[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]

# ![@TweetThreatNews Avatar](https://lunarcrush.com/gi/w:26/cr:twitter::1859780116014141440.png) @TweetThreatNews Cybersecurity News Everyday

Cybersecurity News Everyday posts on X about microsoft, china, targets, japan the most. They currently have XXXXX followers and 3935 posts still getting attention that total XXXXX engagements in the last XX hours.

### Engagements: XXXXX [#](/creator/twitter::1859780116014141440/interactions)
![Engagements Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1859780116014141440/c:line/m:interactions.svg)

- X Week XXXXXX +26%
- X Month XXXXXX +8.20%
- X Months XXXXXXX +159%

### Mentions: XX [#](/creator/twitter::1859780116014141440/posts_active)
![Mentions Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1859780116014141440/c:line/m:posts_active.svg)

- X Week XXX +16%
- X Month XXX +10%
- X Months XXXXX +51%

### Followers: XXXXX [#](/creator/twitter::1859780116014141440/followers)
![Followers Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1859780116014141440/c:line/m:followers.svg)

- X Week XXXXX +2.20%
- X Month XXXXX +8.10%
- X Months XXXXX +152%

### CreatorRank: XXXXXXX [#](/creator/twitter::1859780116014141440/influencer_rank)
![CreatorRank Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1859780116014141440/c:line/m:influencer_rank.svg)

### Social Influence [#](/creator/twitter::1859780116014141440/influence)
---

**Social category influence**
[countries](/list/countries)  [technology brands](/list/technology-brands)  [stocks](/list/stocks)  [finance](/list/finance)  [gaming](/list/gaming)  [social networks](/list/social-networks)  [cryptocurrencies](/list/cryptocurrencies)  [automotive brands](/list/automotive-brands)  [currencies](/list/currencies) 

**Social topic influence**
[microsoft](/topic/microsoft) #1236, [china](/topic/china), [targets](/topic/targets) #1161, [japan](/topic/japan), [tplink](/topic/tplink) #78, [united states](/topic/united-states), [$googl](/topic/$googl), [oracle](/topic/oracle) #1165, [$2678t](/topic/$2678t) #3, [ransomware](/topic/ransomware) #23

**Top accounts mentioned or mentioned by**
[@ctrltinycolor](/creator/undefined) [@johnspectator](/creator/undefined) [@linkloomuisdk](/creator/undefined) [@linkloomreactsdk](/creator/undefined) [@kodanepatchmanager](/creator/undefined) [@nestjsdevtoolsintegration](/creator/undefined) [@crowdstrike](/creator/undefined) [@cyberrekk](/creator/undefined) [@pubstormcom](/creator/undefined) [@c4cypher](/creator/undefined) [@5mukx](/creator/undefined) [@securitytrybe](/creator/undefined)

**Top assets mentioned**
[Microsoft Corp. (MSFT)](/topic/microsoft) [Alphabet Inc Class A (GOOGL)](/topic/$googl) [Cloudflare, Inc. (NET)](/topic/cloudflare) [Internxt (INXT)](/topic/internxt) [Magna International (MGA)](/topic/magna-international) [Robinhood Markets, Inc. (HOOD)](/topic/$hood)
### Top Social Posts [#](/creator/twitter::1859780116014141440/posts)
---
Top posts by engagements in the last XX hours

"Capita fined 14M for data breach affecting millions; CISA faces layoffs amid US shutdown; NSO Group acquired by US investors led by Robert Simonds; Microsoft updates include key vulnerability patches. #DataBreach #USGovernment #UK"  
[X Link](https://x.com/TweetThreatNews/status/1979269192298770745) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-17T19:32Z 2960 followers, XXX engagements


"AI-SOC platforms automate triage and enrichment enabling machine-speed SOC operations with human oversight. MSSPs and MDRs evolve into co-managed partners for organizations lacking internal capabilities. #HybridSOC #MSSPModel #AIOperations"  
[X Link](https://x.com/TweetThreatNews/status/1980983464234017240) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T13:03Z 2970 followers, XX engagements


"A critical remote code execution flaw (CVE-2025-62518) was found in an abandoned Rust async tar library impacting tokio-tar forks with over 5M downloads. Highlights risks in unmaintained open-source projects. #RustLang #OpenSourceRisk #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980998564743381346) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T14:03Z 2970 followers, XXX engagements


"Netskope identified a Python RAT called "Nursultan Client" that targets gamers by mimicking a Minecraft client. It uses Telegram Bot API for C2 to steal Discord tokens capture screenshots and webcam images. #NursultanClient #TelegramBot #Kazakhstan"  
[X Link](https://x.com/TweetThreatNews/status/1981082113815257113) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T19:35Z 2970 followers, XX engagements


