#  @the_yellow_fall Gray Hats Gray Hats posts on X about cybersecurity, ai, $googl, microsoft the most. They currently have [------] followers and [---] posts still getting attention that total [-----] engagements in the last [--] hours. ### Engagements: [-----] [#](/creator/twitter::233467047/interactions)  - [--] Week [-----] +113% - [--] Month [------] -14% - [--] Months [-------] -47% - [--] Year [-------] +14% ### Mentions: [--] [#](/creator/twitter::233467047/posts_active)  - [--] Week [--] +80% - [--] Month [---] +75% - [--] Months [---] -42% - [--] Year [-----] -10% ### Followers: [------] [#](/creator/twitter::233467047/followers)  - [--] Week [------] +0.95% - [--] Month [------] +1.30% - [--] Months [------] +11% - [--] Year [------] +35% ### CreatorRank: [-------] [#](/creator/twitter::233467047/influencer_rank)  ### Social Influence **Social category influence** [technology brands](/list/technology-brands) 28.57% [stocks](/list/stocks) 16.88% [finance](/list/finance) 5.19% [social networks](/list/social-networks) 2.6% [countries](/list/countries) 1.3% [exchanges](/list/exchanges) 0.65% [fashion brands](/list/fashion-brands) 0.65% [cryptocurrencies](/list/cryptocurrencies) 0.65% **Social topic influence** [cybersecurity](/topic/cybersecurity) #35, [ai](/topic/ai) 4.55%, [$googl](/topic/$googl) 3.9%, [microsoft](/topic/microsoft) 3.25%, [vmware](/topic/vmware) 3.25%, [tplink](/topic/tplink) 2.6%, [crowdstrike](/topic/crowdstrike) 2.6%, [crypto](/topic/crypto) 2.6%, [target](/topic/target) 2.6%, [apt](/topic/apt) 1.95% **Top accounts mentioned or mentioned by** [@vuln_tracker](/creator/undefined) [@youtube](/creator/undefined) [@6rok__](/creator/undefined) [@superfluoussec](/creator/undefined) **Top assets mentioned** [Alphabet Inc Class A (GOOGL)](/topic/$googl) [Microsoft Corp. (MSFT)](/topic/microsoft) [Crowdstrike Holdings Inc (CRWD)](/topic/crowdstrike) [Zscaler Inc (ZS)](/topic/$zs) [Cloudflare, Inc. (NET)](/topic/cloudflare) [FilesCoins Power Cu (FILECOIN)](/topic/files) [BitTorrent (BTT)](/topic/bittorrent) ### Top Social Posts Top posts by engagements in the last [--] hours "GnuTLS v3.8.12 fixes high-severity DoS flaws (CVE-2026-1584). Malicious TLS [---] handshakes can crash servers. Update now to prevent outages. #GnuTLS #CyberSecurity #CVE20261584 #DoS #InfoSec #TLS13 #Linux https://securityonline.info/handshake-halt-gnutls-3-8-12-fixes-tls-1-3-crash-cpu-exhaustion/ https://securityonline.info/handshake-halt-gnutls-3-8-12-fixes-tls-1-3-crash-cpu-exhaustion/" [X Link](https://x.com/the_yellow_fall/status/2021399827154862520) 2026-02-11T01:44Z 10.3K followers, [---] engagements "Akamai reveals critical Vivotek camera flaw CVE-2026-22755. Unauthenticated command injection allows root access. Update legacy firmware now. #Vivotek #IoTSecurity #CyberSecurity #CVE202622755 #Botnet #InfoSec #Akamai #Surveillance https://securityonline.info/critical-vivotek-flaw-grants-root-access-cve-2026-22755/ https://securityonline.info/critical-vivotek-flaw-grants-root-access-cve-2026-22755/" [X Link](https://x.com/the_yellow_fall/status/2014167703905349648) 2026-01-22T02:46Z 10.2K followers, [---] engagements "Public PoC released for critical Oracle E-Business Suite RCE (CVE-2025-61882). Ransomware gangs are actively exploiting this CVSS [---] flaw. Patch now. #Oracle #CVE202561882 #PublicPoC #CyberSecurity #RCE #Ransomware #InfoSec #ExploitAlert https://securityonline.info/poc-released-for-critical-oracle-e-business-suite-flaw-exploited-by-ransomware/ https://securityonline.info/poc-released-for-critical-oracle-e-business-suite-flaw-exploited-by-ransomware/" [X Link](https://x.com/the_yellow_fall/status/2015622542858322382) 2026-01-26T03:07Z 10.3K followers, [----] engagements "Critical WD Discovery flaw CVE-2025-30248 (CVSS 8.9) allows DLL hijacking during installation. Update to v5.3 immediately to prevent system takeover. #WesternDigital #CyberSecurity #CVE202530248 #DLLHijacking #InfoSec #WindowsSecurity #WDDiscovery https://securityonline.info/high-severity-flaw-in-western-digital-installer-opens-door-to-code-execution/ https://securityonline.info/high-severity-flaw-in-western-digital-installer-opens-door-to-code-execution/" [X Link](https://x.com/the_yellow_fall/status/2015990125029716427) 2026-01-27T03:27Z 10.2K followers, [---] engagements "TP-Link patches CVE-2025-14756 (CVSS 8.5) in Archer MR600 routers. This command injection flaw allows full device takeover. Update firmware now. #TPLink #CyberSecurity #ArcherMR600 #CVE202514756 #InfoSec #RouterSecurity #FirmwareUpdate #IoT https://securityonline.info/router-takeover-high-severity-command-injection-flaw-hits-tp-link-archer-mr600/ https://securityonline.info/router-takeover-high-severity-command-injection-flaw-hits-tp-link-archer-mr600/" [X Link](https://x.com/the_yellow_fall/status/2016333219931505132) 2026-01-28T02:11Z 10.3K followers, [---] engagements "OpenSSL patches [--] flaws including high-severity CVE-2025-15467 allowing pre-auth RCE via CMS. Update to 3.6.1/3.0.19 immediately to secure systems. #OpenSSL #CyberSecurity #CVE202515467 #InfoSec #RCE #Cryptography #PatchTuesday https://securityonline.info/pre-auth-rce-risk-openssl-patches-high-severity-stack-overflow-cve-2025-15467/ https://securityonline.info/pre-auth-rce-risk-openssl-patches-high-severity-stack-overflow-cve-2025-15467/" [X Link](https://x.com/the_yellow_fall/status/2016335153744773511) 2026-01-28T02:18Z 10.2K followers, [---] engagements "Microsoft Excel's Agent Mode is now on Windows and Mac Switch between GPT-5.2 and Claude [---] to automate complex workbooks and live web data. #ExcelAgent #Copilot #GPT5 #Claude4 #Microsoft365 #AI2026 #DataScience #Automation #TechNews https://securityonline.info/excels-new-brain-agent-mode-brings-gpt-5-2-and-claude-4-5-to-desktop/ https://securityonline.info/excels-new-brain-agent-mode-brings-gpt-5-2-and-claude-4-5-to-desktop/" [X Link](https://x.com/the_yellow_fall/status/2016686706108334388) 2026-01-29T01:35Z 10.2K followers, [---] engagements "Critical WinRAR flaw CVE-2025-8088 is exploited by spies & cybercriminals. "Zeroplayer" sells the exploit. Update to v7.13 to stop Startup folder attacks. #WinRAR #CyberSecurity #CVE20258088 #InfoSec #Malware #APT #Zeroplayer https://securityonline.info/the-zeroplayer-arsenal-winrar-flaw-cve-2025-8088-weaponized-by-spies/ https://securityonline.info/the-zeroplayer-arsenal-winrar-flaw-cve-2025-8088-weaponized-by-spies/" [X Link](https://x.com/the_yellow_fall/status/2016693199704608871) 2026-01-29T02:01Z 10.3K followers, [---] engagements "TP-Link fixes critical IDOR (CVE-2025-9520) in Omada Controller allowing admins to hijack Owner accounts. Update now to prevent total network takeover. #TPLink #Omada #CyberSecurity #IDOR #NetworkSecurity #CVE20259520 #InfoSec #NetSec https://securityonline.info/high-severity-idor-flaw-lets-admins-hijack-tp-link-omada-owner-accounts/ https://securityonline.info/high-severity-idor-flaw-lets-admins-hijack-tp-link-omada-owner-accounts/" [X Link](https://x.com/the_yellow_fall/status/2016711407316738175) 2026-01-29T03:14Z 10.3K followers, [---] engagements "LinkedIn launched verified Vibe Coding skills in Jan [----]. Showcase tool-backed credentials from Replit and Lovable to prove your AI proficiency. #VibeCoding #LinkedInUpdate #AI2026 #Replit #Lovable #FutureOfWork #AIEngineering #PromptEngineering https://securityonline.info/the-end-of-manual-syntax-linkedin-adds-verified-vibe-coding-skills/ https://securityonline.info/the-end-of-manual-syntax-linkedin-adds-verified-vibe-coding-skills/" [X Link](https://x.com/the_yellow_fall/status/2016779454568095840) 2026-01-29T07:44Z 10.3K followers, [---] engagements "NVIDIA replaces Apple as TSMC's largest customer in Jan [----]. Discover how the $33B AI chip boom is rewriting the rules of the silicon industry. #NVIDIA #Apple #TSMC #AI2026 #Semiconductors #TechNews #JensenHuang #AIBoom #ChipWar https://securityonline.info/the-ai-squeeze-nvidia-overtakes-apple-as-tsmcs-top-revenue-source/ https://securityonline.info/the-ai-squeeze-nvidia-overtakes-apple-as-tsmcs-top-revenue-source/" [X Link](https://x.com/the_yellow_fall/status/2017048236788167120) 2026-01-30T01:32Z 10.3K followers, [---] engagements "CISA warns of CVSS [--] flaw CVE-2025-26385 in Johnson Controls Metasys. Remote SQL execution possible. Patch now or close TCP port [----]. #JohnsonControls #CyberSecurity #Metasys #CVE202526385 #SmartBuilding #ICSecurity #InfoSec https://securityonline.info/smart-buildings-at-risk-critical-johnson-controls-flaw-cvss-10-allows-remote-sql-injection/ https://securityonline.info/smart-buildings-at-risk-critical-johnson-controls-flaw-cvss-10-allows-remote-sql-injection/" [X Link](https://x.com/the_yellow_fall/status/2017055766444675446) 2026-01-30T02:02Z 10.3K followers, [---] engagements "North Korea's LABYRINTH CHOLLIMA splits into [--] units: GOLDEN PRESSURE & Core. CrowdStrike reveals new strategy targeting crypto & defense. #NorthKorea #CyberSecurity #LabyrinthChollima #CrowdStrike #CryptoHeist #InfoSec #APT https://securityonline.info/hydra-tactics-north-koreas-labyrinth-chollima-splits-to-hunt-crypto-secrets/ https://securityonline.info/hydra-tactics-north-koreas-labyrinth-chollima-splits-to-hunt-crypto-secrets/" [X Link](https://x.com/the_yellow_fall/status/2018517127456551393) 2026-02-03T02:49Z 10.2K followers, [---] engagements "ASUS removes "File Shredder" from Business Manager due to CVE-2025-13348 (CVSS 8.5). The feature is gone in V3.0.37.0. Check your commercial PCs. #ASUS #CyberSecurity #CVE202513348 #SysAdmin #InfoSec #TechNews #BusinessManager https://securityonline.info/asus-kills-file-shredder-feature-to-fix-critical-flaw/ https://securityonline.info/asus-kills-file-shredder-feature-to-fix-critical-flaw/" [X Link](https://x.com/the_yellow_fall/status/2018525557114507580) 2026-02-03T03:22Z 10.3K followers, [---] engagements "Critical React flaw CVE-2025-55182 (CVSS 10.0) under mass exploitation. Two IPs drive 56% of attacks deploying miners & shells. Upgrade to v19.0.1+ now. #ReactJS #CyberSecurity #CVE202555182 #InfoSec #GreyNoise #WebDev #RCE https://securityonline.info/react-under-siege-two-ips-drive-56-of-critical-cve-2025-55182-attacks/ https://securityonline.info/react-under-siege-two-ips-drive-56-of-critical-cve-2025-55182-attacks/" [X Link](https://x.com/the_yellow_fall/status/2018870400290091248) 2026-02-04T02:13Z 10.3K followers, [---] engagements "High-severity Rancher CLI flaw (CVE-2025-67601) exposes credentials via MitM attacks when using --skip-verify. Update or use -cacert immediately. #Rancher #Kubernetes #DevOps #CyberSecurity #CVE202567601 #InfoSec #CloudNative https://securityonline.info/silent-leak-high-severity-rancher-cli-flaw-exposes-admin-credentials/ https://securityonline.info/silent-leak-high-severity-rancher-cli-flaw-exposes-admin-credentials/" [X Link](https://x.com/the_yellow_fall/status/2018873869310845086) 2026-02-04T02:26Z 10.3K followers, [---] engagements "Moxa warns of critical auth bypass (CVE-2024-12297 CVSS 9.2) in industrial switches. Flaw allows brute-force attacks. Patch TN-series devices now. #Moxa #OTSecurity #ICS #CyberSecurity #CVE202412297 #IndustrialIoT #InfoSec https://securityonline.info/industrial-alert-critical-auth-bypass-cvss-9-2-hits-moxa-switches/ https://securityonline.info/industrial-alert-critical-auth-bypass-cvss-9-2-hits-moxa-switches/" [X Link](https://x.com/the_yellow_fall/status/2019222666071400712) 2026-02-05T01:32Z 10.3K followers, [---] engagements "Samsung MagicInfo9 has critical flaws (CVSS 9.8) including hardcoded passwords and RCE. Update to v21.1090.1 immediately to secure your digital signage. #Samsung #MagicInfo #CyberSecurity #CVE202625202 #DigitalSignage #InfoSec #RCE https://securityonline.info/signage-hijack-samsung-magicinfo9-flaws-cvss-9-8-expose-servers/ https://securityonline.info/signage-hijack-samsung-magicinfo9-flaws-cvss-9-8-expose-servers/" [X Link](https://x.com/the_yellow_fall/status/2019227932216926545) 2026-02-05T01:53Z 10.3K followers, [---] engagements "Amaranth-Dragon (APT-41 nexus) weaponized WinRAR flaw CVE-2025-8088 in just [--] days. Southeast Asian govts targeted with malicious RAR archives. #AmaranthDragon #APT41 #WinRAR #CyberSecurity #InfoSec #CVE20258088 #Malware https://securityonline.info/10-days-to-exploit-amaranth-dragon-weaponizes-winrar-flaw-to-spy-on-se-asia/ https://securityonline.info/10-days-to-exploit-amaranth-dragon-weaponizes-winrar-flaw-to-spy-on-se-asia/" [X Link](https://x.com/the_yellow_fall/status/2019238781069717655) 2026-02-05T02:36Z 10.3K followers, [---] engagements "Critical jsPDF flaws (CVE-2026-24133) allow XSS & DoS via malicious BMPs. Update to v4.1.0 immediately to prevent browser crashes and code injection. #jsPDF #WebDev #CyberSecurity #CVE202624133 #JavaScript #InfoSec #DoS https://securityonline.info/pdf-poison-popular-javascript-library-patches-critical-injection-and-crash-flaws/ https://securityonline.info/pdf-poison-popular-javascript-library-patches-critical-injection-and-crash-flaws/" [X Link](https://x.com/the_yellow_fall/status/2019589393913381289) 2026-02-06T01:50Z 10.3K followers, [---] engagements "Sophisticated phishing abuses Vercel Blob & PDFs to bypass filters. Stolen credentials are exfiltrated via Telegram bots. Learn how to spot this attack. #Phishing #CyberSecurity #Vercel #Telegram #InfoSec #EmailSecurity #CloudSecurity https://securityonline.info/cloud-hosted-trap-phishers-use-vercel-telegram-to-bypass-filters/ https://securityonline.info/cloud-hosted-trap-phishers-use-vercel-telegram-to-bypass-filters/" [X Link](https://x.com/the_yellow_fall/status/2019589950568796208) 2026-02-06T01:52Z 10.3K followers, [---] engagements "Critical Unstructured library flaw CVE-2025-64712 (CVSS 9.8) allows RCE via malicious .msg files. 