stems from insecure deserialization of untrusted data and allows unauthenticated attackers to execute arbitrary code on vulnerable systems." https://www.theregister.com/2025/10/27/microsoft_wsus_attacks_multiple_orgs/ https://www.theregister.com/2025/10/27/microsoft_wsus_attacks_multiple_orgs/"
X Link 2025-10-28T01:08Z [----] followers, [---] engagements

"Apache Tomcat Patches URL Rewrite Bypass (CVE-2025-55752) Risking RCE and Console ANSI Injection "CVE-2025-55752 CVE-2025-55754 and CVE-2025-61795 affecting versions of Tomcat [--] [--] and 11." https://securityonline.info/apache-tomcat-patches-url-rewrite-bypass-cve-2025-55752-risking-rce-and-console-ansi-injection/ https://securityonline.info/apache-tomcat-patches-url-rewrite-bypass-cve-2025-55752-risking-rce-and-console-ansi-injection/"
X Link 2025-10-28T02:03Z [----] followers, [---] engagements

"Step aside SOC. Its time to ROC CSO Online "the Resilience Risk Operations Center (ROC) is a proactive intelligence hub. Think of it as a fusion center in which cyber business and financial risk come together to form one clear picture." https://www.csoonline.com/article/4078696/step-aside-soc-its-time-to-roc.html https://www.csoonline.com/article/4078696/step-aside-soc-its-time-to-roc.html"
X Link 2025-10-28T21:59Z [----] followers, [---] engagements

"Qilin ransomware abuses WSL to run Linux encryptors in Windows "The Qilin ransomware operation was spotted executing Linux encryptors in Windows using Windows Subsystem for Linux (WSL) to evade detection by traditional security tools." https://www.bleepingcomputer.com/news/security/qilin-ransomware-abuses-wsl-to-run-linux-encryptors-in-windows/ https://www.bleepingcomputer.com/news/security/qilin-ransomware-abuses-wsl-to-run-linux-encryptors-in-windows/"
X Link 2025-10-28T23:48Z [----] followers, [---] engagements

"Dentsu Subsidiary Breached Employee Data Stolen A subsidiary of Japanese marketing and PR giant Dentsu lost sensitive data to unidentified threat actors the parent company said. # https://www.darkreading.com/cyberattacks-data-breaches/dentsu-subsidiary-breached-employee-data-stolen https://www.darkreading.com/cyberattacks-data-breaches/dentsu-subsidiary-breached-employee-data-stolen"
X Link 2025-10-29T22:58Z [----] followers, [---] engagements

"Old Linux Kernel flaw CVE-2024-1086 resurfaces in ransomware attacks "CISA warns ransomware gangs exploit CVE-2024-1086 a Linux kernel flaw in netfilter: nf_tables introduced in [----] and patched in Jan 2024." https://securityaffairs.com/184076/security/old-linux-kernel-flaw-cve-2024-1086-resurfaces-in-ransomware-attacks.html https://securityaffairs.com/184076/security/old-linux-kernel-flaw-cve-2024-1086-resurfaces-in-ransomware-attacks.html"
X Link 2025-10-31T23:38Z [----] followers, [---] engagements

"Chrome # (Beta channel) Chrome 142.0.7444.76 Chrome OS 142.0.7444.76 #Chromebook #ChromeOS"
X Link 2025-11-01T00:14Z [----] followers, [---] engagements

"Critical WordPress Theme Flaw (CVE-2025-5397 CVSS 9.8) Under Active Exploitation Allows Unauthenticated Admin Takeover "The core issue is in the check_login() function which does not properly verify a users identity before granting them authenticated" https://securityonline.info/critical-wordpress-theme-flaw-cve-2025-5397-cvss-9-8-under-active-exploitation-allows-unauthenticated-admin-takeover/ https://securityonline.info/critical-wordpress-theme-flaw-cve-2025-5397-cvss-9-8-under-active-exploitation-allows-unauthenticated-admin-takeover/"
X Link 2025-11-01T23:54Z [----] followers, [---] engagements

"Pixel Watch [--] Gemini #teampixel #pixelwatch #Google"
X Link 2025-11-02T07:58Z [----] followers, [---] engagements

"24 Lenovo Chromebook Duet [--] (gen 9) It's my new gear. #ChromeOS #Chromebook"
X Link 2025-11-03T02:59Z [----] followers, [---] engagements

"2025/11/10 # # #Phishing #Scam #Amazon # #DHL #NHK #NHK # # # #"
X Link 2025-11-09T21:48Z [----] followers, [---] engagements

"2025/11/11 # # #Phishing #Scam #Amazon # #DHL #NHK #NHK # #MyJCB #JCB # #ETC #"
X Link 2025-11-10T23:32Z [----] followers, [---] engagements

"North Korean hackers exploit Googles safety tools for remote wipe CSO Online "The campaign hijacked Google accounts to abuse Androids Find Hub feature remotely wiping victims phones while spreading malware through trusted KakaoTalk contacts." https://www.csoonline.com/article/4088037/north-korean-hackers-exploit-googles-safety-tools-for-remote-wipe.html https://www.csoonline.com/article/4088037/north-korean-hackers-exploit-googles-safety-tools-for-remote-wipe.html"
X Link 2025-11-11T12:33Z [----] followers, [---] engagements

"Hitachi-owned GlobalLogic admits data stolen by Clop The Register "Clop's Oracle EBS exploit spree shows no sign of slowing claims nearly [--] more casualties in media finance and tech." https://www.theregister.com/2025/11/11/hitachiowned_globallogic_admits_data_stolen/ https://www.theregister.com/2025/11/11/hitachiowned_globallogic_admits_data_stolen/"
X Link 2025-11-11T21:16Z [----] followers, [---] engagements

"GootLoader Is Back Using a New Font Trick to Hide Malware on WordPress Sites "GootLoader affiliated with a threat actor tracked as Hive0127 (aka UNC2565) is a JavaScript-based malware loader" https://thehackernews.com/2025/11/gootloader-is-back-using-new-font-trick.html https://thehackernews.com/2025/11/gootloader-is-back-using-new-font-trick.html"
X Link 2025-11-11T21:21Z [----] followers, [---] engagements

"Microsoft Patches Actively Exploited Windows Kernel Zero-Day - SecurityWeek "The zero-day is tracked as CVE-2025-62215 and it has been described as an important-severity privilege escalation flaw that allows an attacker to gain System privileges " https://www.securityweek.com/microsoft-patches-actively-exploited-windows-kernel-zero-day/ https://www.securityweek.com/microsoft-patches-actively-exploited-windows-kernel-zero-day/"
X Link 2025-11-11T21:27Z [----] followers, [---] engagements

"Hackers exploited Citrix Cisco ISE flaws in zero-day attacks the Citrix Bleed Two vulnerability (CVE-2025-5777) prior to public disclosure indicating a threat actor had been exploiting the vulnerability as a zero-day https://www.bleepingcomputer.com/news/security/hackers-exploited-citrix-cisco-ise-flaws-in-zero-day-attacks/ https://www.bleepingcomputer.com/news/security/hackers-exploited-citrix-cisco-ise-flaws-in-zero-day-attacks/"
X Link 2025-11-12T21:35Z [----] followers, [---] engagements

"2025/11/13 # # #Phishing #Scam # # #NintendoSwitchOnline # # # # #MyJCB #JCB # #ETC #"
X Link 2025-11-12T21:44Z [----] followers, [---] engagements

"Windows Remote Desktop Services Vulnerability Let Attackers Escalate Privileges "Tracked asCVE-2025-60703 the flaw stems from an untrusted pointer dereference a classic memory safety issue that has plagued software for years and carries an Important" https://cybersecuritynews.com/windows-remote-desktop-services-flaw/ https://cybersecuritynews.com/windows-remote-desktop-services-flaw/"
X Link 2025-11-13T04:00Z [----] followers, [---] engagements