"Iran-linked MuddyWater deploys Phoenix v4 backdoor via compromised emails and NordVPN exit nodes. The attack uses FakeUpdate injectors and credential stealers communicating through Cloudflare C2 servers. #Iran #MuddyWater #PhoenixBackdoor"  
[X Link](https://x.com/TweetThreatNews/status/1981177746337173544) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-23T01:55Z 2970 followers, XXX engagements


"Protect sensitive data with secure anonymous file sharing tools. Internxt Send Send and OnionShare offer encrypted transfer zero-knowledge architecture time-limited links and Tor network use. #DataPrivacy #EncryptedFiles #SecureSharing"  
[X Link](https://x.com/TweetThreatNews/status/1966851559859319146) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-09-13T13:08Z 2968 followers, XXX engagements


"Caresoft Global a US engineering firm suffered a ransomware attack by threat actor blacknevas exposing accounting records since 2021 and proprietary automotive and manufacturing data. #RansomwareAttack #DataBreach #UnitedStates"  
[X Link](https://x.com/TweetThreatNews/status/1972864994262847779) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-09-30T03:24Z 2963 followers, XXX engagements


"Lynx ransomware actors have encrypted data from TriMed Inc. a US leader in surgical solutions with $58M in 2024 net sales. Incident affects operations in the United States. #RansomwareAttack #SurgicalTech #UnitedStates"  
[X Link](https://x.com/TweetThreatNews/status/1973849469234942443) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-02T20:36Z 2960 followers, XXX engagements


"French startup Filigran raised $58M in Series C led by Eurazeo Growth to expand its XTM suite globally. Over 6000 organizations use its threat prevention solutions growing in Japan and Saudi Arabia. #OpenCTI #Japan #ThreatPrevention"  
[X Link](https://x.com/TweetThreatNews/status/1975596988960813274) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-07T16:20Z 2965 followers, XX engagements


"RondoDox botnet exploits 50+ vulnerabilities across 30+ vendors targeting routers DVRs and servers for DDoS crypto mining and hacking. Key flaw: CVE-2023-1389 in TP-Link devices. #RondoDox #TPLink #China"  
[X Link](https://x.com/TweetThreatNews/status/1976646881632530498) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-10T13:51Z 2968 followers, XXX engagements


"ShapeCorp a US automotive engineering leader hit by ransomware from actor nova targeting sensitive CAD designs and business data linked to Ford GM Jaguar Land Rover and Magna International. #RansomwareAttack #AutoIndustry #UnitedStates"  
[X Link](https://x.com/TweetThreatNews/status/1977055577571311738) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-11T16:55Z 2966 followers, XXX engagements


"Spains Guardia Civil dismantles the GXC Team cybercrime syndicate offering AI-driven phishing kits Android malware and voice scams targeting financial and e-commerce sectors worldwide. Six linked arrests made. #Spain #PhishingKits #Cybercrime"  
[X Link](https://x.com/TweetThreatNews/status/1977456218152083954) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-12T19:27Z 2969 followers, XXX engagements


"Spanish authorities arrested a Brazilian suspected of leading the GXC Team a cybercrime group distributing phishing kits and Android malware targeting banks e-commerce and transportation worldwide. #GXCTeam #Spain #PhishingKits"  
[X Link](https://x.com/TweetThreatNews/status/1977692774087479446) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-13T11:07Z 2969 followers, XXX engagements


"The RondoDox botnet is leveraging 50+ flaws across 30+ vendors exploiting CVE-2023-1389 in TP-Link Archer routers and deploying Mirai/Morte payloads via loader-as-a-service escalating global IoT risks. #RondoDoxBotnet #RouterVulnerabilities #TPLink"  
[X Link](https://x.com/TweetThreatNews/status/1977764246264914352) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-13T15:51Z 2968 followers, XXX engagements


"Google patched a critical use-after-free vulnerability (CVE-2025-11756) in Chromes Safe Browsing component in versions 141.0.7390.107/.108. Researcher asnine earned a $7K bounty. #ChromeUpdate #BugBounty #USA"  
[X Link](https://x.com/TweetThreatNews/status/1979272191028953107) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-17T19:43Z 2960 followers, XXX engagements


"A new technique clones protected antivirus services and replaces a cryptographic provider with a malicious signed DLL injecting code into Bitdefender Trend Micro and Avast processes to enable file writes in protected folders. #AntivirusBypass #CodeInj"  
[X Link](https://x.com/TweetThreatNews/status/1979465460815921621) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-18T08:31Z 2965 followers, XXX engagements