4M+ downloads affected. Update to v0.18.18 now. #Unstructured #CVE202564712 #CyberSecurity #RCE #AI #Python #InfoSec https://securityonline.info/4-million-downloads-at-risk-critical-unstructured-flaw-cvss-9-8-allows-rce/ https://securityonline.info/4-million-downloads-at-risk-critical-unstructured-flaw-cvss-9-8-allows-rce/" [X Link](https://x.com/the_yellow_fall/status/2019591553757638761) 2026-02-06T01:58Z 10.3K followers, [---] engagements "Critical n8n flaws (CVE-2026-25053 25056) allow attackers to hijack servers via Git & Merge nodes. Update to v2.5.0 now to prevent RCE. #n8n #WorkflowAutomation #CyberSecurity #CVE202625053 #RCE #InfoSec #DevSecOps https://securityonline.info/popular-n8n-platform-hit-by-triple-threat-of-rce-flaws/ https://securityonline.info/popular-n8n-platform-hit-by-triple-threat-of-rce-flaws/" [X Link](https://x.com/the_yellow_fall/status/2019597669291950453) 2026-02-06T02:23Z 10.3K followers, [---] engagements "Critical Jinjava flaw CVE-2026-25526 (CVSS 9.8) breaks sandbox security. Attackers can execute Java code via template loops. Update to v2.8.3 now. #Jinjava #HubSpot #CyberSecurity #CVE202625526 #Java #RCE #InfoSec #SSTI https://securityonline.info/cve-2026-25526-critical-jinjava-flaw-cvss-9-8-permits-remote-code-execution/ https://securityonline.info/cve-2026-25526-critical-jinjava-flaw-cvss-9-8-permits-remote-code-execution/" [X Link](https://x.com/the_yellow_fall/status/2020675560385417602) 2026-02-09T01:46Z 10.3K followers, [----] engagements "Zscaler reveals Marco Stealer a new malware harvesting crypto & cloud files. It uses AES-256 encryption & kills analysis tools. Learn how to detect it. #MarcoStealer #Zscaler #CyberSecurity #InfoSec #Malware #Crypto #CloudSecurity https://securityonline.info/marco-stealer-the-new-data-raider-targeting-crypto-cloud-storage/ https://securityonline.info/marco-stealer-the-new-data-raider-targeting-crypto-cloud-storage/" [X Link](https://x.com/the_yellow_fall/status/2021034042351813104) 2026-02-10T01:30Z 10.3K followers, [---] engagements "VulnCheck reveals CVE-2025-11953 (Metro4Shell) was exploited in the wild since Dec [----]. Attackers target Windows & Linux dev servers. Patch now. #Metro4Shell #CVE202511953 #CyberSecurity #VulnCheck #DevSecOps #InfoSec #Exploit https://securityonline.info/silent-intrusion-metro4shell-exploited-in-the-wild-since-december/ https://securityonline.info/silent-intrusion-metro4shell-exploited-in-the-wild-since-december/" [X Link](https://x.com/the_yellow_fall/status/2018874197787763040) 2026-02-04T02:28Z 10.3K followers, [---] engagements "APT28 (Fancy Bear) weaponized CVE-2026-21509 in [--] hours to target NATO. New "BeardShell" and "NotDoor" malware steals emails. Patch Office now. #APT28 #FancyBear #CyberSecurity #CVE202621509 #InfoSec #Espionage #NATO https://securityonline.info/apt28-weaponizes-office-flaw-to-spy-on-nato-military/ https://securityonline.info/apt28-weaponizes-office-flaw-to-spy-on-nato-military/" [X Link](https://x.com/the_yellow_fall/status/2020672007331869116) 2026-02-09T01:32Z 10.3K followers, [----] engagements "CVSS [----] Alert: Kubernetes Local Path Provisioner flaw (CVE-2025-62878) allows host file overwrites. Upgrade to v0.0.34 immediately. #Kubernetes #K8s #CyberSecurity #CVE202562878 #CloudSecurity #InfoSec #DevSecOps https://securityonline.info/cve-2025-62878-critical-10-0-vulnerability-found-in-kubernetes-local-path-provisioner/ https://securityonline.info/cve-2025-62878-critical-10-0-vulnerability-found-in-kubernetes-local-path-provisioner/" [X Link](https://x.com/the_yellow_fall/status/2020672564356407488) 2026-02-09T01:34Z 10.3K followers, [---] engagements "Critical Gogs flaws (CVE-2025-64111) allow RCE & 2FA bypass. Attackers can execute commands via .git config. Update to v0.13.4 immediately. #Gogs #Git #CyberSecurity #CVE202564111 #RCE #DevOps #InfoSec https://securityonline.info/triple-threat-critical-gogs-flaws-cvss-9-3-allow-rce-2fa-bypass/ https://securityonline.info/triple-threat-critical-gogs-flaws-cvss-9-3-allow-rce-2fa-bypass/" [X Link](https://x.com/the_yellow_fall/status/2021039987026735442) 2026-02-10T01:54Z 10.3K followers, [---] engagements "North Korean hackers (UNC1069) use AI deepfakes & "ClickFix" tactics to deploy SILENCELIFT malware. Learn how they target crypto firms via Zoom. #UNC1069 #Deepfake #CryptoSecurity #CyberSecurity #InfoSec #AI #Malware https://securityonline.info/fake-ceo-real-hack-north-korea-uses-ai-deepfakes-to-steal-crypto/ https://securityonline.info/fake-ceo-real-hack-north-korea-uses-ai-deepfakes-to-steal-crypto/" [X Link](https://x.com/the_yellow_fall/status/2021405175311892746) 2026-02-11T02:05Z 10.3K followers, [---] engagements "Critical Fiber framework vulnerability CVE-2025-66630 (CVSS 9.2) causes silent UUID failures leading to session hijacking. Update to v2.52.11 now. #FiberFramework #Golang #CyberSecurity #CVE202566630 #WebDev #InfoSec #UUID https://securityonline.info/fiber-optic-failure-predictable-uuids-expose-go-web-framework-to-hijacking/ https://securityonline.info/fiber-optic-failure-predictable-uuids-expose-go-web-framework-to-hijacking/" [X Link](https://x.com/the_yellow_fall/status/2021412100598645088) 2026-02-11T02:32Z 10.3K followers, [---] engagements "Black Basta ransomware now embeds a vulnerable NsecSoft driver (BYOVD) to silently kill antivirus processes like Sophos & CrowdStrike. #BlackBasta #Ransomware #CyberSecurity #BYOVD #InfoSec #Malware #Cardinal https://securityonline.info/silent-killer-black-basta-bundles-byovd-driver-to-blind-antivirus/ https://securityonline.info/silent-killer-black-basta-bundles-byovd-driver-to-blind-antivirus/" [X Link](https://x.com/the_yellow_fall/status/2021037966441746853) 2026-02-10T01:46Z 10.3K followers, [---] engagements "GitLab fixes critical CVE-2025-7659 (CVSS 8.0). Unauthenticated attackers can steal tokens via Web IDE. Update to v18.8.4 now to secure your code. #GitLab #DevOps #CyberSecurity #CVE20257659 #InfoSec #WebIDE #CodeSecurity https://securityonline.info/gitlab-patch-alert-high-severity-web-ide-flaw-exposes-private-repos/ https://securityonline.info/gitlab-patch-alert-high-severity-web-ide-flaw-exposes-private-repos/" [X Link](https://x.com/the_yellow_fall/status/2021404297209184706) 2026-02-11T02:01Z 10.3K followers, [---] engagements "RansomWhen is the new open-source essential for AWS. Enumerate identities capable of locking S3 buckets with KMS and detect live ransomware events in minutes. https://meterpreter.org/locking-the-locks-how-ransomwhen-unmasks-the-identities-hijacking-your-aws-s3-buckets/ https://meterpreter.org/locking-the-locks-how-ransomwhen-unmasks-the-identities-hijacking-your-aws-s3-buckets/" [X Link](https://x.com/the_yellow_fall/status/2021494440658076082) 2026-02-11T08:00Z 10.3K followers, [---] engagements "Stop guessing your EKS security posture. Use eks-security-scanner to build threat graphs detect privileged pods and audit RBAC/IAM access paths instantly. https://meterpreter.org/mapping-the-blast-radius-visualize-attack-paths-in-aws-eks-with-this-new-go-based-scanner/ https://meterpreter.org/mapping-the-blast-radius-visualize-attack-paths-in-aws-eks-with-this-new-go-based-scanner/" [X Link](https://x.com/the_yellow_fall/status/2021792643617808772) 2026-02-12T03:45Z 10.3K followers, [---] engagements "MongoDB patches high-severity flaw. Unauthenticated attackers can crash servers via memory exhaustion. Update to v8.2.4 or v8.0.18 now. #MongoDB #CyberSecurity #CVE #DatabaseSecurity #InfoSec #DoS #PatchNow https://securityonline.info/mongodb-flaw-allows-unauthenticated-attackers-to-crash-database-servers/ https://securityonline.info/mongodb-flaw-allows-unauthenticated-attackers-to-crash-database-servers/" [X Link](https://x.com/the_yellow_fall/status/2021805578847236335) 2026-02-12T04:36Z 10.3K followers, [---] engagements "Anthropic just unlocked Sonnet [---] File Creation and Connectors for all Claude Free users. No ads no paywallis this the end of ChatGPT's dominance #ClaudeAI #Anthropic #ChatGPT #AIWars #Sonnet45 #AdFree #TechNews2026 #GenerativeAI #Productivity https://securityonline.info/no-ads-no-paywall-anthropics-bold-sonnet-4-5-gambit-to-dethrone-chatgpt/ https://securityonline.info/no-ads-no-paywall-anthropics-bold-sonnet-4-5-gambit-to-dethrone-chatgpt/" [X Link](https://x.com/the_yellow_fall/status/2021867043491131768) 2026-02-12T08:40Z 10.3K followers, [--] engagements "Microsoft is rotating UEFI Secure Boot certificates before they expire in June [----]. Ensure your PC stays secure by following this massive coordination effort. #SecureBoot #WindowsUpdate #UEFI #Microsoft #ITAdmin #FirmwareSecurity #Windows10 #Windows11 https://securityonline.info/the-15-year-deadline-microsoft-launches-massive-secure-boot-certificate-rotation-ahead-of-june-2026/ https://securityonline.info/the-15-year-deadline-microsoft-launches-massive-secure-boot-certificate-rotation-ahead-of-june-2026/" [X Link](https://x.com/the_yellow_fall/status/2021510012305301823) 2026-02-11T09:01Z 10.3K followers, [---] engagements "Warning: 7zip . com has been hijacked to spread residential proxy malware. Learn how to identify this 7-Zip impersonator and protect your system. #7Zip #Phishing #Malware #CyberSecurity #ProxyBot #TechNews2026 #InfoSec #OnlineSafety #Trojan #Botnet https://securityonline.info/the-7-zip-trap-how-a-25-year-old-domain-was-weaponized-to-turn-your-pc-into-a-proxy-bot/ https://securityonline.info/the-7-zip-trap-how-a-25-year-old-domain-was-weaponized-to-turn-your-pc-into-a-proxy-bot/" [X Link](https://x.com/the_yellow_fall/status/2021511825670774800) 2026-02-11T09:09Z 10.3K followers, [---] engagements "New LTX Stealer malware abuses Node.js & Inno Setup to bypass antivirus. This $10 tool steals browser passwords & crypto wallets. Stay alert. #LTXStealer #Malware #CyberSecurity #InfoSec #NodeJS #CryptoTheft #CYFIRMA https://securityonline.info/weaponized-code-ltx-stealer-abuses-node-js-to-bypass-antivirus/ https://securityonline.info/weaponized-code-ltx-stealer-abuses-node-js-to-bypass-antivirus/" [X Link](https://x.com/the_yellow_fall/status/2021761145506332811) 2026-02-12T01:39Z 10.3K followers, [---] engagements "HPE Aruba patches critical Private 5G Core flaws. CVE-2026-23595 allows unauthenticated admin creation. Update to v1.25.1.0 now to prevent takeover. #HPEAruba #Private5G #CyberSecurity #CVE202623595 #InfoSec #NetworkSecurity #5G https://securityonline.info/5g-core-breach-critical-hpe-aruba-flaw-allows-unauthenticated-admin-takeover/ https://securityonline.info/5g-core-breach-critical-hpe-aruba-flaw-allows-unauthenticated-admin-takeover/" [X Link](https://x.com/the_yellow_fall/status/2021761762521973120) 2026-02-12T01:42Z 10.3K followers, [---] engagements "Phishing emails use malicious Excel files to deploy XWorm RAT. The fileless attack exploits CVE-2018-0802 to steal data & control systems. #XWorm #Phishing #Malware #CyberSecurity #InfoSec #Excel #RAT https://securityonline.info/excel-trap-new-phishing-campaign-deploys-fileless-xworm-rat/ https://securityonline.info/excel-trap-new-phishing-campaign-deploys-fileless-xworm-rat/" [X Link](https://x.com/the_yellow_fall/status/2021763525010415717) 2026-02-12T01:49Z 10.3K followers, [---] engagements "Cisco Talos reveals VoidLink a modular Linux malware framework by UAT-9921. Features "compile-on-demand" tools to target IoT & cloud infrastructure. #VoidLink #LinuxSecurity #CyberSecurity #UAT9921 #IoTSecurity #InfoSec #Malware https://securityonline.info/voidlink-rising-new-ai-ready-malware-framework-targets-linux-iot/ https://securityonline.info/voidlink-rising-new-ai-ready-malware-framework-targets-linux-iot/" [X Link](https://x.com/the_yellow_fall/status/2021765685118935071) 2026-02-12T01:57Z 10.3K followers, [---] engagements "Critical EverShop flaw CVE-2026-25993 (CVSS 9.3) allows Second-Order SQL Injection via URL keys. Update to v2.1.1 to prevent store takeover. #EverShop #Ecommerce #CyberSecurity #CVE202625993 #SQLInjection #WebDev #InfoSec https://securityonline.info/cve-2026-25993-critical-evershop-sql-injection-cvss-9-3-exposes-stores/ https://securityonline.info/cve-2026-25993-critical-evershop-sql-injection-cvss-9-3-exposes-stores/" [X Link](https://x.com/the_yellow_fall/status/2021766699029086617) 2026-02-12T02:01Z 10.3K followers, [---] engagements "Urgent: Apple patches zero-day CVE-2026-20700 in dyld. The flaw is being exploited in the wild against specific targets. Update to iOS [----] now. #Apple #iOS #ZeroDay #CyberSecurity #CVE202620700 #InfoSec #Spyware https://securityonline.info/apple-zero-day-cve-2026-20700-exploited-in-the-wild/ https://securityonline.info/apple-zero-day-cve-2026-20700-exploited-in-the-wild/" [X Link](https://x.com/the_yellow_fall/status/2021767013790564747) 2026-02-12T02:03Z 10.3K followers, [----] engagements "Darktrace detects AI-generated "vibecoding" malware exploiting React2Shell (CVE-2025-55182). Attackers use AI to deploy XMRig miners on Docker. #AI #Malware #CyberSecurity #React2Shell #Vibecoding #Darktrace #Docker https://securityonline.info/the-rise-of-vibecoding-ai-generated-malware-exploits-react2shell/ https://securityonline.info/the-rise-of-vibecoding-ai-generated-malware-exploits-react2shell/" [X Link](https://x.com/the_yellow_fall/status/2021767790613483774) 2026-02-12T02:06Z 10.3K followers, [---] engagements "Python cryptography flaw CVE-2026-26007 (CVSS 8.2) allows private key recovery via ECC Subgroup Attack. Update to v46.0.5 now. #Python #Cryptography #CyberSecurity #CVE202626007 #ECC #InfoSec #Encryption https://securityonline.info/cve-2026-26007-python-cryptography-flaw-cvss-8-2-leaks-private-keys/ https://securityonline.info/cve-2026-26007-python-cryptography-flaw-cvss-8-2-leaks-private-keys/" [X Link](https://x.com/the_yellow_fall/status/2021770627762315541) 2026-02-12T02:17Z 10.3K followers, [---] engagements "Google Chrome [---] patches [--] security flaws including [--] high-severity bugs in CSS & Codecs. Update to v145.0.7632.45 now to stay safe. #GoogleChrome #CyberSecurity #Chrome145 #InfoSec #BrowserSecurity #PatchNow https://securityonline.info/chrome-145-patches-3-high-severity-flaws-in-css-codecs/ https://securityonline.info/chrome-145-patches-3-high-severity-flaws-in-css-codecs/" [X Link](https://x.com/the_yellow_fall/status/2021775137759175050) 2026-02-12T02:35Z 10.3K followers, [---] engagements "PAN-OS flaw CVE-2026-0229 allows unauthenticated attackers to trigger reboot loops & maintenance mode via malicious packets. Patch immediately. #PaloAltoNetworks #PANOS #CyberSecurity #CVE20260229 #NetworkSecurity #InfoSec #Firewall https://securityonline.info/crash-loop-palo-alto-networks-flaw-cve-2026-0229-forces-maintenance-mode/ https://securityonline.info/crash-loop-palo-alto-networks-flaw-cve-2026-0229-forces-maintenance-mode/" [X Link](https://x.com/the_yellow_fall/status/2021778799516365270) 2026-02-12T02:50Z 10.3K followers, [---] engagements "Public PoC released for Windows Storage flaw. Attackers can gain SYSTEM privileges via WUDFHost.exe. Patch Windows [--] immediately. #WindowsSecurity #CVE #ExploitCode #InfoSec #CyberSecurity #SysAdmin #PatchTuesday https://securityonline.info/exploit-code-released-windows-storage-elevation-of-privilege-flaw-details-now-public/ https://securityonline.info/exploit-code-released-windows-storage-elevation-of-privilege-flaw-details-now-public/" [X Link](https://x.com/the_yellow_fall/status/2021784552696598724) 2026-02-12T03:12Z 10.3K followers, [----] engagements "iVerify uncovers ZeroDayRAT a turnkey mobile spyware on Telegram that grants "absolute mastery" over Android and iOS devices including live camera & 2FA theft. https://meterpreter.org/total-mobile-dominion-the-zerodayrat-spyware-turning-iphones-and-androids-into-open-books/ https://meterpreter.org/total-mobile-dominion-the-zerodayrat-spyware-turning-iphones-and-androids-into-open-books/" [X Link](https://x.com/the_yellow_fall/status/2021789599203311660) 2026-02-12T03:32Z 10.3K followers, [---] engagements "Ivanti patches critical EPM flaw CVE-2026-1603 allowing remote unauthenticated attackers to steal credentials. Update to [----] SU5 immediately. #Ivanti #CyberSecurity #InfoSec #CVE20261603 #PatchTuesday #NetworkSecurity #AuthBypass https://securityonline.info/cve-2026-1603-remote-unauthenticated-attacker-can-steal-ivanti-epm-secrets/ https://securityonline.info/cve-2026-1603-remote-unauthenticated-attacker-can-steal-ivanti-epm-secrets/" [X Link](https://x.com/the_yellow_fall/status/2021803519557407042) 2026-02-12T04:28Z 10.3K followers, [---] engagements "Googles [----] "Agent Commerce" shift uses the Universal Commerce Protocol to let AI agents buy products for you instantly. The search-to-sale gap is closing. #AgentCommerce #GoogleAI #Gemini #UCP #FutureOfShopping #DigitalMarketing2026 #Veo3 #AIAgents https://securityonline.info/from-search-to-sale-how-googles-agent-commerce-turns-gemini-into-your-personal-buyer/ https://securityonline.info/from-search-to-sale-how-googles-agent-commerce-turns-gemini-into-your-personal-buyer/" [X Link](https://x.com/the_yellow_fall/status/2021869315755069597) 2026-02-12T08:49Z 10.3K followers, [--] engagements "Siris long-awaited AI overhaul is delayed again. Discover why Apple is postponing the "Gemini-powered" assistant until iOS [----] or later. #AppleIntelligence #SiriAI #iOS26 #AppleDelay #TechNews2026 #iPhone18 #SiriUpdate #GeminiAI #WWDC2026 #MobileAI https://securityonline.info/the-silent-assistant-why-apple-just-pulled-the-plug-on-siris-cerebral-transplant-for-ios-26-4/ https://securityonline.info/the-silent-assistant-why-apple-just-pulled-the-plug-on-siris-cerebral-transplant-for-ios-26-4/" [X Link](https://x.com/the_yellow_fall/status/2021880226444140833) 2026-02-12T09:33Z 10.3K followers, [--] engagements "Havoc: modern and malleable post-exploitation command and control framework https://meterpreter.org/havoc-modern-and-malleable-post-exploitation-command-and-control-framework/ https://meterpreter.org/havoc-modern-and-malleable-post-exploitation-command-and-control-framework/" [X Link](https://x.com/the_yellow_fall/status/1964954134186221864) 2025-09-08T07:29Z [----] followers, [---] engagements "Rust for Windows Drivers: A Major Step Forward But Not for Production Yet https://meterpreter.org/rust-for-windows-drivers-a-major-step-forward-but-not-for-production-yet/ https://meterpreter.org/rust-for-windows-drivers-a-major-step-forward-but-not-for-production-yet/" [X Link](https://x.com/the_yellow_fall/status/1964985045447528709) 2025-09-08T09:31Z [----] followers, [---] engagements "Cyberattack Disrupts Bridgestones North American Operations https://meterpreter.org/cyberattack-disrupts-bridgestones-north-american-operations/ https://meterpreter.org/cyberattack-disrupts-bridgestones-north-american-operations/" [X Link](https://x.com/the_yellow_fall/status/1964990753194799525) 2025-09-08T09:54Z [----] followers, [---] engagements "A new report reveals TAG-150 a sophisticated new threat actor with evolving malware and a resilient multi-tiered infrastructure including a new RAT called CastleRAT. #TAG150 #CastleRAT #Cybersecurity #Malware #APT https://securityonline.info/from-castleloader-to-castlerat-tag-150s-multi-tiered-cyber-arsenal-expands/ https://securityonline.info/from-castleloader-to-castlerat-tag-150s-multi-tiered-cyber-arsenal-expands/" [X Link](https://x.com/the_yellow_fall/status/1965223720127266853) 2025-09-09T01:20Z [----] followers, [---] engagements "A critical flaw in Spring Cloud Gateway (CVE-2025-41243) has a CVSS [----] score. The bug allows property modification when actuator endpoints are exposed. Update now. #SpringCloud #Vulnerability #Cybersecurity #CVE #PatchNow https://securityonline.info/cve-2025-41243-cvss-10-critical-spring-cloud-gateway-server-webflux-flaw-exposes-property-modification-risk/ https://securityonline.info/cve-2025-41243-cvss-10-critical-spring-cloud-gateway-server-webflux-flaw-exposes-property-modification-risk/" [X Link](https://x.com/the_yellow_fall/status/1965226414783050080) 2025-09-09T01:31Z [----] followers, [---] engagements "A critical flaw (CVSS 9.8) in macOS file copy APIs allows apps to bypass sandboxing and TCC protections to access protected user data. A PoC is public. #macOS #Vulnerability #Cybersecurity #CVE #PoC https://securityonline.info/cvss-9-8-flaw-in-macos-allows-apps-to-access-protected-user-data-poc-available/ https://securityonline.info/cvss-9-8-flaw-in-macos-allows-apps-to-access-protected-user-data-poc-available/" [X Link](https://x.com/the_yellow_fall/status/1965235683892793791) 2025-09-09T02:07Z [----] followers, [---] engagements "Qualcomm and Google Cloud are teaming up to bring Gemini AI and other agentic experiences to vehicles promising a new era of smarter connected cars. #Qualcomm #GoogleCloud #AutomotiveAI #Gemini #TechPartnership https://securityonline.info/qualcomm-and-google-partner-to-bring-ai-to-the-car/ https://securityonline.info/qualcomm-and-google-partner-to-bring-ai-to-the-car/" [X Link](https://x.com/the_yellow_fall/status/1965254372386038140) 2025-09-09T03:22Z [----] followers, [---] engagements "Google has released Chrome [---] patching two vulnerabilities including a critical use-after-free flaw in ServiceWorker and a high-severity flaw in Mojo. #Chrome #Vulnerability #Google #SecurityUpdate #BrowserSecurity https://securityonline.info/chrome-140-released-patches-critical-cve-2025-10200-and-high-severity-cve-2025-10201-vulnerabilities/ https://securityonline.info/chrome-140-released-patches-critical-cve-2025-10200-and-high-severity-cve-2025-10201-vulnerabilities/" [X Link](https://x.com/the_yellow_fall/status/1965590484350648544) 2025-09-10T01:37Z [----] followers, [---] engagements "Siemens has disclosed a critical flaw in its SIVaaS platform. A network share is exposed without authentication allowing unauthenticated attackers to access or alter sensitive data. #Siemens #SIVaaS #Vulnerability #OTsecurity #Cybersecurity https://securityonline.info/cve-2025-40804-critical-flaw-in-siemens-sivaas-exposes-network-share-without-authentication/ https://securityonline.info/cve-2025-40804-critical-flaw-in-siemens-sivaas-exposes-network-share-without-authentication/" [X Link](https://x.com/the_yellow_fall/status/1965601304308535594) 2025-09-10T02:20Z [----] followers, [---] engagements "A new Android banking trojan RatOn merges overlay fraud with NFC