"PAN-OS Flaw (CVE-2025-4619) Allows Unauthenticated Firewall Reboot via Single Crafted Packet "Tracked as CVE-2025-4619 and rated CVSS [---] the flaw can be exploited without authentication to remotely reboot a firewall by sending a single specially " https://securityonline.info/pan-os-flaw-cve-2025-4619-allows-unauthenticated-firewall-reboot-via-single-crafted-packet/ https://securityonline.info/pan-os-flaw-cve-2025-4619-allows-unauthenticated-firewall-reboot-via-single-crafted-packet/"
X Link 2025-11-13T04:17Z [----] followers, [---] engagements

"2025/11/13 # # #Phishing #Scam #Amazon # # #DHL # # # #"
X Link 2025-11-13T22:06Z [----] followers, [---] engagements

"ZERO-DAY ATTACK WARNING: Fortinet FortiWeb Exploit Grants Unauthenticated Admin Access "The public PoC works reliably against FortiWeb 8.0.1 (released in August 2025). The same exploit fails against the latest FortiWeb 8.0.2 release." https://securityonline.info/zero-day-attack-warning-fortinet-fortiweb-exploit-grants-unauthenticated-admin-access/ https://securityonline.info/zero-day-attack-warning-fortinet-fortiweb-exploit-grants-unauthenticated-admin-access/"
X Link 2025-11-14T03:05Z [----] followers, [---] engagements

"2025/11/15 # # #Phishing #Scam #Amazon #AppleID #iCloud # # #DHL #NintendoSwitchOnline # # # # # #"
X Link 2025-11-14T21:25Z [----] followers, [---] engagements

"Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability - SecurityWeek "Tracked as CVE-2025-64446 (CVSS score of 9.1) the bug is described as a relative path traversal issue that can be exploited via crafted HTTP or HTTPS requests" https://www.securityweek.com/fortinet-confirms-active-exploitation-of-critical-fortiweb-vulnerability/ https://www.securityweek.com/fortinet-confirms-active-exploitation-of-critical-fortiweb-vulnerability/"
X Link 2025-11-14T21:31Z [----] followers, [---] engagements

""The flaw impacts FortiWeb versions 8.0.0 through 8.0.1 7.6.0 through 7.6.4 7.4.0 through 7.4.9 7.2.0 through 7.2.11 and 7.0.0 through 7.0.11. The vulnerability was resolved in FortiWeb versions 8.0.2 7.6.5 7.4.10 7.2.12 and 7.0.12." https://x.com/catnap707/status/1989446163553300679s=20 Fortinet Confirms Active Exploitation of Critical FortiWeb Vulnerability - SecurityWeek https://t.co/m3XUqsr0mz "Tracked as CVE-2025-64446 (CVSS score of 9.1) the bug is described as a relative path traversal issue that can be exploited via crafted HTTP or HTTPS requests""
X Link 2025-11-14T21:32Z [----] followers, [---] engagements

"Fortinet finally cops to critical bug under active exploit The Register "Also on Friday the US Cybersecurity and Infrastructure Agency (CISA) added CVE-2025-64446 to its Known Exploited Vulnerabilities Catalog." https://www.theregister.com/2025/11/14/fortinet_active_exploit_cve_2025_64446/ https://www.theregister.com/2025/11/14/fortinet_active_exploit_cve_2025_64446/"
X Link 2025-11-14T21:32Z [----] followers, [---] engagements

"The tiny Pixel UI tweak that changed how I use my Pixel "Now I tap the lower-left corner of the lock screen and the phone is instantly silenced. Im no longer fumbling with menus." https://www.androidpolice.com/pixel-ui-tweak-that-changed-how-use-my-pixel/ https://www.androidpolice.com/pixel-ui-tweak-that-changed-how-use-my-pixel/"
X Link 2025-11-15T15:37Z [----] followers, [---] engagements

"2025/11/16 # # #Phishing #Scam #Amazon # #Paidy # # #DHL #NintendoSwitchOnline # # # # #"
X Link 2025-11-15T23:32Z [----] followers, [---] engagements

"2025/11/17 # # #Phishing #Scam #AppleID #iCloud # #Paidy # #NintendoSwitchOnline # # # #ETC #MasterCard #"
X Link 2025-11-16T22:45Z [----] followers, [---] engagements

"Fortinet customers told to update immediately following major security issue - here's what we know TechRadar "CVE-2025-64446 allows unauthenticated attackers to run admin commands on FortiWeb WAF systems" https://www.techradar.com/pro/security/fortinet-customers-told-to-update-immediately-following-major-security-issue-heres-what-we-know https://www.techradar.com/pro/security/fortinet-customers-told-to-update-immediately-following-major-security-issue-heres-what-we-know"
X Link 2025-11-17T21:30Z [----] followers, [--] engagements

""Actively exploited in the wild; affects versions 7.0.08.0.1 patched in 8.0.2 CISA added it to KEV; Fortinet urges immediate patching or disabling internet-facing HTTP/HTTPS interfaces" https://x.com/catnap707/status/1990532900807417987s=20 Fortinet customers told to update immediately following major security issue - here's what we know TechRadar https://t.co/ub8Sm2hHIj "CVE-2025-64446 allows unauthenticated attackers to run admin commands on FortiWeb WAF systems" https://x.com/catnap707/status/1990532900807417987s=20 Fortinet customers told to update immediately following major security"
X Link 2025-11-17T21:30Z [----] followers, [--] engagements

"Critical Fortinet FortiWeb WAF Bug Exploited in Wild "For FortiWeb [---] customers should update to versions FortiWeb 8.0.2 or above; for [---] 7.6.5 or above; for [---] 7.4.10 or above; for [---] 7.2.12 or above; and for [---] 7.0.12 or above." https://www.darkreading.com/application-security/critical-fortinet-fortiweb-waf-bug-exploited-in-wild https://www.darkreading.com/application-security/critical-fortinet-fortiweb-waf-bug-exploited-in-wild"
X Link 2025-11-17T21:31Z [----] followers, [---] engagements

"PSIRT FortiGuard Labs "A relative path traversal vulnerability CWE-23 in FortiWeb may allow an unauthenticated attacker to execute administrative commands on the system via crafted HTTP or HTTPS requests." https://fortiguard.fortinet.com/psirt/FG-IR-25-910 https://fortiguard.fortinet.com/psirt/FG-IR-25-910"
X Link 2025-11-17T21:32Z [----] followers, [---] engagements

"Cloudflare outage on November [--] [----] "On [--] November [----] at 11:20 UTC (all times in this blog are UTC) Cloudflare's network began experiencing significant failures to deliver core network traffic." https://blog.cloudflare.com/18-november-2025-outage/ https://blog.cloudflare.com/18-november-2025-outage/"
X Link 2025-11-19T03:01Z [----] followers, [---] engagements

"2025/11/19 # # #Phishing #Scam #Amazon #AppleID #iCloud # # #TEPCO #NHK #UC"
X Link 2025-11-19T04:45Z [----] followers, [---] engagements

"2025/11/20 # # #Phishing #Scam #Amazon #AppleID #iCloud #NintendoSwitchOnline # # #ANA # # # #MasterCard # #ETC #"
X Link 2025-11-19T22:40Z [----] followers, [---] engagements

"Fortinet Woes Continue With Another WAF Zero-Day Flaw "CVE-2025-58034 is an OS command injection vulnerability that if exploited allows an authenticated attacker to run code on the WAF through crafted HTTP requests or CLI commands." https://www.darkreading.com/vulnerabilities-threats/fortinet-woes-continue-another-waf-zero-day-flaw https://www.darkreading.com/vulnerabilities-threats/fortinet-woes-continue-another-waf-zero-day-flaw"
X Link 2025-11-20T01:15Z [----] followers, [---] engagements