"Europols Operation SIMCARTEL dismantled a major SIM farm network powering 49M+ fake accounts used in global phishing and fraud. X arrests XX raids and seizures of SIM boxes marked a major cybercrime blow. #SIMfarm #GoGetSMS #Netherlands"  
[X Link](https://x.com/TweetThreatNews/status/1979857042270544005) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-19T10:27Z 2964 followers, XXX engagements


"Collins Aerospace admits responsibility for widespread flight disruptions at Heathrow Brussels and other airports following ransomware attacks by threat actor Everest causing major travel chaos. #Aerospace #Ransomware #UnitedStates"  
[X Link](https://x.com/TweetThreatNews/status/1980048299173323119) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-19T23:07Z 2961 followers, XXX engagements


"Phishing campaign uses a malicious Chrome extension named "Mac Spoofer" delivered via a ZIP attachment promising $50000 to trick victims into sideloading. Credentials are stolen and sent to a remote server. #MacSpoofer #ChromeExtension #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980113736238030909) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T03:27Z 2962 followers, XXX engagements


"WaterPlum Cluster Bs OtterCandy malware targets Windows macOS and Linux to steal browser data crypto wallets and files via C2 servers. August 2025 update enhances victim ID and data exfiltration. #NodeJSMalware #CryptoTheft"  
[X Link](https://x.com/TweetThreatNews/status/1980144936960901155) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T05:31Z 2962 followers, XXX engagements


"DALCANS in France states refunds or exchanges only accepted if products are returned in original condition with all accessories within the period placing risk on buyers. Medusa ransomware caused 1TB data leak. #France #DataBreach #Ransomware"  
[X Link](https://x.com/TweetThreatNews/status/1980198237806952830) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T09:03Z 2965 followers, XXX engagements


"Envoy Air an American Airlines subsidiary suffered a major data breach after hackers exploited Oracle E-Business Suite vulnerabilities. Over XX GB of data leaked linked to Cl0p and FIN11 groups. #EnvoyAir #OracleHack #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980198410503254086) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T09:04Z 2961 followers, XXX engagements


"A major AWS outage has disrupted services worldwide impacting Amazon PrimeVideo Fortnite Canva Roblox Hulu and Robinhood. The issue is concentrated in the US-EAST-1 region as AWS investigates. #AWSOutage #CloudFailure #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980219439426503093) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T10:27Z 2960 followers, XXX engagements


"A critical WatchGuard Fireware flaw (CVE-2025-9242) enables unauthenticated remote code execution via an out-of-bounds write affecting multiple Fireware OS versions and VPN setups. #WatchGuard #VPNFlaw #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980221441527230829) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T10:35Z 2965 followers, XXX engagements


"A critical zero-click vulnerability in Dolby Unified Decoder enables remote code execution via malicious audio on Android macOS and iOS. Patches deployed by Dolby Google and Microsoft. #DolbyDecoder #RemoteExec #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980225466947506431) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T10:51Z 2961 followers, XXX engagements


"A threat actor has breached Abacusdesk exposing a XX MB database with over 73000 records containing personal financial and tax details. The incident raises significant concerns about data privacy. #DataLeak #BusinessSoftware #India"  
[X Link](https://x.com/TweetThreatNews/status/1980255667643461906) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T12:51Z 2962 followers, XXX engagements


"A dark web actor is selling a stolen database from Ustundag Turizm containing sensitive PII: names emails phone numbers Turkish ID numbers and passwords for $10000 in Monero. #DataLeak #TurkishID #UstundagTurizm"  
[X Link](https://x.com/TweetThreatNews/status/1980258686833496206) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T13:03Z 2965 followers, XX engagements


"A data breach at Russian food delivery service Dakota Dostavka exposed 40000 customer records including names emails phone numbers addresses order details and IPs. #DakotaDostavka #DataLeak #Russia"  
[X Link](https://x.com/TweetThreatNews/status/1980259690396221912) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T13:07Z 2965 followers, XXX engagements


"Microsoft's October 2025 Windows updates cause smart card authentication failures across Windows XX XX and Server due to a switch from CSP to KSP. Registry tweaks can fix until April 2026. #WindowsUpdate #SmartCardAuth #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980295930898219210) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T15:31Z 2966 followers, XXX engagements