relay attacks automated money transfers and crypto wallet theft posing a new threat to users. #RatOn #AndroidTrojan #Cybercrime #MobileSecurity #NFC https://securityonline.info/raton-the-new-android-trojan-that-steals-crypto-and-uses-nfc-relay-attacks/ https://securityonline.info/raton-the-new-android-trojan-that-steals-crypto-and-uses-nfc-relay-attacks/" [X Link](https://x.com/the_yellow_fall/status/1965604079117500764) 2025-09-10T02:31Z [----] followers, [---] engagements "Apple introduces the iPhone Air the thinnest and lightest iPhone yet. Powered by the A19 Pro chip this device is both durable and powerful. #iPhoneAir #Apple #ThinAndLight #A19Pro #Smartphone https://securityonline.info/apple-unveils-iphone-air-the-thinnest-lightest-and-most-durable-iphone-ever/ https://securityonline.info/apple-unveils-iphone-air-the-thinnest-lightest-and-most-durable-iphone-ever/" [X Link](https://x.com/the_yellow_fall/status/1965606065183338619) 2025-09-10T02:39Z [----] followers, [---] engagements "Salesloft has announced the restoration of its integration with Salesforce following the incident linked to the Drift platform and its associated technologies. https://meterpreter.org/salesloft-restores-salesforce-integration-after-github-aws-breach/ https://meterpreter.org/salesloft-restores-salesforce-integration-after-github-aws-breach/" [X Link](https://x.com/the_yellow_fall/status/1965687431304499541) 2025-09-10T08:02Z [----] followers, [---] engagements "A new Linux botnet Luno combines cryptomining and modular DDoS attacks. It's a "self-healing" threat that targets gaming platforms and disguises itself as legitimate processes. #LunoBotnet #LinuxMalware #DDoS #Cryptomining #Cybersecurity https://securityonline.info/luno-a-self-healing-linux-botnet-that-mines-crypto-and-launches-ddos-attacks/ https://securityonline.info/luno-a-self-healing-linux-botnet-that-mines-crypto-and-launches-ddos-attacks/" [X Link](https://x.com/the_yellow_fall/status/1965952586001084896) 2025-09-11T01:36Z [----] followers, [---] engagements "Australian authorities issue an urgent alert on a critical SonicWall SSL VPN flaw actively exploited by Akira ransomware urging immediate patching. #Ransomware #Cybersecurity #SonicWall #Vulnerability #Cyberattack https://securityonline.info/acsc-warns-of-active-exploitation-of-sonicwall-ssl-vpn-vulnerability-cve-2024-40766/ https://securityonline.info/acsc-warns-of-active-exploitation-of-sonicwall-ssl-vpn-vulnerability-cve-2024-40766/" [X Link](https://x.com/the_yellow_fall/status/1965963061426262122) 2025-09-11T02:18Z [----] followers, [---] engagements "A high-severity Angular SSR vulnerability (CVE-2025-59052) could expose user data. Learn about the flaw affected versions and how to protect your application. #Angular #Security #WebDev #Vulnerability #CVE #DataSecurity https://securityonline.info/angular-ssr-flaw-cve-2025-59052-exposes-user-data-what-developers-need-to-know/ https://securityonline.info/angular-ssr-flaw-cve-2025-59052-exposes-user-data-what-developers-need-to-know/" [X Link](https://x.com/the_yellow_fall/status/1966094343166697797) 2025-09-11T10:59Z [----] followers, [---] engagements "Zscaler has uncovered kkRAT a new malware targeting Chinese-speaking users. The RAT steals crypto hijacks clipboards and uses RMM tools for covert long-term control. #kkRAT #Zscaler #Malware #Cybersecurity #Hacking https://securityonline.info/kkrat-a-new-malware-blends-crypto-hijacking-with-legitimate-rmm-tools/ https://securityonline.info/kkrat-a-new-malware-blends-crypto-hijacking-with-legitimate-rmm-tools/" [X Link](https://x.com/the_yellow_fall/status/1966317294935748749) 2025-09-12T01:45Z [----] followers, [---] engagements "A local privilege escalation flaw in PyInstaller (CVE-2025-59042) could let attackers execute code. Check if your apps are at risk. #PyInstaller #Python #Security #Vulnerability #InfoSec #Cybersecurity https://securityonline.info/pyinstaller-flaw-are-your-python-apps-vulnerable-to-hijacking/ https://securityonline.info/pyinstaller-flaw-are-your-python-apps-vulnerable-to-hijacking/" [X Link](https://x.com/the_yellow_fall/status/1966325355670860222) 2025-09-12T02:17Z [----] followers, [---] engagements "Okta Threat Intelligence uncovers VoidProxy a dangerous new Phishing-as-a-Service (PhaaS) platform that uses Adversary-in-the-Middle attacks to bypass MFA. #VoidProxy #Phishing #MFA #Cybersecurity #Okta https://securityonline.info/unveiling-voidproxy-the-phishing-as-a-service-that-bypasses-mfa/ https://securityonline.info/unveiling-voidproxy-the-phishing-as-a-service-that-bypasses-mfa/" [X Link](https://x.com/the_yellow_fall/status/1966329431657746564) 2025-09-12T02:34Z [----] followers, [---] engagements "A new vulnerability (CVE-2025-58754) in the Axios library could allow attackers to crash Node.js processes via crafted data: URIs leading to a denial-of-service. #Axios #Nodejs #Vulnerability #Cybersecurity #DoS https://securityonline.info/cve-2025-58754-axios-vulnerability-puts-node-js-processes-at-risk-of-dos-attacks/ https://securityonline.info/cve-2025-58754-axios-vulnerability-puts-node-js-processes-at-risk-of-dos-attacks/" [X Link](https://x.com/the_yellow_fall/status/1966340266543153577) 2025-09-12T03:17Z [----] followers, [---] engagements "OpenAI and Microsoft have reached a new agreement that gives both companies equal equity stakes solidifying a long-term partnership in AI development. #OpenAI #Microsoft #AI #TechNews #Business https://securityonline.info/openai-and-microsoft-solidify-partnership-in-new-restructuring-deal/ https://securityonline.info/openai-and-microsoft-solidify-partnership-in-new-restructuring-deal/" [X Link](https://x.com/the_yellow_fall/status/1966350937213280698) 2025-09-12T03:59Z [----] followers, [---] engagements "Google unveils VaultGemma the first LLM trained with differential privacy. The open-source model achieves near non-private performance setting a new standard for privacy-first AI. #VaultGemma #DifferentialPrivacy #AI #Google #OpenSource https://securityonline.info/vaultgemma-googles-new-ai-model-is-the-first-with-differential-privacy/ https://securityonline.info/vaultgemma-googles-new-ai-model-is-the-first-with-differential-privacy/" [X Link](https://x.com/the_yellow_fall/status/1967401322849951946) 2025-09-15T01:33Z [----] followers, [---] engagements "A critical flaw (CVE-2025-58434) in FlowiseAI allows unauthenticated attackers to hijack any account. The bug has a CVSS [---] score and a PoC has been released. #FlowiseAI #Vulnerability #AccountTakeover #Cybersecurity #PatchNow https://securityonline.info/poc-available-flowiseai-flaw-cve-2025-58434-allows-full-account-takeover-cvss-9-8/ https://securityonline.info/poc-available-flowiseai-flaw-cve-2025-58434-allows-full-account-takeover-cvss-9-8/" [X Link](https://x.com/the_yellow_fall/status/1967411573385011709) 2025-09-15T02:14Z [----] followers, [---] engagements "New patches for CUPS the open-source Linux printing system fix two flaws that can lead to remote DoS and authentication bypass. #CUPS #Linux #Cybersecurity #Vulnerability #Printing https://securityonline.info/cups-flaws-allow-linux-remote-dos-cve-2025-58364-and-authentication-bypass-cve-2025-58060/ https://securityonline.info/cups-flaws-allow-linux-remote-dos-cve-2025-58364-and-authentication-bypass-cve-2025-58060/" [X Link](https://x.com/the_yellow_fall/status/1967419498799235314) 2025-09-15T02:45Z [----] followers, [---] engagements "Samsung has released its September security updates for Android addressing a critical zero-day vulnerability that had already been exploited in active attacks. https://meterpreter.org/samsung-users-update-now-to-patch-critical-zero-day-vulnerability/ https://meterpreter.org/samsung-users-update-now-to-patch-critical-zero-day-vulnerability/" [X Link](https://x.com/the_yellow_fall/status/1967432158232146425) 2025-09-15T03:35Z [----] followers, [---] engagements "Qualcomm has officially unveiled the Snapdragon [--] Elite Gen [--] and Xiaomi will be the first to launch it in its upcoming Xiaomi [--] series this September. #Snapdragon #Qualcomm #Xiaomi #TechNews #Smartphone https://securityonline.info/qualcomm-unveils-the-snapdragon-8-elite-gen-5-launching-first-with-xiaomi/ https://securityonline.info/qualcomm-unveils-the-snapdragon-8-elite-gen-5-launching-first-with-xiaomi/" [X Link](https://x.com/the_yellow_fall/status/1967538500640915881) 2025-09-15T10:38Z [----] followers, [---] engagements "Wine [-----] is here with a new NTSYNC driver that promises to boost Windows game performance on Linux paving the way for Proton [--]. #WineHQ #LinuxGaming #WindowsGamesOnLinux #NTSYNC #TechNews https://securityonline.info/wine-10-15-a-major-step-towards-faster-windows-gaming-on-linux/ https://securityonline.info/wine-10-15-a-major-step-towards-faster-windows-gaming-on-linux/" [X Link](https://x.com/the_yellow_fall/status/1967903545275097221) 2025-09-16T10:49Z [----] followers, [---] engagements "A new Linux kernel flaw CVE-2025-38501 exposes KSMBD servers to unauthenticated remote DoS attacks. A public PoC is available now. #KSMBDrain #Linux #DoS #CVE #Vulnerability https://securityonline.info/ksmbdrain-cve-2025-38501-linux-kernel-flaw-allows-remote-dos-attacks-poc-available/ https://securityonline.info/ksmbdrain-cve-2025-38501-linux-kernel-flaw-allows-remote-dos-attacks-poc-available/" [X Link](https://x.com/the_yellow_fall/status/1968132259791413670) 2025-09-17T01:57Z [----] followers, [---] engagements "A medium-severity vulnerability (CVE-2025-9708) in the Kubernetes C# client allows MITM attacks and API impersonation. Update now to patch. #Kubernetes #Cybersecurity #Vulnerability #CVE #APIsecurity https://securityonline.info/kubernetes-c-client-flaw-exposes-api-to-mitm-attacks-cve-2025-9708/ https://securityonline.info/kubernetes-c-client-flaw-exposes-api-to-mitm-attacks-cve-2025-9708/" [X Link](https://x.com/the_yellow_fall/status/1968136670013964288) 2025-09-17T02:15Z [----] followers, [---] engagements "HPE Aruba Networking has patched multiple high-severity flaws in its SD-WAN gateways. The bugs could lead to RCE privilege escalation and unauthorized access. #HPEAruba #Vulnerability #Cybersecurity #SDWAN #PatchNow https://securityonline.info/multiple-high-severity-vulnerabilities-found-in-hpe-aruba-networking-edgeconnect-sd-wan-gateways/ https://securityonline.info/multiple-high-severity-vulnerabilities-found-in-hpe-aruba-networking-edgeconnect-sd-wan-gateways/" [X Link](https://x.com/the_yellow_fall/status/1968165291030163826) 2025-09-17T04:09Z [----] followers, [---] engagements "A critical vulnerability (CVE-2025-9242) in WatchGuard's Fireware OS could allow an unauthenticated remote attacker to execute arbitrary code. #WatchGuard #FirewareOS #Vulnerability #CVE https://securityonline.info/cve-2025-9242-critical-watchguard-flaw-allows-remote-code-execution/ https://securityonline.info/cve-2025-9242-critical-watchguard-flaw-allows-remote-code-execution/" [X Link](https://x.com/the_yellow_fall/status/1968248663932825939) 2025-09-17T09:40Z [----] followers, [---] engagements "Google has released an urgent Chrome update patching a V8 zero-day (CVE-2025-10585) being exploited in the wild along with other high-severity flaws. #Chrome #ZeroDay #Vulnerability #Cybersecurity #PatchNow https://securityonline.info/chrome-emergency-update-zero-day-cve-2025-10585-in-v8-exploited-in-the-wild/ https://securityonline.info/chrome-emergency-update-zero-day-cve-2025-10585-in-v8-exploited-in-the-wild/" [X Link](https://x.com/the_yellow_fall/status/1968490273090183198) 2025-09-18T01:40Z [----] followers, [---] engagements "A new Linux kernel vulnerability CVE-2025-21692 can be exploited to achieve remote code execution by manipulating the ETS qdisc a simple but critical flaw. #Linux #Vulnerability #RCE #Cybersecurity https://securityonline.info/from-simple-bug-to-rce-a-flaw-cve-2025-21692-in-the-linux-kernel-poc-published/ https://securityonline.info/from-simple-bug-to-rce-a-flaw-cve-2025-21692-in-the-linux-kernel-poc-published/" [X