"2025/11/21 # # #Phishing #Scam #NHK #NHK #NintendoSwitchOnline # # #DHL #MasterCard # #"
X Link 2025-11-20T23:03Z [----] followers, [---] engagements

"Oracle Critical Patch Update Advisory - October [----] "Oracle has released a Security Alerts for Oracle E-Business Suite CVE-2025-61882 (October [--] 2025) and CVE-2025-61884 (October [--] 2025)." https://www.oracle.com/security-alerts/cpuoct2025.html https://www.oracle.com/security-alerts/cpuoct2025.html"
X Link 2025-11-22T02:51Z [----] followers, [---] engagements

"CrowdStrike fired insider for sharing internal info with hacking group CSO Online "Cybersecurity company CrowdStrike fired a suspicious insider last month according to a report from TechCrunch." https://www.csoonline.com/article/4094780/crowdstrike-fired-insider-for-sharing-internal-info-with-hacking-group.html https://www.csoonline.com/article/4094780/crowdstrike-fired-insider-for-sharing-internal-info-with-hacking-group.html"
X Link 2025-11-22T10:00Z [----] followers, [---] engagements

"ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access "The attacker targeted Windows Servers with WSUS enabled exploiting CVE-2025-59287 for initial access" AhnLab Security Intelligence Center (ASEC) said in a report published" https://thehackernews.com/2025/11/shadowpad-malware-actively-exploits.html https://thehackernews.com/2025/11/shadowpad-malware-actively-exploits.html"
X Link 2025-11-24T12:01Z [----] followers, [---] engagements

"2025/11/25 # # #Phishing #Scam # # #DHL #ANA # #VISA #VPASS # #ORICO #e #MasterCard # #MyJCB #JCB # #"
X Link 2025-11-24T22:08Z [----] followers, [---] engagements

"#ASUS https://x.com/catnap707/status/1993105127767785540s=20 https://x.com/catnap707/status/1993105127767785540s=20"
X Link 2025-11-25T00:02Z [----] followers, [--] engagements

"2025/11/26 # # #Phishing #Scam #Amazon # # #DHL #ANA # #VISA #VPASS # #ORICO #e # #"
X Link 2025-11-25T22:14Z [----] followers, [---] engagements

"ASUS warns of new critical auth bypass flaw in AiCloud routers "While ASUS didn't specify which router models are affected and only mentioned which firmware versions addressthe vulnerability it provided mitigation measures for users with end-of-life" https://www.bleepingcomputer.com/news/security/asus-warns-of-new-critical-auth-bypass-flaw-in-aicloud-routers/ https://www.bleepingcomputer.com/news/security/asus-warns-of-new-critical-auth-bypass-flaw-in-aicloud-routers/"
X Link 2025-11-26T21:22Z [----] followers, [---] engagements

"Botnet takes advantage of AWS outage to smack [--] countries The Register "A Mirai-based botnet named ShadowV2 emerged during last October's widespread AWS outage infecting IoT devices across industries and continents likely serving as a "test run"" https://www.theregister.com/2025/11/26/miraibased_botnet_shadowv2/ https://www.theregister.com/2025/11/26/miraibased_botnet_shadowv2/"
X Link 2025-11-26T21:31Z [----] followers, [---] engagements

"2025/11/27 # # #Phishing #Scam #AppleID #iCloud # # # #DHL #ANA # # #ETC # #Pocketcard"
X Link 2025-11-26T23:34Z [----] followers, [---] engagements

""12101570" https://ascii.jp/elem/000/004/355/4355103/ http://ASCII.jp https://ascii.jp/elem/000/004/355/4355103/ http://ASCII.jp"
X Link 2025-11-27T08:10Z [----] followers, [---] engagements

"New ASUS firmware patches critical AiCloud vulnerability "ASUS has issued new firmware addressing nine security vulnerabilities including a critical authentication bypass tracked as CVE-2025-59366 (CVSS score of 9.2) affecting routers with AiCloud" https://securityaffairs.com/185109/iot/new-asus-firmware-patches-critical-aicloud-vulnerability.html https://securityaffairs.com/185109/iot/new-asus-firmware-patches-critical-aicloud-vulnerability.html"
X Link 2025-11-27T09:42Z [----] followers, [---] engagements

"2025/11/28 # # #Phishing #Scam #Amazon #Amazon #AppleID #iCloud # #DHL #ANA # #"
X Link 2025-11-27T22:35Z [----] followers, [---] engagements

"Asahi confirms cyberattack leaked data on [---] million customers TechRadar "the Customer Service Centers of Asahi Breweries Asahi Soft Drinks and Asahi Group Foods - approximately [-------] people." https://www.techradar.com/pro/security/asahi-confirms-cyberattack-leaked-data-on-1-5-million-customers https://www.techradar.com/pro/security/asahi-confirms-cyberattack-leaked-data-on-1-5-million-customers"
X Link 2025-11-28T00:03Z [----] followers, [--] engagements

"Asahi admits ransomware may have spilled data on 2M people The Register "The tally includes [-----] million people who contacted its customer service centers [------] external contacts who received condolence or congratulatory telegrams" https://www.theregister.com/2025/11/27/asahi_ransomware_numbers/ https://www.theregister.com/2025/11/27/asahi_ransomware_numbers/"
X Link 2025-11-28T00:05Z [----] followers, [--] engagements

"Asahi says crooks stole data of approximately 2M customers and employees Summarizing exposed personal information that may have been exposed (as of November 27) are: https://securityaffairs.com/185126/data-breach/asahi-says-crooks-stole-data-of-approximately-2m-customers-and-employees.html https://securityaffairs.com/185126/data-breach/asahi-says-crooks-stole-data-of-approximately-2m-customers-and-employees.html"
X Link 2025-11-28T00:07Z [----] followers, [---] engagements

"Asahi Data Breach Impacts [--] Million Individuals - SecurityWeek "Qilin is known to leak data stolen from companies that do not pay a ransom and that Asahis customers should continue to monitor for updates." https://www.securityweek.com/asahi-data-breach-impacts-2-million-individuals/ https://www.securityweek.com/asahi-data-breach-impacts-2-million-individuals/"
X Link 2025-11-28T00:09Z [----] followers, [---] engagements

"HashJack Attack Uses URL # to Control AI Browser Behavior Hackread Cybersecurity News Data Breaches Tech AI Crypto and More "Microsoft and Perplexity fixed the flaw but Googles Gemini remains at risk." https://hackread.com/hashjack-attack-url-control-ai-browser-behavior/ https://hackread.com/hashjack-attack-url-control-ai-browser-behavior/"
X Link 2025-11-29T23:48Z [----] followers, [---] engagements

"2025/11/30 # # #Phishing #Scam # # #ANA # #NintendoSwitchOnline # #DHL # # #VISA #VPASS # #MyJCB #JCB # #ETC #"
X Link 2025-11-29T23:56Z [----] followers, [---] engagements

"2025/12/01 # # #Phishing #Scam #AppleID #iCloud # # # #ANA # #NintendoSwitchOnline # #DHL # # #VISA #VPASS # #MyJCB #JCB #UC #"
X Link 2025-12-01T00:47Z [----] followers, [---] engagements

"2025/12/02 # # #Phishing #Scam # # #myTOKYOGAS #NintendoSwitchOnline # #DHL # # #VISA #VPASS # #MyJCB #JCB #ETC #"
X Link 2025-12-01T22:59Z [----] followers, [---] engagements

"2025/12/03 # # #Phishing #Scam #NintendoSwitchOnline # #DHL # # #VISA #VPASS # #MyJCB #JCB #MasterCard # #"
X Link 2025-12-02T22:32Z [----] followers, [---] engagements

"2025/12/04 # # #Phishing #Scam # #NintendoSwitchOnline # #DHL # #myTOKYOGAS # # # #VISA #VPASS #MyJCB #JCB # #ETC #"
X Link 2025-12-03T23:44Z [----] followers, [---] engagements