"Al Ahly Leasing & Factoring Company an Egyptian financial firm specializing in leasing and receivables management was targeted by ransomware actor blackshrantac on October XX 2025. #RansomwareAttack #Egypt #FinancialCrime"  
[X Link](https://x.com/TweetThreatNews/status/1980332211682361534) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T17:56Z 2965 followers, XXX engagements


"CISA reports active exploitation of CVE-2025-33073 a Windows SMB flaw allowing SYSTEM privilege escalation on unpatched Windows Server XX and XX systems. Patch released June 2025. #WindowsFlaw #SMBExploit #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980385523693687194) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T21:27Z 2970 followers, XXX engagements


"Over 75000 WatchGuard Firebox devices vulnerable to critical RCE flaw CVE-2025-9242 via unauthenticated IKEv2 packets exploiting an out-of-bounds write in Fireware OS. Impacting Europe and North America. #WatchGuard #RemoteAttack #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980386532977410134) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T21:31Z 2970 followers, XXX engagements


"Retail giant Muji halts online sales after ransomware attack on logistics partner Askul disrupts order processing shipping and customer service in Japan. Investigation ongoing on affected shipments. #QilinAttack #Japan #RetailDisruption"  
[X Link](https://x.com/TweetThreatNews/status/1980387536926105703) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T21:35Z 2969 followers, XXX engagements


"CISA adds five new exploited bugs to its KEV Catalog including a critical remote code execution flaw in Oracle E-Business Suite (CVE-2025-61884). Microsoft products also targeted in these active vulnerabilities. #OracleEBS #US #Infosec"  
[X Link](https://x.com/TweetThreatNews/status/1980390559190602142) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T21:47Z 2970 followers, XXX engagements


"Japanese retailer Askul halted online orders and shipments after a ransomware attack disrupted its systems affecting major clients like Muji and Loft. Investigation into potential data leaks is ongoing. #Japan #Ransomware #RetailDisruptions"  
[X Link](https://x.com/TweetThreatNews/status/1980393577768222872) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T21:59Z 2970 followers, XXX engagements


"South Korea moves to arrest XX of the XX repatriated from Cambodia over alleged involvement in online scam rings exploiting vulnerable individuals and trafficking victims. #SouthKorea #CambodiaScams #OnlineFraud"  
[X Link](https://x.com/TweetThreatNews/status/1980394584329900288) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T22:03Z 2968 followers, XXX engagements


"CISA adds five critical Microsoft Apple and Oracle vulnerabilities to the KEV catalog including flaws exploited by CL0P ransomware targeting Harvard and American Airlines. #CISAKEV #CL0Pransomware #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980396596832412123) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T22:11Z 2969 followers, XXX engagements


"Fortinet uncovered an August 2025 SEO poisoning campaign targeting Chinese users with fake software sites using malicious SEO plugins and look-alike domains distributing Hiddengh0st and Winos malware variants. #Hiddengh0st #China #SEOpoisoning"  
[X Link](https://x.com/TweetThreatNews/status/1980397603721199747) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T22:15Z 2969 followers, XXX engagements


"Harmony Brands a US leader in premium sod grass and outdoor living products has been targeted by Sinobi ransomware disrupting operations nationwide. Incident discovered on Oct XX 2025. #RansomwareAttack #OutdoorLiving #UnitedStates"  
[X Link](https://x.com/TweetThreatNews/status/1980421762320937422) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T23:51Z 2970 followers, XX engagements


"Japanese e-commerce giant ASKUL halted orders and shipments after a ransomware attack caused system failures. The network breach disrupted operations highlighting the risks facing online retailers in Japan. #RansomwareAttack #EcommerceJapan #Japan"  
[X Link](https://x.com/TweetThreatNews/status/1980428810492186678) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T00:19Z 2968 followers, XXX engagements


"Securing AI requires trust via identity management authentication and audit logs. Autonomous Agentic AI demands strong governance layered protections and ongoing monitoring to balance automation with human oversight. #AITrust #DataSafety"  
[X Link](https://x.com/TweetThreatNews/status/1980615036046381329) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T12:39Z 2965 followers, XX engagements


"Over 73000 WatchGuard Firebox devices remain unpatched for critical flaw CVE-2025-9242 affecting Fireware OS versions 11.10.2-12.11.3 and 2025.1. Remote code execution possible via iked process without authentication. #WatchGuardFirebox #RemoteExploit"  
[X Link](https://x.com/TweetThreatNews/status/1980616043761480169) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T12:43Z 2965 followers, XX engagements