Link](https://x.com/the_yellow_fall/status/1968491919387894270) 2025-09-18T01:47Z [----] followers, [---] engagements "A new Rowhammer attack "Phoenix" bypasses DDR5 protections on all tested SK Hynix devices enabling memory corruption and privilege escalation. #Rowhammer #DDR5 #Cybersecurity #Phoenix #Memory https://securityonline.info/phoenix-cve-2025-6202-a-new-rowhammer-attack-bypasses-ddr5-protections/ https://securityonline.info/phoenix-cve-2025-6202-a-new-rowhammer-attack-bypasses-ddr5-protections/" [X Link](https://x.com/the_yellow_fall/status/1968492891161976889) 2025-09-18T01:50Z [----] followers, [---] engagements "A critical vulnerability in HubSpots Jinjava template engine (CVE-2025-59340) could lead to remote code execution. Patch immediately to secure your site. #HubSpot #Vulnerability #RCE #Cybersecurity #CVE https://securityonline.info/cve-2025-59340-critical-hubspots-jinjava-engine-flaw-exposes-thousands-of-websites-to-rce/ https://securityonline.info/cve-2025-59340-critical-hubspots-jinjava-engine-flaw-exposes-thousands-of-websites-to-rce/" [X Link](https://x.com/the_yellow_fall/status/1968865672093475195) 2025-09-19T02:32Z [----] followers, [---] engagements "A critical vulnerability (CVE-2025-9961) in TP-Link routers' CWMP service allows remote code execution bypassing ASLR. Patch your device immediately. https://meterpreter.org/critical-flaw-discovered-in-tp-link-routers/ https://meterpreter.org/critical-flaw-discovered-in-tp-link-routers/" [X Link](https://x.com/the_yellow_fall/status/1968952670145700349) 2025-09-19T08:17Z [----] followers, [---] engagements "Meta is opening its smart glasses to outside developers allowing them to build new AI-powered services for Ray-Ban and Oakley smart glasses. #Meta #SmartGlasses #AI #TechNews #Connect2025 https://securityonline.info/meta-opens-smart-glasses-platform-to-developers-and-ai/ https://securityonline.info/meta-opens-smart-glasses-platform-to-developers-and-ai/" [X Link](https://x.com/the_yellow_fall/status/1969935393769562271) 2025-09-22T01:22Z [----] followers, [---] engagements "A new report reveals a CWMP service flaw in TP-Link routers that can be exploited for RCE. Researchers have published a detailed write-up and a PoC on GitHub. #TPLink #RCE #Vulnerability #Cybersecurity https://securityonline.info/cve-2025-9961-tp-link-router-flaw-could-be-exploited-for-rce-poc-released/ https://securityonline.info/cve-2025-9961-tp-link-router-flaw-could-be-exploited-for-rce-poc-released/" [X Link](https://x.com/the_yellow_fall/status/1969942846020223025) 2025-09-22T01:52Z [----] followers, [---] engagements "AhnLab has uncovered BlackLock a Go-based ransomware targeting Windows Linux and VMware ESXi. The malware uses advanced crypto and covert backup deletion. #BlackLock #Ransomware #Cybercrime #AhnLab #Cybersecurity https://securityonline.info/blacklock-ransomware-a-new-cross-platform-threat-spreading-rapidly/ https://securityonline.info/blacklock-ransomware-a-new-cross-platform-threat-spreading-rapidly/" [X Link](https://x.com/the_yellow_fall/status/1969956599365283973) 2025-09-22T02:47Z [----] followers, [---] engagements "A critical flaw (CVE-2025-55241) in Microsoft Entra ID could have allowed a compromise of every tenant worldwide by bypassing security with "Actor tokens." #EntraID #AzureAD #Vulnerability #Cybersecurity #Microsoft https://securityonline.info/cve-2025-55241-microsoft-entra-id-flaw-with-cvss-10-0-could-have-compromised-every-tenant-worldwide/ https://securityonline.info/cve-2025-55241-microsoft-entra-id-flaw-with-cvss-10-0-could-have-compromised-every-tenant-worldwide/" [X Link](https://x.com/the_yellow_fall/status/1969962239022285046) 2025-09-22T03:09Z [----] followers, [---] engagements "AhnLab has uncovered Kawa4096 a Go-based ransomware targeting Windows Linux and VMware ESXi. The malware uses advanced crypto and covert backup deletion. #Kawa4096 #Ransomware #Cybercrime #AhnLab #Cybersecurity https://securityonline.info/kawa4096-a-new-ransomware-group-with-akira-style-branding-and-qilin-like-notes/ https://securityonline.info/kawa4096-a-new-ransomware-group-with-akira-style-branding-and-qilin-like-notes/" [X Link](https://x.com/the_yellow_fall/status/1970304714161168788) 2025-09-23T01:50Z [----] followers, [---] engagements "Nimbo-C2 agent supports x64 Windows & Linux. It's written in Nim with some usage of .NET on Windows (by dynamically loading the CLR to the process). https://meterpreter.org/nimbo-c2-simple-and-lightweight-c2-framework-written-in-nim/ https://meterpreter.org/nimbo-c2-simple-and-lightweight-c2-framework-written-in-nim/" [X Link](https://x.com/the_yellow_fall/status/1970400688896348334) 2025-09-23T08:11Z [----] followers, [---] engagements "SolarWinds has released an urgent hotfix for its Web Help Desk software patching an unauthenticated RCE vulnerability (CVE-2025-26399) that bypasses earlier fixes. #SolarWinds #RCE #Vulnerability #Cybersecurity #CVE https://securityonline.info/cve-2025-26399-cvss-9-8-solarwinds-web-help-desk-hit-by-critical-rce-vulnerability/ https://securityonline.info/cve-2025-26399-cvss-9-8-solarwinds-web-help-desk-hit-by-critical-rce-vulnerability/" [X Link](https://x.com/the_yellow_fall/status/1970409996946182267) 2025-09-23T08:48Z [----] followers, [---] engagements "Apple has disabled signature verification for iOS 18.6.2 preventing users from downgrading from iOS [--] effectively locking them into the new OS. #Apple #iOS26 #Downgrade #TechNews #iPhone https://securityonline.info/no-going-back-apple-disables-ios-26-downgrades/ https://securityonline.info/no-going-back-apple-disables-ios-26-downgrades/" [X Link](https://x.com/the_yellow_fall/status/1970417023781142853) 2025-09-23T09:16Z [----] followers, [---] engagements "Microsoft has fixed a long-standing bug in Windows Hello removing the upgrade block that prevented affected devices from installing Windows [--] version 24H2. #WindowsHello #Windows11 #Microsoft #BugFix #TechNews https://securityonline.info/long-standing-windows-hello-bug-finally-fixed-after-11-months/ https://securityonline.info/long-standing-windows-hello-bug-finally-fixed-after-11-months/" [X Link](https://x.com/the_yellow_fall/status/1970664719410475149) 2025-09-24T01:40Z [----] followers, [---] engagements "Zscaler ThreatLabz has uncovered a new backdoor malware YiBackdoor that shares extensive code with IcedID and Latrodectus and is being tested for ransomware ops. #YiBackdoor #Malware #Ransomware #Cybersecurity #IcedID https://securityonline.info/new-malware-yibackdoor-linked-to-icedid-and-latrodectus/ https://securityonline.info/new-malware-yibackdoor-linked-to-icedid-and-latrodectus/" [X Link](https://x.com/the_yellow_fall/status/1970670731668382173) 2025-09-24T02:04Z [----] followers, [---] engagements "CISA has added a high-severity V8 zero-day (CVE-2025-10585) to its exploited vulnerabilities catalog. An urgent Chrome update is available to patch the flaw. #Chrome #ZeroDay #Vulnerability #Cybersecurity #CISA https://securityonline.info/cisa-adds-chrome-zero-day-cve-2025-10585-to-kev-after-public-exploit-appears/ https://securityonline.info/cisa-adds-chrome-zero-day-cve-2025-10585-to-kev-after-public-exploit-appears/" [X Link](https://x.com/the_yellow_fall/status/1970705533444464649) 2025-09-24T04:23Z [----] followers, [---] engagements "A SNMP flaw (CVE-2025-20352) in Cisco IOS/IOS XE is being actively exploited allowing attackers root access. Urgent patching and mitigation required #Cisco #SNMP #CVE #CyberSecurity #PatchNow https://securityonline.info/cisco-snmp-flaw-cve-2025-20352-actively-exploited-patch-now-to-stop-root-access/ https://securityonline.info/cisco-snmp-flaw-cve-2025-20352-actively-exploited-patch-now-to-stop-root-access/" [X Link](https://x.com/the_yellow_fall/status/1971034791152865361) 2025-09-25T02:11Z [----] followers, [---] engagements "Shoggoth is an open-source project based on C++ and asmjit library used to encrypt given shellcode PE and COFF files polymorphically. Shoggoth will generate an output file that stores the payload and its corresponding loader in an obfuscated form. https://meterpreter.org/shoggoth-asmjit-based-polymorphic-encryptor/ https://meterpreter.org/shoggoth-asmjit-based-polymorphic-encryptor/" [X Link](https://x.com/the_yellow_fall/status/1971124441582374994) 2025-09-25T08:07Z [----] followers, [---] engagements "Cisco patches a Critical [---] zero-day (CVE-2025-20333) in ASA/FTD VPN web servers. Authenticated attackers can exploit the flaw for root-level Remote Code Execution. #CiscoZeroDay #RCE #ASAVulnerability #PatchCritical https://securityonline.info/critical-cisco-zero-day-cve-2025-20333-cvss-9-9-under-active-attack-vpn-flaw-allows-root-rce/ https://securityonline.info/critical-cisco-zero-day-cve-2025-20333-cvss-9-9-under-active-attack-vpn-flaw-allows-root-rce/" [X Link](https://x.com/the_yellow_fall/status/1971383805736034740) 2025-09-26T01:18Z [----] followers, [---] engagements "A vulnerability dubbed "LNK Stomping" (CVE-2024-38217) is actively used to strip the 'Mark of the Web' from LNK files bypassing Windows security policies. #LNKStomping #MoTW #WindowsSecurity #CVE #Cyberattack https://securityonline.info/lnk-stomping-attackers-bypass-windows-security-by-stripping-the-mark-of-the-web/ https://securityonline.info/lnk-stomping-attackers-bypass-windows-security-by-stripping-the-mark-of-the-web/" [X Link](https://x.com/the_yellow_fall/status/1971393662526554325) 2025-09-26T01:57Z [----] followers, [---] engagements "SUSE patches three flaws in Rancher Manager. A phishing vulnerability (CVSS 8.1) can steal admin tokens while a DoS flaw can lock out administrators. #Rancher #SAMLPhishing #KubernetesSecurity #CVE #PatchNow https://securityonline.info/suse-rancher-security-team-patches-three-vulnerabilities-in-rancher-manager/ https://securityonline.info/suse-rancher-security-team-patches-three-vulnerabilities-in-rancher-manager/" [X Link](https://x.com/the_yellow_fall/status/1972486373023326213) 2025-09-29T02:19Z [----] followers, [---] engagements "A DLL hijacking flaw (CVE-2025-56383) in Notepad++ v8.8.3 allows attackers to replace a trusted DLL with a malicious one to execute arbitrary code. #NotepadPlusPlus #DLLHijacking #CVE #Cybersecurity #SecurityAlert https://securityonline.info/dll-hijacking-flaw-cve-2025-56383-found-in-notepad-allowing-arbitrary-code-execution-poc-available/ https://securityonline.info/dll-hijacking-flaw-cve-2025-56383-found-in-notepad-allowing-arbitrary-code-execution-poc-available/" [X Link](https://x.com/the_yellow_fall/status/1972493262536773926) 2025-09-29T02:46Z [----] followers, [---] engagements "GoAnywhere MFT Zero-Day Actively Exploited for Days Before Patch Release CVE-2025-10035 stems from a deserialization bug in the License Servlet component enabling unauthenticated command injection. https://meterpreter.org/goanywhere-mft-zero-day-actively-exploited-for-days-before-patch-release/ https://meterpreter.org/goanywhere-mft-zero-day-actively-exploited-for-days-before-patch-release/" [X Link](https://x.com/the_yellow_fall/status/1972570768484782132) 2025-09-29T07:54Z [----] followers, [---] engagements "Broadcom has patched three flaws in VMware Aria Operations and VMware Tools. The vulnerabilities include privilege escalation and information disclosure. #Broadcom #VMware #SecurityPatch #CVE #Cybersecurity https://securityonline.info/broadcom-patches-vmware-flaws-privilege-escalation-and-info-disclosure-vulnerabilities-affect-vmware-tools-and-aria-operations/ https://securityonline.info/broadcom-patches-vmware-flaws-privilege-escalation-and-info-disclosure-vulnerabilities-affect-vmware-tools-and-aria-operations/" [X Link](https://x.com/the_yellow_fall/status/1972840063550828819) 2025-09-30T01:44Z [----] followers, [---] engagements "A critical RCE flaw (CVSS 10) in Doxense's Watchdoc print management solution allows unauthenticated attackers to execute code and take control of the print server. #Watchdoc #RCE #CVE #Cybersecurity #PrintServer https://securityonline.info/cve-2025-58384-cvss-10-critical-rce-flaw-found-in-watchdoc-print-management-software/ https://securityonline.info/cve-2025-58384-cvss-10-critical-rce-flaw-found-in-watchdoc-print-management-software/" [X Link](https://x.com/the_yellow_fall/status/1972842365833646465) 2025-09-30T01:54Z [----] followers, [---] engagements "Broadcom patches three vulnerabilities in VMware vCenter and NSX. The flaws could lead to SMTP header injection and username enumeration increasing the risk of unauthorized access. #Broadcom #VMware #SecurityPatch #vCenter #NSX https://securityonline.info/broadcom-fixes-multiple-vmware-vcenter-and-nsx-vulnerabilities/ https://securityonline.info/broadcom-fixes-multiple-vmware-vcenter-and-nsx-vulnerabilities/" [X Link](https://x.com/the_yellow_fall/status/1972845915280138707) 2025-09-30T02:08Z [----] followers, [---] engagements "Zero-Day PoC Published: Local Privilege Escalation Flaw in VMware Tools Used by Chinese APT #VMwareZeroDay #UNC5174 #Cybersecurity #PrivilegeEscalation #PatchNow https://securityonline.info/zero-day-poc-published-privilege-escalation-flaw-in-vmware-tools-used-by-chinese-apt/ https://securityonline.info/zero-day-poc-published-privilege-escalation-flaw-in-vmware-tools-used-by-chinese-apt/" [X Link](https://x.com/the_yellow_fall/status/1972851353522503717) 2025-09-30T02:29Z [----] followers, [---] engagements "OpenSSL patches three flaws including CVE-2025-9230 (RCE/DoS risk) and a SM2 timing side-channel (CVE-2025-9231) that could allow private key recovery on ARM64. #OpenSSL #Crypto #SecurityPatch #CVE9230 #TimingAttack https://securityonline.info/openssl-patches-three-flaws-timing-side-channel-rce-risk-and-memory-corruption-affect-all-versions/ https://securityonline.info/openssl-patches-three-flaws-timing-side-channel-rce-risk-and-memory-corruption-affect-all-versions/" [X Link](https://x.com/the_yellow_fall/status/1973207917894705625) 2025-10-01T02:06Z [----] followers, [---] engagements "A critical flaw (CVE-2025-7493) in FreeIPA allows authenticated users to exploit Kerberos alias checks to gain full domain administrator privileges. Patch to v4.12.5 now. #FreeIPA #CVE #PrivilegeEscalation #Kerberos #Cybersecurity https://securityonline.info/cve-2025-7493-critical-flaw-in-freeipa-allows-host-users-to-escalate-to-domain-administrator/ https://securityonline.info/cve-2025-7493-critical-flaw-in-freeipa-allows-host-users-to-escalate-to-domain-administrator/" [X Link](https://x.com/the_yellow_fall/status/1973221381442773118) 2025-10-01T03:00Z [----] followers, [---] engagements "A critical flaw (CVE-2025-10725) in Red Hat OpenShift AI allows low-privileged users to escalate to full cluster admin privileges risking complete platform compromise. #OpenShiftAI #RedHat #CVE #Kubernetes #Cybersecurity https://securityonline.info/cve-2025-10725-cvss-9-9-red-hat-openshift-ai-privilege-escalation-flaw-could-lead-to-full-cluster-compromise/ https://securityonline.info/cve-2025-10725-cvss-9-9-red-hat-openshift-ai-privilege-escalation-flaw-could-lead-to-full-cluster-compromise/" [X Link](https://x.com/the_yellow_fall/status/1973240665434882361) 2025-10-01T04:16Z [----] followers, [---] engagements "The Django team released urgent updates (v5.2.7 5.1.13 4.2.25) to fix a High-severity SQL Injection flaw (CVE-2025-59681) affecting QuerySet methods in MySQL/MariaDB. #Django #SQLInjection #Cybersecurity #WebDev #PatchNow https://securityonline.info/django-security-alert-high-severity-sql-injection-flaw-cve-2025-59681-fixed-in-latest-updates/ https://securityonline.info/django-security-alert-high-severity-sql-injection-flaw-cve-2025-59681-fixed-in-latest-updates/" [X Link](https://x.com/the_yellow_fall/status/1973562439653601475) 2025-10-02T01:35Z [----] followers, [---] engagements "Splunk issued patches for six flaws including a High-severity blind SSRF (CVE-2025-20371) and XSS issues that could allow attackers to access sensitive data and crash the platform. #Splunk #SplunkSecurity #SSRF #XSS #Cybersecurity https://securityonline.info/splunk-fixes-six-flaws-including-unauthenticated-ssrf-and-xss-vulnerabilities-in-enterprise-platform/ https://securityonline.info/splunk-fixes-six-flaws-including-unauthenticated-ssrf-and-xss-vulnerabilities-in-enterprise-platform/" [X Link](https://x.com/the_yellow_fall/status/1973565532919177307) 2025-10-02T01:47Z [----] followers, [---] engagements "AI-Powered CAPTCHA Solver is a Python-based command-line tool that uses large multimodal models (LMMs) like OpenAI's GPT-4o and Google's Gemini to automatically solve various types of CAPTCHAs. https://meterpreter.org/ai-captcha-solver-new-tool-uses-gpt-4o-and-gemini-to-beat-various-web-security-challenges/ https://meterpreter.org/ai-captcha-solver-new-tool-uses-gpt-4o-and-gemini-to-beat-various-web-security-challenges/" [X Link](https://x.com/the_yellow_fall/status/1975026765602201668) 2025-10-06T02:34Z [----] followers, [---] engagements "A flaw in the Unity Runtime (CVE-2025-59489) allows local code execution in games via DLL injection through the Android intent handler. Developers must rebuild their apps. #Unity #CVE #GameSecurity #RCE #PatchNow https://securityonline.info/unity-flaw-cve-2025-59489-allows-local-code-execution-in-millions-of-games/ https://securityonline.info/unity-flaw-cve-2025-59489-allows-local-code-execution-in-millions-of-games/" [X Link](https://x.com/the_yellow_fall/status/1975044139961184767) 2025-10-06T03:43Z [----] followers, [---] engagements "Synacktiv exposed a critical flaw chain in Snipe-IT. A low-privileged user can exploit a Stored XSS (CVE-2025-59712) to hijack admin sessions and trigger RCE (CVE-2025-59713) via unsafe deserialization. #SnipeIT #RCEChain #Deserialization #Cybersecurity https://securityonline.info/snipe-it-flaw-chained-xss-cve-2025-59712-to-rce-cve-2025-59713-achieves-full-server-compromise-poc-released/ https://securityonline.info/snipe-it-flaw-chained-xss-cve-2025-59712-to-rce-cve-2025-59713-achieves-full-server-compromise-poc-released/" [X Link](https://x.com/the_yellow_fall/status/1975371019272786202) 2025-10-07T01:22Z [----] followers, [---] engagements "A Chinese APT used fake Cloudflare verification pages and malicious LNK files to inject PlugX via DLL sideloading into a Serbian aviation agency aiming for long-term espionage. #PlugX #ChineseAPT #Spearphishing #CyberEspionage #DLLsideloading https://securityonline.info/chinese-apt-launches-spearphishing-campaign-using-fake-cloudflare-lure-to-deliver-plugx-malware/ https://securityonline.info/chinese-apt-launches-spearphishing-campaign-using-fake-cloudflare-lure-to-deliver-plugx-malware/" [X Link](https://x.com/the_yellow_fall/status/1975373188340326449) 2025-10-07T01:30Z [----] followers, [---] engagements "A Critical (CVSS 10.0) zero-day RCE flaw (CVE-2025-10035) in GoAnywhere MFT is being actively exploited by the Medusa ransomware group Storm-1175. Patch immediately. #GoAnywhere #CVE10035 #Ransomware #Storm1175 #ZeroDay https://securityonline.info/critical-rce-cve-2025-10035-in-goanywhere-mft-used-by-medusa-ransomware-group/ https://securityonline.info/critical-rce-cve-2025-10035-in-goanywhere-mft-used-by-medusa-ransomware-group/" [X Link](https://x.com/the_yellow_fall/status/1975375851937276003) 2025-10-07T01:41Z [----] followers, [---] engagements "CrowdStrike warns that the Critical RCE zero-day (CVE-2025-61882) in Oracle E-Business Suite is being actively exploited by GRACEFUL SPIDER (Clop affiliate) for corporate data theft. Patch immediately. #OracleEBS #ZeroDay #CVE #Ransomware #CrowdStrike https://securityonline.info/oracle-ebs-zero-day-cve-2025-61882-under-active-rce-exploitation-by-graceful-spider/ https://securityonline.info/oracle-ebs-zero-day-cve-2025-61882-under-active-rce-exploitation-by-graceful-spider/" [X Link](https://x.com/the_yellow_fall/status/1975384539095834717) 2025-10-07T02:15Z [----] followers, [---] engagements "Elastic patched five flaws in Kibana/Elasticsearch including three Critical XSS issues (CVE-2025-25009) and credential leaks urging immediate upgrades to v8.18.8+. #Elasticsearch #Kibana #XSS #CVE #Cybersecurity https://securityonline.info/elastic-fixes-multiple-high-severity-vulnerabilities-in-kibana-and-elasticsearch/ https://securityonline.info/elastic-fixes-multiple-high-severity-vulnerabilities-in-kibana-and-elasticsearch/" [X Link](https://x.com/the_yellow_fall/status/1975387979377168743) 2025-10-07T02:29Z [----] followers, [---] engagements "OpenAI CEO Sam Altman announced at DevDay that ChatGPT now has [---] million weekly active users making it the world's most dominant generative AI platform. #ChatGPT #AIAdoption #800Million #OpenAI #GenerativeAI https://securityonline.info/chatgpt-reaches-800-million-weekly-users-cementing-dominance-in-generative-ai-adoption/ https://securityonline.info/chatgpt-reaches-800-million-weekly-users-cementing-dominance-in-generative-ai-adoption/" [X Link](https://x.com/the_yellow_fall/status/1975398867354198123) 2025-10-07T03:12Z [----] followers, [---] engagements "Chrome 141.0.7390.65/66 is released patching High-severity memory flaws: CVE-2025-11458 (Sync Heap Overflow) and CVE-2025-11460 (Storage UAF) risking RCE. Update immediately. #ChromeUpdate #MemorySafety #CVE #UAF #SecurityAlert https://securityonline.info/chrome-141-stable-fixes-two-high-severity-flaws-heap-overflow-in-sync-and-uaf-in-storage/ https://securityonline.info/chrome-141-stable-fixes-two-high-severity-flaws-heap-overflow-in-sync-and-uaf-in-storage/" [X Link](https://x.com/the_yellow_fall/status/1975748511942476250) 2025-10-08T02:22Z [----] followers, [---] engagements "CISA added the Zimbra XSS zero-day (CVE-2025-27915) to its KEV Catalog due to active exploitation since January. Attackers use malicious .ICS files to steal mail data. #ZimbraXSS #ZeroDay #CVE #CISA_KEV #PatchNow https://securityonline.info/zimbra-xss-zero-day-cve-2025-27915-actively-exploited-cisa-adds-to-kev-catalog/ https://securityonline.info/zimbra-xss-zero-day-cve-2025-27915-actively-exploited-cisa-adds-to-kev-catalog/" [X Link](https://x.com/the_yellow_fall/status/1975757013427888274) 2025-10-08T02:55Z [----] followers, [---] engagements "A Critical (CVSS 9.9) flaw (CVE-2025-44823) in Nagios Log Server allows any authenticated user to retrieve plaintext administrative API keys leading to full system compromise. Update now. #Nagios #APILeak #Cybersecurity #CVE #LogServer https://securityonline.info/critical-nagios-flaw-cve-2025-44823-cvss-9-9-leaks-plaintext-admin-api-keys-poc-available/ https://securityonline.info/critical-nagios-flaw-cve-2025-44823-cvss-9-9-leaks-plaintext-admin-api-keys-poc-available/" [X Link](https://x.com/the_yellow_fall/status/1975772963577471282) 2025-10-08T03:59Z [----] followers, [---] engagements "Google launched the Gemini [---] Computer Use model enabling AI agents to interact directly with web interfaces (clicking typing) to execute complex multi-step tasks. #GeminiAI #ComputerUse #WebAutomation #AIAgent #GoogleDeepMind https://securityonline.info/google-unveils-gemini-2-5-computer-use-the-next-gen-ai-model-that-takes-action-on-web-interfaces/ https://securityonline.info/google-unveils-gemini-2-5-computer-use-the-next-gen-ai-model-that-takes-action-on-web-interfaces/" [X Link](https://x.com/the_yellow_fall/status/1975781589151064110) 2025-10-08T04:33Z [----] followers, [---] engagements "patched a Critical (CVSS 9.3) flaw in Akka.Remote (CVE-2025-61778). Missing mutual TLS allows unauthenticated untrusted clients to connect to secure clusters. #AkkaNet #CVE #mTLS #Cybersecurity #DistributedSystems https://securityonline.info/critical-akka-net-flaw-cve-2025-61778-cvss-9-3-allows-untrusted-nodes-to-join-secure-clusters/ http://Akka.NET https://securityonline.info/critical-akka-net-flaw-cve-2025-61778-cvss-9-3-allows-untrusted-nodes-to-join-secure-clusters/ http://Akka.NET" [X Link](https://x.com/the_yellow_fall/status/1976100312919441824) 2025-10-09T01:40Z [----] followers, [---] engagements "CrowdStrike patched two flaws in Falcon Sensor for Windows (CVE-2025-42701). Attackers with local code execution can delete arbitrary files risking system stability. #CrowdStrike #FalconSensor #WindowsSecurity #FileDeletion #Cybersecurity https://securityonline.info/crowdstrike-releases-fixes-for-two-falcon-sensor-for-windows-vulnerabilities-cve-2025-42701-cve-2025-42706/ https://securityonline.info/crowdstrike-releases-fixes-for-two-falcon-sensor-for-windows-vulnerabilities-cve-2025-42701-cve-2025-42706/" [X Link](https://x.com/the_yellow_fall/status/1976104187705622859) 2025-10-09T01:55Z [----] followers, [---] engagements "GitLab patched two high-severity flaws: CVE-2025-11340 (Auth Bypass) allows API write access with read-only tokens and CVE-2025-10004 permits unauthenticated DoS via GraphQL. #GitLab #GraphQL #CVE #SecurityUpdate #DevOps https://securityonline.info/gitlab-patches-two-high-severity-flaws-in-graphql-api-affecting-both-ce-and-ee-editions/ https://securityonline.info/gitlab-patches-two-high-severity-flaws-in-graphql-api-affecting-both-ce-and-ee-editions/" [X Link](https://x.com/the_yellow_fall/status/1976109087340494871) 2025-10-09T02:14Z [----] followers, [---] engagements "Unit [--] exposed the IUAM ClickFix Generator an automated phishing tool that tricks victims into manually executing PowerShell commands to install DeerStealer and Odyssey malware. #ClickFix #PhishingKit #SocialEngineering #Cybercrime https://securityonline.info/clickfix-phishing-new-automated-kits-trick-users-into-manually-running-malware-and-stealers/ https://securityonline.info/clickfix-phishing-new-automated-kits-trick-users-into-manually-running-malware-and-stealers/" [X Link](https://x.com/the_yellow_fall/status/1976461684685537724) 2025-10-10T01:36Z [----] followers, [---] engagements "Expel uncovered a phishing attack using Cache Smuggling to deliver malware. The technique uses a fake Fortinet lure and PowerShell to execute a payload staged in the browser's cache bypassing network detection. #CacheSmuggling #ClickFix #MalwareEvasion https://securityonline.info/zero-download-malware-new-cache-smuggling-phishing-attack-delivers-payload-via-browser-cache/ https://securityonline.info/zero-download-malware-new-cache-smuggling-phishing-attack-delivers-payload-via-browser-cache/" [X Link](https://x.com/the_yellow_fall/status/1976462679150866852) 2025-10-10T01:39Z [----] followers, [---] engagements "NVIDIA released an urgent update for its GPU Display Driver fixing multiple high-severity flaws including RCE via an uncontrolled DLL loading path (CVE-2025-23309). Update now. #NVIDIA #GPUdriver #Cybersecurity #RCE #CVE https://securityonline.info/nvidia-gpu-driver-patches-multiple-high-severity-flaws-risking-rce-and-privilege-escalation/ https://securityonline.info/nvidia-gpu-driver-patches-multiple-high-severity-flaws-risking-rce-and-privilege-escalation/" [X Link](https://x.com/the_yellow_fall/status/1976477634214424581) 2025-10-10T02:39Z [----] followers, [---] engagements "A Critical (CVSS 9.4) flaw in Happy DOM allows untrusted JavaScript to escape the Node.js VM context and achieve RCE on the host system via the Function inheritance chain. Update to v20. #HappyDOM #VMEscape #RCE #Nodejs #Cybersecurity https://securityonline.info/cve-2025-61927-cvss-9-4-critical-rce-flaw-discovered-in-happy-dom-over-2-7-million-weekly-downloads-impacted/ https://securityonline.info/cve-2025-61927-cvss-9-4-critical-rce-flaw-discovered-in-happy-dom-over-2-7-million-weekly-downloads-impacted/" [X Link](https://x.com/the_yellow_fall/status/1977570059901129128) 2025-10-13T03:00Z [----] followers, [---] engagements "A consortium of LAPSUS$/ShinyHunters hackers launched an EaaS campaign claiming [--] billion records stolen from [--] Salesforce customers and demanded a ransom before an October [--] deadline. #SalesforceHack #Extortion #TrinityOfChaos #Cybercrime https://securityonline.info/hacker-alliance-demands-ransom-scattered-lapsus-hunters-claim-1-billion-records-stolen-from-salesforce/ https://securityonline.info/hacker-alliance-demands-ransom-scattered-lapsus-hunters-claim-1-billion-records-stolen-from-salesforce/" [X Link](https://x.com/the_yellow_fall/status/1977914854766727497) 2025-10-14T01:50Z [----] followers, [---] engagements "Veeam patched two Critical RCE flaws (CVE-2025-48983 & -48984) in Backup & Replication v12 that let authenticated domain users compromise backup infrastructure. #Veeam #RCE #Cybersecurity #CVE https://securityonline.info/critical-rce-flaws-cve-2025-48983-cve-2025-48984-cvss-9-9-found-in-veeam-backup-replication/ https://securityonline.info/critical-rce-flaws-cve-2025-48983-cve-2025-48984-cvss-9-9-found-in-veeam-backup-replication/" [X Link](https://x.com/the_yellow_fall/status/1978286316786708989) 2025-10-15T02:26Z [----] followers, [---] engagements "Samba released an urgent fix for a Critical (CVSS 10.0) RCE flaw (CVE-2025-10230) allowing unauthenticated command injection on AD DCs when the WINS hook is enabled. #Samba #RCE #Cybersecurity https://securityonline.info/critical-samba-rce-flaw-cve-2025-10230-cvss-10-0-allows-unauthenticated-command-injection-on-ad-dcs/ https://securityonline.info/critical-samba-rce-flaw-cve-2025-10230-cvss-10-0-allows-unauthenticated-command-injection-on-ad-dcs/" [X Link](https://x.com/the_yellow_fall/status/1978652534362550552) 2025-10-16T02:41Z [----] followers, [---] engagements "RPC Investigator (RPCI) is a .NET/C# Windows Forms UI application that provides an advanced discovery and analysis interface to Windows RPC endpoints. https://meterpreter.org/rpc-investigator-advanced-discovery-and-analysis-interface-to-windows-rpc-endpoints/ https://meterpreter.org/rpc-investigator-advanced-discovery-and-analysis-interface-to-windows-rpc-endpoints/" [X Link](https://x.com/the_yellow_fall/status/1978744512919826629) 2025-10-16T08:47Z [----] followers, [---] engagements "Resecurity exposed Qilin RaaS's reliance on bulletproof hosting (BPH) in Russia/HK. The same network was linked to the Asahi Group Holdings ransomware attack that stole [--] GB of data. #Qilin #Ransomware #BPH #Cybercrime https://securityonline.info/qilin-ransomwares-resilience-exposed-bulletproof-hosting-network-underpins-asahi-group-holdings-attack/ https://securityonline.info/qilin-ransomwares-resilience-exposed-bulletproof-hosting-network-underpins-asahi-group-holdings-attack/" [X Link](https://x.com/the_yellow_fall/status/1979001714792366240) 2025-10-17T01:49Z [----] followers, [---] engagements "Hydra [--] released. CHANGELOG for [---] =================== Development moved to a public github. http://t.co/B5GasQiuIM http://fb.me/1mc131kgx http://fb.me/1mc131kgx" [X Link](https://x.com/the_yellow_fall/status/465925498904649728) 2014-05-12T18:44Z [----] followers, [--] engagements "Best SQL Injection Tools for Penetration Testers [--]. BSQL Hacker This is a useful tool for both experts and. http://t.co/o0uDhYOths http://fb.me/1oWzboPFb http://fb.me/1oWzboPFb" [X Link](https://x.com/the_yellow_fall/status/526650059803602944) 2014-10-27T08:22Z [----] followers, [--] engagements "I liked a @YouTube video GoldenEye Layer [--] DoS Test Tool http://youtu.be/qhYiFLDVuD8a http://youtu.be/qhYiFLDVuD8a" [X Link](https://x.com/the_yellow_fall/status/734352444021444608) 2016-05-22T11:57Z [----] followers, [--] engagements "Kali Linux [------] Fix sound mute and start pulseaudio on startup http://kalilinux.co/forums/topic/kali-linux-2016-2-fix-sound-mute-and-start-pulseaudio-on-startup/#.WHcDZXTvwy4.twitter http://kalilinux.co/forums/topic/kali-linux-2016-2-fix-sound-mute-and-start-pulseaudio-on-startup/#.WHcDZXTvwy4.twitter" [X Link](https://x.com/the_yellow_fall/status/819397938019495937) 2017-01-12T04:17Z [----] followers, [--] engagements "PyREBox: a Python scriptable Reverse Engineering sandbox https://goo.gl/crpXaA https://goo.gl/crpXaA" [X Link](https://x.com/the_yellow_fall/status/899964771717525504) 2017-08-22T12:01Z [----] followers, [--] engagements "angularjs-csti-scanner: Automated client-side template injection (sandbox escape/bypass) detection for AngularJS https://securityonline.info/angularjs-csti-scanner-automated-client-side-template-injection-sandbox-escapebypass-detection-angularjs/ https://securityonline.info/angularjs-csti-scanner-automated-client-side-template-injection-sandbox-escapebypass-detection-angularjs/" [X Link](https://x.com/the_yellow_fall/status/912992106737750016) 2017-09-27T10:47Z [----] followers, [--] engagements "angularjs-csti-scanner: Automated client-side template injection (sandbox escape/bypass) detection for AngularJS https://goo.gl/i6SvBM https://goo.gl/i6SvBM" [X Link](https://x.com/the_yellow_fall/status/917721719829422081) 2017-10-10T12:01Z [----] followers, [--] engagements "ClickHouse: a free analytic DBMS for big data #opensource #infosec #Security #pentest https://securityonline.info/clickhouse-analystic-dbms-bigdata/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost https://securityonline.info/clickhouse-analystic-dbms-bigdata/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost" [X Link](https://x.com/the_yellow_fall/status/945779020762943488) 2017-12-26T22:11Z [----] followers, [--] engagements "yersinia: A framework for layer [--] attacks #opensource #infosec #Security #pentest https://securityonline.info/yersinia-framework-layer-2-attacks/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost https://securityonline.info/yersinia-framework-layer-2-attacks/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost" [X Link](https://x.com/the_yellow_fall/status/949630933858168832) 2018-01-06T13:17Z [----] followers, [--] engagements "CVE-2018-5702: Transmission BitTorrent flaw allow hacker to take control your computer https://securityonline.info/cve-2018-5702-transmission-bittorrent-flaw-allow-hacker-to-take-control-your-computer/ https://securityonline.info/cve-2018-5702-transmission-bittorrent-flaw-allow-hacker-to-take-control-your-computer/" [X Link](https://x.com/the_yellow_fall/status/953460310790299648) 2018-01-17T02:53Z [----] followers, [--] engagements "MorphAES: IDPS & SandBox & AntiVirus STEALTH KILLER #opensource #infosec #Security #pentest https://securityonline.info/morphaes-idps-sandbox-antivirus-stealth-killer/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost https://securityonline.info/morphaes-idps-sandbox-antivirus-stealth-killer/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost" [X Link](https://x.com/the_yellow_fall/status/976649398091468805) 2018-03-22T02:38Z [----] followers, [--] engagements "cloudfrunt: dentifying misconfigured CloudFront domains https://securityonline.info/cloudfrunt-dentifying-misconfigured-cloudfront-domains/ https://securityonline.info/cloudfrunt-dentifying-misconfigured-cloudfront-domains/" [X Link](https://x.com/the_yellow_fall/status/982088378937217024) 2018-04-06T02:51Z [----] followers, [--] engagements "Collection HTML/CSS/JavaScript/SQL: Static analysis tools #opensource #infosec #infosecurity #Security #pentest https://securityonline.info/collection-htmlcssjavascriptsql-static-analysis-tools/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost https://securityonline.info/collection-htmlcssjavascriptsql-static-analysis-tools/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost" [X Link](https://x.com/the_yellow_fall/status/986092005183934464) 2018-04-17T04:00Z [----] followers, [--] engagements "cloudfrunt: dentifying misconfigured CloudFront domains #opensource #infosec #Security #pentest https://securityonline.info/cloudfrunt-dentifying-misconfigured-cloudfront-domains/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost https://securityonline.info/cloudfrunt-dentifying-misconfigured-cloudfront-domains/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost" [X Link](https://x.com/the_yellow_fall/status/990321633738084352) 2018-04-28T20:07Z [----] followers, [--] engagements Limited data mode. Full metrics available with subscription: lunarcrush.com/pricing
@the_yellow_fall Gray Hats
Gray Hats posts on X about cybersecurity, ai, $googl, microsoft the most. They currently have [------] followers and [---] posts still getting attention that total [-----] engagements in the last [--] hours.