"ASUS confirms vendor breach as Everest gang leaks data claims ArcSoft and Qualcomm "ASUS says a third-party breach exposed data after Everest ransomware leaked samples claiming they have hacked ASUS ArcSoft and Qualcomm." https://securityaffairs.com/185310/data-breach/asus-confirms-vendor-breach-as-everest-gang-leaks-data-claims-arcsoft-and-qualcomm.html https://securityaffairs.com/185310/data-breach/asus-confirms-vendor-breach-as-everest-gang-leaks-data-claims-arcsoft-and-qualcomm.html"
X Link 2025-12-04T20:58Z [----] followers, [---] engagements

"2025/12/05 # # #Phishing #Scam #AppleID #iCloud # #NintendoSwitchOnline # #DHL # # # #ANA # # # #VISA #VPASS #MyJCB #JCB #ETC #"
X Link 2025-12-05T00:44Z [----] followers, [---] engagements

"2025/12/06 # # #Phishing #Scam #NintendoSwitchOnline # # #MyTOKYOGAS #DHL # # # # # #VISA #VPASS #V #MyJCB #JCB #ETC #"
X Link 2025-12-06T00:21Z [----] followers, [---] engagements

"JPCERT/CC Reports Widespread Exploitation of Array Networks AG Gateway Vulnerability "The flaw affects ArrayOS AG 9.4.5.8 and earlier versions the company addressed the flaw on May [--] [----] with the release of ArrayOS AG 9.4.5.9." https://securityaffairs.com/185358/uncategorized/jpcert-cc-reports-widespread-exploitation-of-array-networks-ag-gateway-vulnerability.html https://securityaffairs.com/185358/uncategorized/jpcert-cc-reports-widespread-exploitation-of-array-networks-ag-gateway-vulnerability.html"
X Link 2025-12-06T07:05Z [----] followers, [---] engagements

"2025/12/07 # # #Phishing #Scam #AppleID #iCloud #NintendoSwitchOnline # # #MyTOKYOGAS #DHL # # # # # #VISA #VPASS #V #MyJCB #JCB #ETC"
X Link 2025-12-06T22:26Z [----] followers, [---] engagements

"China-nexus cyber threat groups rapidly exploit React2Shell vulnerability (CVE-2025-55182) AWS "CVE-2025-55182 is an unsafe deserialization vulnerability in React Server Components. The vulnerability was named React2Shell by security researchers." https://aws.amazon.com/blogs/security/china-nexus-cyber-threat-groups-rapidly-exploit-react2shell-vulnerability-cve-2025-55182/ https://aws.amazon.com/blogs/security/china-nexus-cyber-threat-groups-rapidly-exploit-react2shell-vulnerability-cve-2025-55182/"
X Link 2025-12-07T19:53Z [----] followers, [---] engagements

"http.html:content="Web site created using create-react-app" CRACreate React AppRSCReact Server Components https://x.com/catnap707/status/1998155744882155674s=20 #Shodan #ShodanDorks http.html:content="Web site created using create-react-app" http.html:"__next_f.push" "Vary: RSC Next-Router-State-Tree" "X-Powered-By: Next.js" https://x.com/catnap707/status/1998155744882155674s=20 #Shodan #ShodanDorks http.html:content="Web site created using create-react-app" http.html:"__next_f.push" "Vary: RSC Next-Router-State-Tree" "X-Powered-By: Next.js""
X Link 2025-12-09T01:37Z [----] followers, [---] engagements

"Ivanti warns of critical Endpoint Manager code execution flaw "Tracked as CVE-2025-10573 this critical security flaw can be exploited by remote unauthenticated threat actors to execute arbitrary JavaScript code throughlow-complexity cross-site" https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-endpoint-manager-code-execution-flaw/ https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-endpoint-manager-code-execution-flaw/"
X Link 2025-12-09T21:45Z [----] followers, [---] engagements

"Fortinet warns of critical FortiCloud SSO login auth bypass flaws "Threat actors can exploit the two security flaws tracked as CVE-2025-59718 (FortiOS FortiProxy FortiSwitchManager) and CVE-2025-59719 (FortiWeb) by abusing improper verification of" https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-forticloud-sso-login-auth-bypass-flaws/ https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-forticloud-sso-login-auth-bypass-flaws/"
X Link 2025-12-09T21:48Z [----] followers, [---] engagements

"2025/12/10 # # #Phishing #Scam #Amazon #GMO #MyJCB #JCB #NTT"
X Link 2025-12-09T22:05Z [----] followers, [---] engagements

"Fortinet Ivanti and SAP Issue Urgent Patches for Authentication and Code Execution Flaws "To temporarily protect their systems against attacks exploiting these vulnerabilities organizations are advised to disable the FortiCloud login feature" https://thehackernews.com/2025/12/fortinet-ivanti-and-sap-issue-urgent.html https://thehackernews.com/2025/12/fortinet-ivanti-and-sap-issue-urgent.html"
X Link 2025-12-10T13:21Z [----] followers, [---] engagements

"Fortinet Patches Critical Authentication Bypass Vulnerabilities - SecurityWeek "Tracked as CVE-2025-59718 and CVE-2025-59719 (CVSS score of 9.8) the two bugs are described as improper verification of cryptographic signature issues." https://www.securityweek.com/fortinet-patches-critical-authentication-bypass-vulnerabilities/ https://www.securityweek.com/fortinet-patches-critical-authentication-bypass-vulnerabilities/"
X Link 2025-12-10T21:39Z [----] followers, [---] engagements

"2025/12/11 # # #Phishing #Scam #Amazon #GMO #DHL # #ANA # #JAL # #MyJCB #JCB #VISA #VPASS #"
X Link 2025-12-10T21:46Z [----] followers, [---] engagements

"React2Shell Exploitation Escalates into Large-Scale Global Attacks Forcing Emergency Mitigation "Security researcher Rakesh Krishnan has also discovered an open directory hosted on "154.61.77.105:8082" that includes a proof-of-concept (PoC)" https://thehackernews.com/2025/12/react2shell-exploitation-escalates-into.html https://thehackernews.com/2025/12/react2shell-exploitation-escalates-into.html"
X Link 2025-12-12T09:16Z [----] followers, [--] engagements

"React2Shell Exploits Flood the Internet as Attacks Continue "WAF bypasses are notable because companies like Cloudflare and AWS deployed new WAF rules prior to CVE-2025-55182's disclosure that are designed to block React2Shell attacks." https://www.darkreading.com/threat-intelligence/react2shell-exploits-flood-internet-attacks-continue https://www.darkreading.com/threat-intelligence/react2shell-exploits-flood-internet-attacks-continue"
X Link 2025-12-13T02:48Z [----] followers, [---] engagements

""Trend Micro said effective WAF rules must also block $@ chunk references; the resolved_model string; the constructor:constructor pattern; and the _formData.get pattern." https://x.com/catnap707/status/1999672737011474749s=20 React2Shell Exploits Flood the Internet as Attacks Continue https://t.co/EYZuK2A34U "WAF bypasses are notable because companies like Cloudflare and AWS deployed new WAF rules prior to CVE-2025-55182's disclosure that are designed to block React2Shell attacks." https://x.com/catnap707/status/1999672737011474749s=20 React2Shell Exploits Flood the Internet as Attacks"
X Link 2025-12-13T02:52Z [----] followers, [---] engagements

"2025/12/13 # # #Phishing #Scam #Amazon #Kyash # #"
X Link 2025-12-13T02:57Z [----] followers, [---] engagements

"2025/12/14 # # #Phishing #Scam #AppleID #iCloud #Amazon #DHL # #Paidy #MasterCard # # #ETC #"
X Link 2025-12-13T22:31Z [----] followers, [---] engagements