"The Tykit phishing kit uses SVG files with obfuscated JavaScript to steal Microsoft XXX credentials by redirecting through CAPTCHA and staged POST requests. Targets span multiple industries with templated domains. #PhishingKit #Microsoft365 #Finance"  
[X Link](https://x.com/TweetThreatNews/status/1980651279849324599) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T15:03Z 2966 followers, XXX engagements


"Microsoft has fixed a major bug causing classic Outlook on Windows to fail at startup and block logins. Temporary workarounds included Outlook Web Access and the new Outlook app. Monitoring ongoing. #OutlookBug #WindowsFix #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980687518207995967) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T17:27Z 2965 followers, XX engagements


"Microsofts Windows updates from August XX 2025 cause login failures due to duplicate Security Identifiers (SIDs) on Windows XX 24H2 25H2 and Server 2025. Issues include failed logins access denied and SEC_E_N errors. #SecurityIdentifiers #WindowsL"  
[X Link](https://x.com/TweetThreatNews/status/1980690538132013456) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T17:39Z 2965 followers, XXX engagements


"PolarEdge botnet targets routers from Cisco ASUS QNAP and Synology using CVE-2023-20118 to deploy backdoor scripts. Employs TLS communication and anti-analysis to evade detection. #PolarEdgeMalware #RouterExploits #Taiwan"  
[X Link](https://x.com/TweetThreatNews/status/1980692548113809503) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T17:47Z 2965 followers, XXX engagements


"Defakto raises $30.75M to advance its IAM platform for non-human identities like AI agents securing automated cloud interactions across AWS Azure Google Cloud and hybrid environments with dynamic credential solutions. #IdentityAccess #CloudIAM"  
[X Link](https://x.com/TweetThreatNews/status/1980695592914280618) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T18:00Z 2965 followers, XX engagements


"Dr. Allan Friedman the Father of SBOMs joins NetRise as a strategic advisor to advance software supply chain visibility. SBOMs remain crucial as AI enhances their analysis in cybersecurity. #SupplyChain #USA #SoftwareSecurity"  
[X Link](https://x.com/TweetThreatNews/status/1980696575908163623) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T18:03Z 2968 followers, XX engagements


"Gravwell secures $15.4M in Series A funding to enhance its data analytics and security platform enabling improved threat detection and AI agent monitoring for enterprise teams. #DataFusion #AIProtection #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980697587867906387) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T18:07Z 2965 followers, XX engagements


"Active exploitation of critical Windows SMB flaw CVE-2025-33073 allows remote SYSTEM-level privilege escalation on Windows XX XX and Server. CISA mandates patching by Nov XX. #WindowsSMB #PrivilegeEscalation #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980698590793113968) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T18:11Z 2965 followers, XXX engagements


"decoded Microsoft 365s UserAuthenticationMethod field as a bitfield mapping numeric values to specific primary authentication methods like Password Hash Sync Staged Rollout and Passkey aiding log analysis. #Microsoft365 #AuthM"  
[X Link](https://x.com/TweetThreatNews/status/1980700607817118019) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T18:19Z 2966 followers, XXX engagements


"Varonis exposed how invisible Unicode characters bypassed Microsofts app name safeguards enabling malicious Azure apps like "Azure Portal" for phishing and token theft. Microsoft patched vulnerabilities in 2025. #AzureSecurity #UnicodeAttack #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980701614605291909) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T18:23Z 2966 followers, XX engagements


"Prime Dental suffered a ransomware attack by threat actor sinobi exposing sensitive patient and operational data. This highlights the critical need for advanced security in dental care. #DentalData #RansomwareAttack #UnitedStates"  
[X Link](https://x.com/TweetThreatNews/status/1980723749331636668) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T19:51Z 2969 followers, XX engagements


"Ransom threat actor sinobi claims to have compromised Crave Management Group a major US fast-food franchise operator in Montana raising concerns over the security of its expanding operations nationwide. #Ransomware #FastFood #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980724758506324116) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T19:55Z 2969 followers, XX engagements


"Ransomware group play claims to have encrypted critical data at National Coatings in the United States demanding payment for the decryption key. This underscores rising digital threats to U.S. businesses. #RansomwareAttack #DataBreach"  
[X Link](https://x.com/TweetThreatNews/status/1980726772036518342) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T20:03Z 2969 followers, XXX engagements


"Ransomware attacks are fewer but ransom payments surged over XX% averaging $3.6M. Healthcare and government sectors face the highest payouts amid rising attack complexity and detection challenges. #DarkWebTrends #RansomwareImpact #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980764017372090754) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T22:31Z 2969 followers, XXX engagements


"CISA confirms active exploitation of Oracle E-Business Suite SSRF flaw CVE-2025-61884 by threat groups like Clop. Patch required by Nov XX 2025. Previous leaks involved ShinyHunters and Lapsus$. #OracleFlaw #CVE2025 #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980770056863642104) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T22:55Z 2971 followers, XXX engagements


"BRDSoft a US IT and telecom company was hit by ransomware from threat actor nova disrupting critical systems for telecoms call centers and ISPs across the telecommunications sector. #RansomwareAttack #TelecomImpact #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980815357028729009) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T01:55Z 2970 followers, XXX engagements


"Lynx ransomware group has targeted Marquis Companies a healthcare provider in Milwaukie Oregon disrupting assisted living and Alzheimer care services across the US. #RansomwareAttack #HealthcareBreach #UnitedStates"  
[X Link](https://x.com/TweetThreatNews/status/1980816365087773116) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T01:59Z 2969 followers, XX engagements


"Pro-Russia info ops exploited Sept XXX 2025 Russian drone incursion into Polish airspace to deflect blame blame NATO/Poland and undermine support for Ukraine. Campaigns include Portal Kombat Doppelganger NDP. #Poland #InformationOps"  
[X Link](https://x.com/TweetThreatNews/status/1980819391273992691) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T02:11Z 2971 followers, XXX engagements


"Russian state-backed group Coldriver swiftly replaced exposed LostKeys malware with new stealth tools NOROBOT YESROBOT and MAYBEROBOT to target high-value entities for intel gathering. #RussianHackers #MalwareUpdate #IntelTheft"  
[X Link](https://x.com/TweetThreatNews/status/1980822408530407892) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T02:23Z 2968 followers, XX engagements


"Googles Threat Intelligence Group uncovers pro-Russia disinformation campaigns exploiting the 2025 Polish drone incident. Networks like Portal Kombat and Doppelganger spread false narratives to undermine NATO and Poland. #Poland #Disinformation"  
[X Link](https://x.com/TweetThreatNews/status/1980825422863466600) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T02:35Z 2969 followers, XXX engagements


"Sockets team uncovered a homoglyph typosquat on NuGet called Netherum.All using a Cyrillic to mimic Nethereum exfiltrating wallet keys via XOR-decoded C2 endpoints and reused code across multiple packages. #NuGetThreats #Cryptojacking"  
[X Link](https://x.com/TweetThreatNews/status/1980854616699875700) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T04:31Z 2968 followers, XXX engagements


"Chinese threat actors exploit the ToolShell vulnerability (CVE-2025-53770) in Microsoft SharePoint targeting organizations across Middle East South America Africa Europe and the U.S. using malware like Zingdoor and ShadowPad. #ToolShell #UnitedStates"  
[X Link](https://x.com/TweetThreatNews/status/1980959308008312947) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T11:27Z 2969 followers, XXX engagements


"A critical flaw CVE-2025-62518 in async-tar Rust library and forks like tokio-tar allows remote code execution via file overwriting and nested TAR archive smuggling. Upgrade to astral-tokio-tar. #RustSecurity #RemoteExecution #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980960313437466992) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T11:31Z 2969 followers, XX engagements


"Ransomware actor Qilin has targeted Applied Technology Resources a key US Title Search Exams provider potentially compromising proprietary systems. Incident affects the United States only. #RansomwareAttack #TitleSearch #UnitedStates"  
[X Link](https://x.com/TweetThreatNews/status/1980972393699975612) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T12:19Z 2969 followers, XX engagements


"LockBit XXX ransomware targets Windows Linux and VMware ESXi with advanced obfuscation DLL reflection ETW patching anti-forensics and randomized file extensions evolving from LockBit XXX. #RansomwareAttack #VMwareESXi #LockBit5"  
[X Link](https://x.com/TweetThreatNews/status/1978030001854292195) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-14T09:27Z 2970 followers, XXX engagements


"Fake Google ads impersonate Perplexitys Comet browser pushing a malware-laden installer linked to DarkGate. The malicious file is hosted on GitHub with ties to Russian code and a C2 server. #Perplexity #DarkGate #Russia"  
[X Link](https://x.com/TweetThreatNews/status/1980220437431808460) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-20T10:31Z 2970 followers, XXX engagements


"Microsoft released an emergency update KB5070773 to fix USB mouse and keyboard issues in Windows Recovery Environment caused by October 2025 security patches. #WindowsUpdate #WinREFix #USA"  
[X Link](https://x.com/TweetThreatNews/status/1980612014520025219) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T12:27Z 2970 followers, XXX engagements