"Nation-State and Cybercrime Exploits Tied to React2Shell "at least three PoCs are being developed in different languages: Python JavaScript and bash. "That mix reflects not only the range of developers experimenting with React2Shell" https://www.databreachtoday.com/nation-state-cybercrime-exploits-tied-to-react2shell-a-30285 https://www.databreachtoday.com/nation-state-cybercrime-exploits-tied-to-react2shell-a-30285"
X Link 2025-12-15T22:55Z [----] followers, [---] engagements

"React2Shell vuln exploited by China Iran Google warns The Register "newly created hidden directories like $HOME/.systemd-utils the unauthorized termination of processes including ntpclient and the injection of malicious execution logic into shell" https://www.theregister.com/2025/12/15/react2shell_flaw_china_iran/ https://www.theregister.com/2025/12/15/react2shell_flaw_china_iran/"
X Link 2025-12-15T22:57Z [----] followers, [---] engagements

"FortiGate firewall credentials being stolen after vulnerabilities discovered CSO Online "hackers exploiting the vulnerabilities could access Fortinet device configuration files to accelerate a breach of security controls." https://www.csoonline.com/article/4107440/fortigate-firewall-credentials-being-stolen-after-vulnerabilities-discovered.html https://www.csoonline.com/article/4107440/fortigate-firewall-credentials-being-stolen-after-vulnerabilities-discovered.html"
X Link 2025-12-17T01:47Z [----] followers, [---] engagements

"Critical Fortinet Flaws Under Active Attack "The vulnerability tracked as CVE-2025-59718 (CVSS Score: 9.1) is one of two critical authentication bypass flaws the other is CVE-2025-59719 (CVSS Score: 9.1)" https://www.darkreading.com/cyberattacks-data-breaches/critical-fortinet-flaws-under-active-attack https://www.darkreading.com/cyberattacks-data-breaches/critical-fortinet-flaws-under-active-attack"
X Link 2025-12-18T00:31Z [----] followers, [---] engagements

"China-Linked Hackers Exploiting Zero-Day in Cisco Security Gear - SecurityWeek "The vulnerability tracked as CVE-2025-20393 and classified as having critical severity impacts appliances running Cisco AsyncOS software for ESA and Secure Email" https://www.securityweek.com/china-linked-hackers-exploiting-zero-day-in-cisco-security-gear/ https://www.securityweek.com/china-linked-hackers-exploiting-zero-day-in-cisco-security-gear/"
X Link 2025-12-18T22:50Z [----] followers, [----] engagements

"Cisco Warns of Active Attacks Exploiting Unpatched 0-Day in AsyncOS Email Security Appliances "The as-yet-unpatched vulnerability is being tracked as CVE-2025-20393 and carries a CVSS score of 10.0." https://thehackernews.com/2025/12/cisco-warns-of-active-attacks.html https://thehackernews.com/2025/12/cisco-warns-of-active-attacks.html"
X Link 2025-12-18T22:51Z [----] followers, [---] engagements

"SonicWall Patches Exploited SMA [----] Zero-Day - SecurityWeek "The newly disclosed flaw tracked as CVE-2025-40602 (CVSS score of 6.6) is a medium-severity local privilege escalation issue." https://www.securityweek.com/sonicwall-patches-exploited-sma-1000-zero-day/ https://www.securityweek.com/sonicwall-patches-exploited-sma-1000-zero-day/"
X Link 2025-12-18T23:11Z [----] followers, [---] engagements

""The fresh SonicWall zero-day was resolved in versions 12.4.3-03245 (platform-hotfix) and 12.5.0-02283 (platform-hotfix).On Wednesday the US cybersecurity agency CISA added CVE-2025-40602 to its Known Exploited Vulnerabilities (KEV) list" https://x.com/catnap707/status/2001792465893048744s=20 SonicWall Patches Exploited SMA [----] Zero-Day - SecurityWeek https://t.co/IdSgIiAOUN "The newly disclosed flaw tracked as CVE-2025-40602 (CVSS score of 6.6) is a medium-severity local privilege escalation issue." https://x.com/catnap707/status/2001792465893048744s=20 SonicWall Patches Exploited SMA 1000"
X Link 2025-12-18T23:13Z [----] followers, [---] engagements

"HPE warns of maximum severity RCE flaw in OneView software "There are no workarounds or mitigations for CVE-2025-37164 so admins are advised to patch vulnerable systems as soon as possible." https://www.bleepingcomputer.com/news/security/hpe-warns-of-maximum-severity-rce-flaw-in-oneview-software/ https://www.bleepingcomputer.com/news/security/hpe-warns-of-maximum-severity-rce-flaw-in-oneview-software/"
X Link 2025-12-18T23:14Z [----] followers, [---] engagements

"2025/12/19 # # #Phishing #Scam #Amazon #AppleID #iCloud # # #ANA # #NintendoSwitchOnline # # # #ETC #JACCS # #MasterCard #MyJCB #JCB"
X Link 2025-12-19T05:48Z [----] followers, [---] engagements

"2025/12/20 # # #Phishing #Scam #auID #KDDI #NintendoSwitchOnline # # # #ETC #JACCS # #MasterCard #MyJCB #JCB"
X Link 2025-12-20T01:09Z [----] followers, [---] engagements

"Critical-rated WatchGuard Firebox flaw under active attack-The Register "In an advisory published this week the network security vendor warned customers that attackers are exploiting CVE-2025-32978 a 9.3-rated vulnerability affecting Firebox firewalls." https://www.theregister.com/2025/12/19/watchguard_firebox/ https://www.theregister.com/2025/12/19/watchguard_firebox/"
X Link 2025-12-20T05:36Z [----] followers, [---] engagements

"25000+ FortiCloud SSO-Enabled Systems Vulnerable to Remote Exploitation "Shadowservers latest scan results reveal at least [-----] IP addresses worldwide hosting Fortinet devices configured with FortiCloud SSO enabled." https://gbhackers.com/25000-forticloud-sso-enabled-systems-vulnerable/ https://gbhackers.com/25000-forticloud-sso-enabled-systems-vulnerable/"
X Link 2025-12-20T11:53Z [----] followers, [---] engagements

"WatchGuard fixes critical zero-day allowing firewall takeover CSO Online "Tracked as CVE-2025-14733 with a CVSS score of [---] the flaw is an Out-of-bounds Write vulnerability affecting the iked process a WatchGuard Fireware OS component responsible" https://www.csoonline.com/article/4109884/watchguard-fixes-critical-zero-day-allowing-firewall-takeover.html https://www.csoonline.com/article/4109884/watchguard-fixes-critical-zero-day-allowing-firewall-takeover.html"
X Link 2025-12-20T11:55Z [----] followers, [---] engagements

"Cisco VPNs Email Services Hit in Separate Threat Campaigns "The vulnerability tracked as CVE-2025-20393 has since been assigned a "critical" [--] out of [--] severity rating in the Common Vulnerability Scoring System (CVSS) and it has not yet been patched" https://www.darkreading.com/endpoint-security/cisco-vpns-email-services-threat-campaigns https://www.darkreading.com/endpoint-security/cisco-vpns-email-services-threat-campaigns"
X Link 2025-12-20T12:04Z [----] followers, [---] engagements

"Apache Log4j Vulnerability Allows Attackers to Intercept Sensitive Log Data "The newly discovered flaw tracked as CVE-2025-68161 enables attackers to intercept or redirect sensitive log data Affected Versions 2.0-beta9 through 2.25.2" https://cyberpress.org/apache-log4j-vulnerability/ https://cyberpress.org/apache-log4j-vulnerability/"
X Link 2025-12-22T02:51Z [----] followers, [---] engagements

"2025/12/23 # # #Phishing #Scam #ANA # #NintendoSwitchOnline # # #AEON #ETC #MasterCard #MyJCB #JCB # # #"
X Link 2025-12-22T22:00Z [----] followers, [---] engagements

"2025/12/24 # # #Phishing #Scam #AppleID #iCloud #DHL # # #ETC #MasterCard #MyJCB #JCB # # #"
X Link 2025-12-23T22:14Z [----] followers, [---] engagements

"103K n8n Automation Instances at Risk From RCE Flaw eSecurity Planet "A critical RCE flaw in the n8n automation platform puts over [------] exposed instances worldwide at risk." https://esecurityplanet.com/threats/103k-n8n-automation-instances-at-risk-from-rce-flaw/ https://esecurityplanet.com/threats/103k-n8n-automation-instances-at-risk-from-rce-flaw/"
X Link 2025-12-23T22:17Z [----] followers, [---] engagements

"https://x.com/catnap707/status/2003784285011259550 Windows 11SSD380% XenoSpectrum https://t.co/VnbtAYUEYN"NVMeIOPS180%CPU45%" https://x.com/catnap707/status/2003784285011259550 Windows 11SSD380% XenoSpectrum https://t.co/VnbtAYUEYN"NVMeIOPS180%CPU45%""
X Link 2025-12-24T11:08Z [----] followers, [---] engagements

"Net-SNMP Vulnerability Allows Buffer Overflow Leading to Daemon Crash "The vulnerability tracked as CVE-2025-68615 affects all versions of Net-SNMP before the latest security patchesThe vulnerability carries a CVSS v3.1 score of [---] out of 10" https://cyberpress.org/net-snmp-vulnerability/ https://cyberpress.org/net-snmp-vulnerability/"
X Link 2025-12-24T22:48Z [----] followers, [---] engagements

"Net-SNMP SnmpTrapd Agent Message Stack-based Buffer Overflow Remote Code Execution Vulnerability ZDI-25-1181 Zero Day Initiative "This vulnerability allows remote attackers to execute arbitrary code on affected installations of Net-SNMP." https://www.zerodayinitiative.com/advisories/ZDI-25-1181/ https://www.zerodayinitiative.com/advisories/ZDI-25-1181/"
X Link 2025-12-25T02:33Z [----] followers, [---] engagements

"CVE-2025-68615: Critical Buffer Overflow Strikes net-snmp snmptrapd TheHackerWire "The attack vector is remote and unauthenticated requiring an attacker to send a maliciously constructed SNMP trap packet to the vulnerable daemon. " https://www.thehackerwire.com/cve-2025-68615-critical-buffer-overflow-strikes-net-snmp-snmptrapd/ https://www.thehackerwire.com/cve-2025-68615-critical-buffer-overflow-strikes-net-snmp-snmptrapd/"
X Link 2025-12-25T05:37Z [----] followers, [---] engagements

"2025/12/27 # # #Phishing #Scam #AppleID #iCloud # # # #ANA #"
X Link 2025-12-27T00:09Z [----] followers, [---] engagements

"Mongobleed PoC Exploit Tool Released for MongoDB Flaw that Exposes Sensitive Data "A proof-of-concept (PoC) exploit dubbed mongobleed for CVE-2025-14847 a critical unauthenticated memory leak vulnerability in MongoDBs zlib decompression handling." https://cybersecuritynews.com/mongobleed-poc-exploit-mongodb/ https://cybersecuritynews.com/mongobleed-poc-exploit-mongodb/"
X Link 2025-12-28T04:08Z [----] followers, [---] engagements

"MongoDB warns admins to patch severe vulnerability immediately "Tracked as CVE-2025-14847 the security flaw affects multiple MongoDB and MongoDB Server versions and may be abused by unauthenticated threat actors in low-complexity attacks" https://www.bleepingcomputer.com/news/security/mongodb-warns-admins-to-patch-severe-vulnerability-immediately/ https://www.bleepingcomputer.com/news/security/mongodb-warns-admins-to-patch-severe-vulnerability-immediately/"
X Link 2025-12-28T06:00Z [----] followers, [---] engagements

""To patch the security flaw and block potential attacks admins are advised to immediately upgrade to MongoDB 8.2.3 8.0.17 7.0.28 6.0.27 5.0.32 or 4.4.30." https://x.com/catnap707/status/2005156798459006988s=20 MongoDB warns admins to patch severe vulnerability immediately https://t.co/kY8JDADf1i "Tracked as CVE-2025-14847 the security flaw affects multiple MongoDB and MongoDB Server versions and may be abused by unauthenticated threat actors in low-complexity attacks" https://x.com/catnap707/status/2005156798459006988s=20 MongoDB warns admins to patch severe vulnerability immediately"
X Link 2025-12-28T06:01Z [----] followers, [---] engagements

"New MongoDB Flaw Lets Unauthenticated Attackers Read Uninitialized Memory "An client-side exploit of the Server's zlib implementation can return uninitialized heap memory without authenticating to the server" https://thehackernews.com/2025/12/new-mongodb-flaw-lets-unauthenticated.html https://thehackernews.com/2025/12/new-mongodb-flaw-lets-unauthenticated.html"
X Link 2025-12-28T06:03Z [----] followers, [---] engagements

"2025/12/31 # # #Phishing #Scam #AppleMusic #AppleID #iCloud #PayPay #Pairs #ANA # # #ETC #JACCS # #"
X Link 2025-12-31T00:19Z [----] followers, [---] engagements

"Fortinet warns of 5-year-old FortiOS 2FA bypass still exploited in attacks "Tracked as CVE-2020-12812 this improper authentication security flaw was found in FortiGate SSL VPN and enables attackers to log in to unpatched firewalls without" https://www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-exploited-in-attacks/ https://www.bleepingcomputer.com/news/security/fortinet-warns-of-5-year-old-fortios-2fa-bypass-still-exploited-in-attacks/"
X Link 2025-12-31T01:15Z [----] followers, [---] engagements

"Fortinet Warns of New Attacks Exploiting Old Vulnerability - SecurityWeek "Tracked as CVE-2020-12812 the exploited FortiOS flaw allows threat actors to bypass two-factor authentication." https://www.securityweek.com/fortinet-warns-of-new-attacks-exploiting-old-vulnerability/ https://www.securityweek.com/fortinet-warns-of-new-attacks-exploiting-old-vulnerability/"
X Link 2025-12-31T01:16Z [----] followers, [---] engagements

"IBM warns of critical API Connect auth bypass vulnerability "Tracked as CVE-2025-13915 and rated 9.8/10 in severity this authentication bypass security flaw affects IBM API Connect versions 10.0.11.0 and 10.0.8.0 through 10.0.8.5." https://www.bleepingcomputer.com/news/security/ibm-warns-of-critical-api-connect-auth-bypass-vulnerability/ https://www.bleepingcomputer.com/news/security/ibm-warns-of-critical-api-connect-auth-bypass-vulnerability/"
X Link 2025-12-31T10:58Z [----] followers, [---] engagements

"Seagates biggest hard drive quietly hits Japanese stores carrying massive capacity a limited explanation and a price that shocks TechRadar "With a listed price of [------] yen (approximately $887) the drive is both the highest-capacity consumer" https://www.techradar.com/pro/unannounced-32tb-seagate-hard-drive-surfaces-in-japan-for-photoshoot-ironwolf-pro-gets-a-shockingly-high-usd887-price-tag https://www.techradar.com/pro/unannounced-32tb-seagate-hard-drive-surfaces-in-japan-for-photoshoot-ironwolf-pro-gets-a-shockingly-high-usd887-price-tag"
X Link 2026-01-03T01:53Z [----] followers, [---] engagements

"2026/01/04 # # #Phishing #Scam #AppleID #iCloud #Pairs #PayPay #ANA # #DHL #NHK #NHK # # # #ETC # #MasterCard # #VISA #"
X Link 2026-01-03T23:19Z [----] followers, [---] engagements