"Peraso a Canadian company suffered a ransomware attack by the group Rhysida. Data was maliciously encrypted and a ransom demand was made impacting their operations and data security. #RansomwareAttack #DataBreach #Canada"  
[X Link](https://x.com/TweetThreatNews/status/1980725770919006240) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T19:59Z 2970 followers, XXX engagements


"Nelligan White Architects in the US suffered a ransomware attack by the threat actor Play causing major data encryption and operational disruption. Incident discovered on October XX 2025. #RansomwareAttack #DataBreach #UnitedStates"  
[X Link](https://x.com/TweetThreatNews/status/1980727777981522098) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T20:07Z 2969 followers, XXX engagements


"Cursor and Windsurf IDEs run on outdated Chromium and V8 engines exposing 1.8M developers to 94+ patched vulnerabilities including CVE-2025-7656 risking crashes and arbitrary code execution via malicious extensions. #ElectronFlaws #DevToolsRisk"  
[X Link](https://x.com/TweetThreatNews/status/1980769052218761540) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T22:51Z 2969 followers, XXX engagements


"TP-Link reveals two critical command injection flaws in XX Omada gateway models: CVE-2025-6542 enables remote attacks without authentication CVE-2025-6541 requires login. Firmware updates address these risks. #TPLink #NetworkSecurity #China"  
[X Link](https://x.com/TweetThreatNews/status/1980771071922970993) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-21T22:59Z 2970 followers, XXX engagements


"Sinobi ransomware targets Sanhua International disrupting operations in China. Sanhua is known for eco-friendly refrigeration and AC components including its Green Tech Line launched in 2017. #RansomwareAttack #EcoTech #China"  
[X Link](https://x.com/TweetThreatNews/status/1980817372240830691) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T02:03Z 2969 followers, XXX engagements


"Ransomware group incransom has targeted Kumwell impacting safety and security systems across critical infrastructure in multiple countries including Thailand China India and more. #RansomwareAttack #InfrastructureRisk #Thailand"  
[X Link](https://x.com/TweetThreatNews/status/1980818375933661570) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T02:07Z 2970 followers, XXX engagements


"TP-Link patches four critical Omada gateway vulnerabilities including two remote code execution flaws and privilege escalation bugs. Admin password needed for one exploit. Updates address root access risks. #TPLinkSecurity #RemoteAttack #Networking"  
[X Link](https://x.com/TweetThreatNews/status/1980889848513737084) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T06:51Z 2969 followers, XX engagements


"Ransomware attacks surge in APAC targeting SonicWall VPN flaws and Microsoft XXX logins. Akira ransomware exploits CVE-2024-40766 using stolen credentials and Python scripts for stealthy operations. #AkiraRansomware #VPNFlaws #Australia"  
[X Link](https://x.com/TweetThreatNews/status/1980890853733282300) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T06:55Z 2970 followers, XXX engagements


"Tri City Foods a Burger King franchisee in Downers Grove IL was hit by the ransomware group Qilin disrupting operations across the US. The attack was discovered on October XX 2025. #RansomwareAttack #BurgerKing #UnitedStates"  
[X Link](https://x.com/TweetThreatNews/status/1980891870633804187) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T06:59Z 2969 followers, XXX engagements


"A cybercriminal group targeted Gerar a Brazilian professional training platform stealing over 546GB of data including sensitive info of 400000+ individuals and maintaining access via a backdoor. #DataLeak #Brazil #Infosec"  
[X Link](https://x.com/TweetThreatNews/status/1980971382591660374) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T12:15Z 2970 followers, XX engagements


"Northern Light Technologies a Canadian leader in underground lighting for mining and tunneling faces a ransomware attack by the threat actor qilin impacting operations in Canada Australia and Chile. #Canada #RansomwareAttack #MiningTech"  
[X Link](https://x.com/TweetThreatNews/status/1980973395584921870) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T12:23Z 2970 followers, XXX engagements


"Yunex Traffic is investigating unauthorized access to its internal development systems. Operations remain unaffected while external experts assist with the security breach response. #YunexTraffic #DataBreach #Germany"  
[X Link](https://x.com/TweetThreatNews/status/1980999570541752330) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T14:07Z 2970 followers, XXX engagements


"Hackers are exploiting the critical SessionReaper flaw (CVE-2025-54236) in Adobe Commerce platforms with hundreds of attempts targeting unpatched Magento stores worldwide. #SessionReaper #AdobeCommerce #Magento"  
[X Link](https://x.com/TweetThreatNews/status/1981117345805340946) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T21:55Z 2970 followers, XXX engagements