"Multiple Vulnerabilities in QNAP Tools Allow Attackers to Access Sensitive Data "The company released a security update on January [--] [----] to resolve issues in License Center version 2.0.x." https://cyberpress.org/vulnerabilities-in-qnap-tools/ https://cyberpress.org/vulnerabilities-in-qnap-tools/"
X Link 2026-01-05T08:31Z [----] followers, [---] engagements

"Thousands of firewalls at risk as legacy flaw in Fortinet faces renewed threat Cybersecurity Dive "The vulnerability tracked as CVE-2020-12812 has been exploited in the wild in recent weeks when operating under certain configurations" https://www.cybersecuritydive.com/news/thousands-of-firewalls-at-risk-as-legacy-flaw-in-fortinet-under-renewed-thr/808739/ https://www.cybersecuritydive.com/news/thousands-of-firewalls-at-risk-as-legacy-flaw-in-fortinet-under-renewed-thr/808739/"
X Link 2026-01-05T21:05Z [----] followers, [---] engagements

"2026/01/07 # # #Phishing #Scam #Amazon #AppleID #iCloud # #Pairs # #Paidy # #NHK # # # #MyJCB #JCB #MasterCard #VISA #V"
X Link 2026-01-06T23:37Z [----] followers, [---] engagements

"2026/01/08 # # #Phishing #Scam #Amazon #AppleID #iCloud # #SMBC # #Pairs # # #ETC #MyJCB #JCB #MasterCard # #VISA #V"
X Link 2026-01-08T01:35Z [----] followers, [---] engagements

"2026/01/09 # # #Phishing #Scam #AppleID #iCloud #Paidy # # # #ETC #JACCS # #MyJCB #JCB #MasterCard # #VISA #V #"
X Link 2026-01-08T21:48Z [----] followers, [---] engagements

"Critical React Router Flaws Could Let Attackers Access or Modify Server Files "The flaw affects multiple packages and has received a severity rating ofCriticalwith a CVSS score of8.8/10." https://gbhackers.com/critical-react-router-flaws/ https://gbhackers.com/critical-react-router-flaws/"
X Link 2026-01-12T10:10Z [----] followers, [---] engagements

""When developers use unsigned cookies to manage user sessions attackers can craft malicious session cookies containing directory traversal sequences (such as./) to read and write files outside the intended session directory." https://x.com/catnap707/status/2010655651828318520s=20 Critical React Router Flaws Could Let Attackers Access or Modify Server Files https://t.co/kp0pxOJkPJ "The flaw affects multiple packages and has received a severity rating ofCriticalwith a CVSS score of8.8/10." https://t.co/3UqdKApLcX https://x.com/catnap707/status/2010655651828318520s=20 Critical React Router Flaws"
X Link 2026-01-12T10:11Z [----] followers, [---] engagements

"2026/01/13 # # #Phishing #Scam #Amazon #AppleID #iCloud #ANA # #myTOKYOGAS # # # #NHK #NHK #JACCS # # #MyJCB #JCB #MasterCard #VISA #V #"
X Link 2026-01-12T22:33Z [----] followers, [---] engagements

"Apple confirms Google Gemini will power Siri says privacy remains a priority "Apple and Google have confirmed that the next version of Siri will use Gemini and Google Cloud in a multi-year collaboration between the two tech giants." https://www.bleepingcomputer.com/news/apple/apple-confirms-google-gemini-will-power-siri-says-privacy-remains-a-priority/ https://www.bleepingcomputer.com/news/apple/apple-confirms-google-gemini-will-power-siri-says-privacy-remains-a-priority/"
X Link 2026-01-12T22:48Z [----] followers, [---] engagements

"Critical vulnerability found in n8n workflow automation platform Cybersecurity Dive "The vulnerability tracked as CVE-2026-21858 could allow an attacker to bypass automation entirely by using a content-type confusion bug in standards modes " https://www.cybersecuritydive.com/news/critical-vulnerability-n8n-automation-platform/809360/ https://www.cybersecuritydive.com/news/critical-vulnerability-n8n-automation-platform/809360/"
X Link 2026-01-12T22:50Z [----] followers, [---] engagements

"FortiOS and FortiSwitchManager Vulnerability Let Remote Attackers Execute Arbitrary Code "Fortinet has disclosed a critical heap-based buffer overflow vulnerability (CWE-122) in the cw_acd daemon of FortiOS and FortiSwitchManager." https://cybersecuritynews.com/fortios-and-fortiswitchmanager-vulnerability/ https://cybersecuritynews.com/fortios-and-fortiswitchmanager-vulnerability/"
X Link 2026-01-14T03:42Z [----] followers, [---] engagements

"Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution "The operating system (OS) injection vulnerability tracked as CVE-2025-64155 is rated [---] out of [----] on the CVSS scoring system." https://thehackernews.com/2026/01/fortinet-fixes-critical-fortisiem-flaw.html https://thehackernews.com/2026/01/fortinet-fixes-critical-fortisiem-flaw.html"
X Link 2026-01-14T22:27Z [----] followers, [---] engagements

"Fortinet Patches Critical Vulnerabilities in FortiFone FortiSIEM - SecurityWeek "Exploitable via crafted TCP requests the security defect was resolved in FortiSIEM versions 7.1.9 7.2.7 7.3.5 and 7.4.1." https://www.securityweek.com/fortinet-patches-critical-vulnerabilities-in-fortifone-fortisiem/ https://www.securityweek.com/fortinet-patches-critical-vulnerabilities-in-fortifone-fortisiem/"
X Link 2026-01-14T22:28Z [----] followers, [---] engagements

"FortiOS and FortiSwitchManager Vulnerabilities Allow Remote Code Execution "The security flaw tracked asCVE-2025-25249 resides in the cw_acd daemon and carries a CVSS v3 score of [---] classified as high severity." https://cyberpress.org/fortios-and-fortiswitchmanager-vulnerabilities/ https://cyberpress.org/fortios-and-fortiswitchmanager-vulnerabilities/"
X Link 2026-01-14T22:51Z [----] followers, [---] engagements

"2026/01/16 # # #Phishing #Scam #AppleID #iCloud #ANA # #DHL #myTOKYOGAS # # # #Paidy #JACCS # # #VISA"
X Link 2026-01-15T21:07Z [----] followers, [---] engagements

"Palo Alto patches a worrying security issue which could crash your firewall without even logging in TechRadar "The vulnerability is now tracked as CVE-2026-0227 and was given a severity score of 7.7/10 (high)." https://www.techradar.com/pro/security/palo-alto-patches-a-worrying-security-issue-which-could-crash-your-firewall-without-even-logging-in https://www.techradar.com/pro/security/palo-alto-patches-a-worrying-security-issue-which-could-crash-your-firewall-without-even-logging-in"
X Link 2026-01-15T21:30Z [----] followers, [---] engagements

"Palo Alto Networks addressed a GlobalProtect flaw PoC exists "tracked as CVE-2026-0227 (CVSS score: 7.7) affecting GlobalProtect Gateway and Portal for which a proof-of-concept (PoC) exploit exists." https://securityaffairs.com/186948/hacking/palo-alto-networks-addressed-a-globalprotect-flaw-poc-exists.html https://securityaffairs.com/186948/hacking/palo-alto-networks-addressed-a-globalprotect-flaw-poc-exists.html"
X Link 2026-01-15T21:32Z [----] followers, [---] engagements

"Palo Alto Fixes GlobalProtect DoS Flaw That Can Crash Firewalls Without Login "The company's Cloud Next-Generation Firewall (NGFW) is not impacted. There are no workarounds to mitigate the flaw." https://thehackernews.com/2026/01/palo-alto-fixes-globalprotect-dos-flaw.html https://thehackernews.com/2026/01/palo-alto-fixes-globalprotect-dos-flaw.html"
X Link 2026-01-15T21:33Z [----] followers, [---] engagements