"Pwn2Own Ireland 2025 revealed XX zero-day exploits across devices including a 5-flaw hack on Samsung Galaxy S25 and rapid QNAP NAS breaches awarding hackers over $790K in prizes. #Pwn2Own #ZeroDay #Ireland"  
[X Link](https://x.com/TweetThreatNews/status/1981118354577371365) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T21:59Z 2970 followers, XXX engagements


"Chinese-linked groups exploited the CVE-2025-53770 ToolShell SharePoint flaw weeks after Microsofts July patch targeting governments telecoms universities and finance sectors globally. #China #SharePoint #ZeroDay"  
[X Link](https://x.com/TweetThreatNews/status/1981120365989441876) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T22:07Z 2970 followers, XXX engagements


"Iran-linked group MuddyWater targets over XXX organizations in MENA with phishing emails deploying the Phoenix backdoor via weaponized Word docs. Targets include embassies diplomatic missions and government agencies. #MuddyWater #Iran #Espionage"  
[X Link](https://x.com/TweetThreatNews/status/1981122381977358626) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T22:15Z 2970 followers, XX engagements


"SpaceX has disabled over 2500 Starlink devices tied to scam operations in Myanmar working closely with law enforcement. Despite efforts scams persist near Mandalay and the Thai border. #Starlink #Myanmar #ScamOperations"  
[X Link](https://x.com/TweetThreatNews/status/1981124391653007363) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T22:23Z 2970 followers, XX engagements


"Keycard raises $38M to revolutionize AI agent identity with cryptography and dynamic tokens. Founded by ex-Snyk and Okta leaders the platform boosts secure trusted access management. #IdentityTech #AIsecurity #USA"  
[X Link](https://x.com/TweetThreatNews/status/1981126407880147040) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T22:31Z 2969 followers, XX engagements


"Multiple critical vulnerabilities discovered in TP-Link Omada gateways including CVE-2025-6542 allowing remote OS command execution. Firmware updates and password changes recommended. #TPLinkFlaws #NetworkSecurity #China"  
[X Link](https://x.com/TweetThreatNews/status/1981127411841253779) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-22T22:35Z 2970 followers, XX engagements


"Warlock ransomware surfaced mid-2025 via exploitation of a Microsoft SharePoint zero-day (CVE-2025-53770) linked to China-backed group Storm-2603 using reused stolen certs and DLL sideloading techniques. #China #ToolShell #LockBit"  
[X Link](https://x.com/TweetThreatNews/status/1981178755872690581) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-23T01:59Z 2970 followers, XXX engagements


"Trend Research reveals a Premier Pass-as-a-Service model where China-aligned Earth Estries brokers access to Earth Naga enabling coordinated APT backdoor deployments like CrowDoor and ShadowPad targeting APAC and NATO sectors. #China #APTattacks"  
[X Link](https://x.com/TweetThreatNews/status/1981179761335411002) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-23T02:03Z 2970 followers, XXX engagements


"Muji halted online sales after a ransomware attack on logistics partner Askul disrupted orders and services. Askul is probing possible data leaks. Asahi also hit by ransomware causing shutdowns and data exposure. #AskulAttack #MujiImpact #Japan"  
[X Link](https://x.com/TweetThreatNews/status/1981252233380372755) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-23T06:51Z 2970 followers, XXX engagements


"A critical bug (CVE-2025-61932) in Motex Lanscope Endpoint Manager allows arbitrary code execution via crafted packets. Active exploitation confirmed; impacted on-prem versions include XXX. #MotexLanscope #CISAKEV #USA"  
[X Link](https://x.com/TweetThreatNews/status/1981253242269941802) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-23T06:55Z 2970 followers, XXX engagements


"Over XXX Magento stores targeted in XX hours exploiting Adobe Commerce flaw CVE-2025-54236. Attackers use remote code execution via REST API to deploy PHP webshells and steal system data. #MagentoStores #AdobeFlaw #RemoteCodeExecution"  
[X Link](https://x.com/TweetThreatNews/status/1981254259657052460) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-23T07:00Z 2970 followers, XX engagements


"Alleged sale of Bolivia Ministry of Health and Sports data on the dark web exposes sensitive personal and government health information raising concerns over privacy and national security breaches. #Bolivia #DataBreach #HealthData"  
[X Link](https://x.com/TweetThreatNews/status/1981256263737471316) [@TweetThreatNews](/creator/x/TweetThreatNews) 2025-10-23T07:07Z 2970 followers, XXX engagements