"Palo Alto Networks warns of DoS bug letting hackers disable firewalls "Tracked as CVE-2026-0227 this security flaw affects next-generation firewalls (running PAN-OS [----] or later) and Palo Alto Networks' " https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-dos-bug-letting-hackers-disable-firewalls/ https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-dos-bug-letting-hackers-disable-firewalls/"
X Link 2026-01-15T21:36Z [----] followers, [---] engagements

"PoC exploit for critical FortiSIEM vulnerability released (CVE-2025-64155) - Help Net Security "If upgrading to a fixed version is impossible admins should limit access to the phMonitor port (7900)." https://www.helpnetsecurity.com/2026/01/15/fortisiem-vulnerability-cve-2025-64155-poc-exploit/ https://www.helpnetsecurity.com/2026/01/15/fortisiem-vulnerability-cve-2025-64155-poc-exploit/"
X Link 2026-01-15T21:39Z [----] followers, [---] engagements

"Researchers warn of longrunning FortiSIEM root exploit vector as new CVE emerges CSO Online "multiple FortiSIEM releases including 7.4.0 7.3.0-7.3.4 7.1.0-7.1.87.0.0-7.0.4 and 6.7.0-6.7.10." https://www.csoonline.com/article/4117316/researchers-warn-of-long%E2%80%91running-fortisiem-root-exploit-vector-as-new-cve-emerges.html https://www.csoonline.com/article/4117316/researchers-warn-of-long%E2%80%91running-fortisiem-root-exploit-vector-as-new-cve-emerges.html"
X Link 2026-01-15T21:42Z [----] followers, [---] engagements

"Cisco finally fixes max-severity bug under attack for weeks The Register "On Thursday Cisco notified customers that it had released software updates to address the security issue." https://www.theregister.com/2026/01/15/cisco_fixes_cve_2025_20393/ https://www.theregister.com/2026/01/15/cisco_fixes_cve_2025_20393/"
X Link 2026-01-16T00:01Z [----] followers, [---] engagements

"Dismantling the Phish-Factory: Microsoft Seizes RedVDS Cybercrime Network "At its zenith Microsoft documented the activity of over [----] virtual machines collectively dispatching an average of one million phishing emails daily." https://meterpreter.org/dismantling-the-phish-factory-microsoft-seizes-redvds-cybercrime-network/ https://meterpreter.org/dismantling-the-phish-factory-microsoft-seizes-redvds-cybercrime-network/"
X Link 2026-01-16T03:52Z [----] followers, [---] engagements

"TP-Link Patches Vulnerability Exposing VIGI Cameras to Remote Hacking - SecurityWeek "The security hole tracked as CVE-2026-0629 and classified as high severity is described in a TP-Link advisory published last week as an authentication bypass flaw" https://www.securityweek.com/tp-link-patches-vulnerability-exposing-vigi-cameras-to-hacking/ https://www.securityweek.com/tp-link-patches-vulnerability-exposing-vigi-cameras-to-hacking/"
X Link 2026-01-19T21:16Z [----] followers, [---] engagements

"2026/01/20 # # #Phishing #Scam #Amazon #AppleID #iCloud #DHL # #NintendoSwitchOnline # # # #VISA #"
X Link 2026-01-19T23:00Z [----] followers, [---] engagements

"2026/01/21 # # #Phishing #Scam #Amazon # #DHL # # #myTOKYOGAS # # #MasterCard # #MyJCB #JCB #VISA #"
X Link 2026-01-20T22:43Z [----] followers, [---] engagements

"Fortinet admins report patched FortiGate firewalls getting hacked "CISA has also added the CVE-2025-59718 FortiCloud SSO auth bypass flaw to its list of actively exploited vulnerabilities ordering federal agencies to patch within a week." https://www.bleepingcomputer.com/news/security/fortinet-admins-report-patched-fortigate-firewalls-getting-hacked/ https://www.bleepingcomputer.com/news/security/fortinet-admins-report-patched-fortigate-firewalls-getting-hacked/"
X Link 2026-01-21T21:48Z [----] followers, [---] engagements

"Attacks Target Freshly Patched Critical Fortinet Flaws as CVE-2025-64155 security firm Defused reported Thursday that its honeypots began detecting active in-the-wild attempts to exploit the vulnerability hot on the heels of Fortinet issuing" https://www.databreachtoday.com/attacks-target-freshly-patched-critical-fortinet-flaws-a-30575 https://www.databreachtoday.com/attacks-target-freshly-patched-critical-fortinet-flaws-a-30575"
X Link 2026-01-21T21:51Z [----] followers, [---] engagements

"2026/01/22 # # #Phishing #Scam #Amazon # # #DHL #myTOKYOGAS # #MyJCB #JCB # #VISA #"
X Link 2026-01-21T22:37Z [----] followers, [---] engagements

"2026/01/23 # # #Phishing #Scam #Amazon #AppleID #iCloud # # #DHL #Paidy # # # #NintendoSwitchOnline #MasterCard # #"
X Link 2026-01-22T22:38Z [----] followers, [---] engagements

"Trivial Telnet authentication bypass exposes devices to complete takeover CSO Online "the vulnerability now tracked as CVE-2026-24061 is trivial to exploit remotely and because it has existed in the codebase for the past [--] years since version 1.9.3" https://www.csoonline.com/article/4120997/trivial-telnet-authentication-bypass-exposes-devices-to-complete-takeover.html https://www.csoonline.com/article/4120997/trivial-telnet-authentication-bypass-exposes-devices-to-complete-takeover.html"
X Link 2026-01-22T22:41Z [----] followers, [---] engagements

"2026/01/24 # # #Phishing #Scam #Amazon #AppleID #iCloud #ANA # #DHL #NHK #NHK # #myTOKYOGAS # #NintendoSwitchOnline #e # #MasterCard # #V #"
X Link 2026-01-24T01:49Z [----] followers, [---] engagements

"11-Year-Old critical telnetd flaw found in GNU InetUtils (CVE-2026-24061) "A critical vulnerability tracked as CVE-2026-24061 (CVSS score of 9.8) in the GNU InetUtils telnet daemon (telnetd) impacts all versions from 1.9.3 to 2.7." https://securityaffairs.com/187255/security/11-year-old-critical-telnetd-flaw-found-in-gnu-inetutils-cve-2026-24061.html https://securityaffairs.com/187255/security/11-year-old-critical-telnetd-flaw-found-in-gnu-inetutils-cve-2026-24061.html"
X Link 2026-01-24T02:02Z [----] followers, [---] engagements

"2026/01/26 # # #Phishing #Scam #Amazon #AppleID #iCloud #DHL # #Paidy # # # #MasterCard # #VISA #ETC"
X Link 2026-01-25T21:35Z [----] followers, [---] engagements

"IOS 26.2.1iPhone Mix Vale "iOS 26.2.1 Wi-Fi " https://www.mixvale.com.br/2026/02/06/ios-26-2-1%e3%82%a2%e3%83%83%e3%83%97%e3%83%87%e3%83%bc%e3%83%88%e3%81%ab%e3%82%88%e3%82%8aiphone%e3%81%ab%e9%87%8d%e5%a4%a7%e3%81%aa%e6%ac%a0%e9%99%a5%e3%81%8c%e7%99%ba%e7%94%9f%e3%81%97%e3%80%81-ja/ https://www.mixvale.com.br/2026/02/06/ios-26-2-1%e3%82%a2%e3%83%83%e3%83%97%e3%83%87%e3%83%bc%e3%83%88%e3%81%ab%e3%82%88%e3%82%8aiphone%e3%81%ab%e9%87%8d%e5%a4%a7%e3%81%aa%e6%ac%a0%e9%99%a5%e3%81%8c%e7%99%ba%e7%94%9f%e3%81%97%e3%80%81-ja/"
X Link 2026-02-08T07:46Z [----] followers, [---] engagements

Limited data mode. Full metrics available with subscription: lunarcrush.com/pricing