Engagements: [-----] #
- [--] Week [-----] +113%
- [--] Month [------] -14%
- [--] Months [-------] -47%
- [--] Year [-------] +14%
Mentions: [--] #
- [--] Week [--] +80%
- [--] Month [---] +75%
- [--] Months [---] -42%
- [--] Year [-----] -10%
Followers: [------] #
- [--] Week [------] +0.95%
- [--] Month [------] +1.30%
- [--] Months [------] +11%
- [--] Year [------] +35%
CreatorRank: [-------] #
Social Influence
Social category influence technology brands 28.57% stocks 16.88% finance 5.19% social networks 2.6% countries 1.3% exchanges 0.65% fashion brands 0.65% cryptocurrencies 0.65%
Social topic influence cybersecurity #35, ai 4.55%, $googl 3.9%, microsoft 3.25%, vmware 3.25%, tplink 2.6%, crowdstrike 2.6%, crypto 2.6%, target 2.6%, apt 1.95%
Top accounts mentioned or mentioned by @vuln_tracker @youtube @6rok__ @superfluoussec
Top assets mentioned Alphabet Inc Class A (GOOGL) Microsoft Corp. (MSFT) Crowdstrike Holdings Inc (CRWD) Zscaler Inc (ZS) Cloudflare, Inc. (NET) FilesCoins Power Cu (FILECOIN) BitTorrent (BTT)
Top Social Posts
Top posts by engagements in the last [--] hours
"GnuTLS v3.8.12 fixes high-severity DoS flaws (CVE-2026-1584). Malicious TLS [---] handshakes can crash servers. Update now to prevent outages. #GnuTLS #CyberSecurity #CVE20261584 #DoS #InfoSec #TLS13 #Linux https://securityonline.info/handshake-halt-gnutls-3-8-12-fixes-tls-1-3-crash-cpu-exhaustion/ https://securityonline.info/handshake-halt-gnutls-3-8-12-fixes-tls-1-3-crash-cpu-exhaustion/"
X Link 2026-02-11T01:44Z 10.3K followers, [---] engagements
"Akamai reveals critical Vivotek camera flaw CVE-2026-22755. Unauthenticated command injection allows root access. Update legacy firmware now. #Vivotek #IoTSecurity #CyberSecurity #CVE202622755 #Botnet #InfoSec #Akamai #Surveillance https://securityonline.info/critical-vivotek-flaw-grants-root-access-cve-2026-22755/ https://securityonline.info/critical-vivotek-flaw-grants-root-access-cve-2026-22755/"
X Link 2026-01-22T02:46Z 10.2K followers, [---] engagements
"Public PoC released for critical Oracle E-Business Suite RCE (CVE-2025-61882). Ransomware gangs are actively exploiting this CVSS [---] flaw. Patch now. #Oracle #CVE202561882 #PublicPoC #CyberSecurity #RCE #Ransomware #InfoSec #ExploitAlert https://securityonline.info/poc-released-for-critical-oracle-e-business-suite-flaw-exploited-by-ransomware/ https://securityonline.info/poc-released-for-critical-oracle-e-business-suite-flaw-exploited-by-ransomware/"
X Link 2026-01-26T03:07Z 10.3K followers, [----] engagements
"Critical WD Discovery flaw CVE-2025-30248 (CVSS 8.9) allows DLL hijacking during installation. Update to v5.3 immediately to prevent system takeover. #WesternDigital #CyberSecurity #CVE202530248 #DLLHijacking #InfoSec #WindowsSecurity #WDDiscovery https://securityonline.info/high-severity-flaw-in-western-digital-installer-opens-door-to-code-execution/ https://securityonline.info/high-severity-flaw-in-western-digital-installer-opens-door-to-code-execution/"
X Link 2026-01-27T03:27Z 10.2K followers, [---] engagements
"TP-Link patches CVE-2025-14756 (CVSS 8.5) in Archer MR600 routers. This command injection flaw allows full device takeover. Update firmware now. #TPLink #CyberSecurity #ArcherMR600 #CVE202514756 #InfoSec #RouterSecurity #FirmwareUpdate #IoT https://securityonline.info/router-takeover-high-severity-command-injection-flaw-hits-tp-link-archer-mr600/ https://securityonline.info/router-takeover-high-severity-command-injection-flaw-hits-tp-link-archer-mr600/"
X Link 2026-01-28T02:11Z 10.3K followers, [---] engagements
"OpenSSL patches [--] flaws including high-severity CVE-2025-15467 allowing pre-auth RCE via CMS. Update to 3.6.1/3.0.19 immediately to secure systems. #OpenSSL #CyberSecurity #CVE202515467 #InfoSec #RCE #Cryptography #PatchTuesday https://securityonline.info/pre-auth-rce-risk-openssl-patches-high-severity-stack-overflow-cve-2025-15467/ https://securityonline.info/pre-auth-rce-risk-openssl-patches-high-severity-stack-overflow-cve-2025-15467/"
X Link 2026-01-28T02:18Z 10.2K followers, [---] engagements
"Microsoft Excel's Agent Mode is now on Windows and Mac Switch between GPT-5.2 and Claude [---] to automate complex workbooks and live web data. #ExcelAgent #Copilot #GPT5 #Claude4 #Microsoft365 #AI2026 #DataScience #Automation #TechNews https://securityonline.info/excels-new-brain-agent-mode-brings-gpt-5-2-and-claude-4-5-to-desktop/ https://securityonline.info/excels-new-brain-agent-mode-brings-gpt-5-2-and-claude-4-5-to-desktop/"
X Link 2026-01-29T01:35Z 10.2K followers, [---] engagements
"Critical WinRAR flaw CVE-2025-8088 is exploited by spies & cybercriminals. "Zeroplayer" sells the exploit. Update to v7.13 to stop Startup folder attacks. #WinRAR #CyberSecurity #CVE20258088 #InfoSec #Malware #APT #Zeroplayer https://securityonline.info/the-zeroplayer-arsenal-winrar-flaw-cve-2025-8088-weaponized-by-spies/ https://securityonline.info/the-zeroplayer-arsenal-winrar-flaw-cve-2025-8088-weaponized-by-spies/"
X Link 2026-01-29T02:01Z 10.3K followers, [---] engagements
"TP-Link fixes critical IDOR (CVE-2025-9520) in Omada Controller allowing admins to hijack Owner accounts. Update now to prevent total network takeover. #TPLink #Omada #CyberSecurity #IDOR #NetworkSecurity #CVE20259520 #InfoSec #NetSec https://securityonline.info/high-severity-idor-flaw-lets-admins-hijack-tp-link-omada-owner-accounts/ https://securityonline.info/high-severity-idor-flaw-lets-admins-hijack-tp-link-omada-owner-accounts/"
X Link 2026-01-29T03:14Z 10.3K followers, [---] engagements
"LinkedIn launched verified Vibe Coding skills in Jan [----]. Showcase tool-backed credentials from Replit and Lovable to prove your AI proficiency. #VibeCoding #LinkedInUpdate #AI2026 #Replit #Lovable #FutureOfWork #AIEngineering #PromptEngineering https://securityonline.info/the-end-of-manual-syntax-linkedin-adds-verified-vibe-coding-skills/ https://securityonline.info/the-end-of-manual-syntax-linkedin-adds-verified-vibe-coding-skills/"
X Link 2026-01-29T07:44Z 10.3K followers, [---] engagements
"NVIDIA replaces Apple as TSMC's largest customer in Jan [----]. Discover how the $33B AI chip boom is rewriting the rules of the silicon industry. #NVIDIA #Apple #TSMC #AI2026 #Semiconductors #TechNews #JensenHuang #AIBoom #ChipWar https://securityonline.info/the-ai-squeeze-nvidia-overtakes-apple-as-tsmcs-top-revenue-source/ https://securityonline.info/the-ai-squeeze-nvidia-overtakes-apple-as-tsmcs-top-revenue-source/"
X Link 2026-01-30T01:32Z 10.3K followers, [---] engagements
"CISA warns of CVSS [--] flaw CVE-2025-26385 in Johnson Controls Metasys. Remote SQL execution possible. Patch now or close TCP port [----]. #JohnsonControls #CyberSecurity #Metasys #CVE202526385 #SmartBuilding #ICSecurity #InfoSec https://securityonline.info/smart-buildings-at-risk-critical-johnson-controls-flaw-cvss-10-allows-remote-sql-injection/ https://securityonline.info/smart-buildings-at-risk-critical-johnson-controls-flaw-cvss-10-allows-remote-sql-injection/"
X Link 2026-01-30T02:02Z 10.3K followers, [---] engagements
"North Korea's LABYRINTH CHOLLIMA splits into [--] units: GOLDEN PRESSURE & Core. CrowdStrike reveals new strategy targeting crypto & defense. #NorthKorea #CyberSecurity #LabyrinthChollima #CrowdStrike #CryptoHeist #InfoSec #APT https://securityonline.info/hydra-tactics-north-koreas-labyrinth-chollima-splits-to-hunt-crypto-secrets/ https://securityonline.info/hydra-tactics-north-koreas-labyrinth-chollima-splits-to-hunt-crypto-secrets/"
X Link 2026-02-03T02:49Z 10.2K followers, [---] engagements
"ASUS removes "File Shredder" from Business Manager due to CVE-2025-13348 (CVSS 8.5). The feature is gone in V3.0.37.0. Check your commercial PCs. #ASUS #CyberSecurity #CVE202513348 #SysAdmin #InfoSec #TechNews #BusinessManager https://securityonline.info/asus-kills-file-shredder-feature-to-fix-critical-flaw/ https://securityonline.info/asus-kills-file-shredder-feature-to-fix-critical-flaw/"
X Link 2026-02-03T03:22Z 10.3K followers, [---] engagements
"Critical React flaw CVE-2025-55182 (CVSS 10.0) under mass exploitation. Two IPs drive 56% of attacks deploying miners & shells. Upgrade to v19.0.1+ now. #ReactJS #CyberSecurity #CVE202555182 #InfoSec #GreyNoise #WebDev #RCE https://securityonline.info/react-under-siege-two-ips-drive-56-of-critical-cve-2025-55182-attacks/ https://securityonline.info/react-under-siege-two-ips-drive-56-of-critical-cve-2025-55182-attacks/"
X Link 2026-02-04T02:13Z 10.3K followers, [---] engagements
"High-severity Rancher CLI flaw (CVE-2025-67601) exposes credentials via MitM attacks when using --skip-verify. Update or use -cacert immediately. #Rancher #Kubernetes #DevOps #CyberSecurity #CVE202567601 #InfoSec #CloudNative https://securityonline.info/silent-leak-high-severity-rancher-cli-flaw-exposes-admin-credentials/ https://securityonline.info/silent-leak-high-severity-rancher-cli-flaw-exposes-admin-credentials/"
X Link 2026-02-04T02:26Z 10.3K followers, [---] engagements
"Moxa warns of critical auth bypass (CVE-2024-12297 CVSS 9.2) in industrial switches. Flaw allows brute-force attacks. Patch TN-series devices now. #Moxa #OTSecurity #ICS #CyberSecurity #CVE202412297 #IndustrialIoT #InfoSec https://securityonline.info/industrial-alert-critical-auth-bypass-cvss-9-2-hits-moxa-switches/ https://securityonline.info/industrial-alert-critical-auth-bypass-cvss-9-2-hits-moxa-switches/"
X Link 2026-02-05T01:32Z 10.3K followers, [---] engagements
"Samsung MagicInfo9 has critical flaws (CVSS 9.8) including hardcoded passwords and RCE. Update to v21.1090.1 immediately to secure your digital signage. #Samsung #MagicInfo #CyberSecurity #CVE202625202 #DigitalSignage #InfoSec #RCE https://securityonline.info/signage-hijack-samsung-magicinfo9-flaws-cvss-9-8-expose-servers/ https://securityonline.info/signage-hijack-samsung-magicinfo9-flaws-cvss-9-8-expose-servers/"
X Link 2026-02-05T01:53Z 10.3K followers, [---] engagements
"Amaranth-Dragon (APT-41 nexus) weaponized WinRAR flaw CVE-2025-8088 in just [--] days. Southeast Asian govts targeted with malicious RAR archives. #AmaranthDragon #APT41 #WinRAR #CyberSecurity #InfoSec #CVE20258088 #Malware https://securityonline.info/10-days-to-exploit-amaranth-dragon-weaponizes-winrar-flaw-to-spy-on-se-asia/ https://securityonline.info/10-days-to-exploit-amaranth-dragon-weaponizes-winrar-flaw-to-spy-on-se-asia/"
X Link 2026-02-05T02:36Z 10.3K followers, [---] engagements
"Critical jsPDF flaws (CVE-2026-24133) allow XSS & DoS via malicious BMPs. Update to v4.1.0 immediately to prevent browser crashes and code injection. #jsPDF #WebDev #CyberSecurity #CVE202624133 #JavaScript #InfoSec #DoS https://securityonline.info/pdf-poison-popular-javascript-library-patches-critical-injection-and-crash-flaws/ https://securityonline.info/pdf-poison-popular-javascript-library-patches-critical-injection-and-crash-flaws/"
X Link 2026-02-06T01:50Z 10.3K followers, [---] engagements
"Sophisticated phishing abuses Vercel Blob & PDFs to bypass filters. Stolen credentials are exfiltrated via Telegram bots. Learn how to spot this attack. #Phishing #CyberSecurity #Vercel #Telegram #InfoSec #EmailSecurity #CloudSecurity https://securityonline.info/cloud-hosted-trap-phishers-use-vercel-telegram-to-bypass-filters/ https://securityonline.info/cloud-hosted-trap-phishers-use-vercel-telegram-to-bypass-filters/"
X Link 2026-02-06T01:52Z 10.3K followers, [---] engagements
"Critical Unstructured library flaw CVE-2025-64712 (CVSS 9.8) allows RCE via malicious .msg files. 4M+ downloads affected. Update to v0.18.18 now. #Unstructured #CVE202564712 #CyberSecurity #RCE #AI #Python #InfoSec https://securityonline.info/4-million-downloads-at-risk-critical-unstructured-flaw-cvss-9-8-allows-rce/ https://securityonline.info/4-million-downloads-at-risk-critical-unstructured-flaw-cvss-9-8-allows-rce/"
X Link 2026-02-06T01:58Z 10.3K followers, [---] engagements
"Critical n8n flaws (CVE-2026-25053 25056) allow attackers to hijack servers via Git & Merge nodes. Update to v2.5.0 now to prevent RCE. #n8n #WorkflowAutomation #CyberSecurity #CVE202625053 #RCE #InfoSec #DevSecOps https://securityonline.info/popular-n8n-platform-hit-by-triple-threat-of-rce-flaws/ https://securityonline.info/popular-n8n-platform-hit-by-triple-threat-of-rce-flaws/"
X Link 2026-02-06T02:23Z 10.3K followers, [---] engagements
"Critical Jinjava flaw CVE-2026-25526 (CVSS 9.8) breaks sandbox security. Attackers can execute Java code via template loops. Update to v2.8.3 now. #Jinjava #HubSpot #CyberSecurity #CVE202625526 #Java #RCE #InfoSec #SSTI https://securityonline.info/cve-2026-25526-critical-jinjava-flaw-cvss-9-8-permits-remote-code-execution/ https://securityonline.info/cve-2026-25526-critical-jinjava-flaw-cvss-9-8-permits-remote-code-execution/"
X Link 2026-02-09T01:46Z 10.3K followers, [----] engagements
"Zscaler reveals Marco Stealer a new malware harvesting crypto & cloud files. It uses AES-256 encryption & kills analysis tools. Learn how to detect it. #MarcoStealer #Zscaler #CyberSecurity #InfoSec #Malware #Crypto #CloudSecurity https://securityonline.info/marco-stealer-the-new-data-raider-targeting-crypto-cloud-storage/ https://securityonline.info/marco-stealer-the-new-data-raider-targeting-crypto-cloud-storage/"
X Link 2026-02-10T01:30Z 10.3K followers, [---] engagements
"VulnCheck reveals CVE-2025-11953 (Metro4Shell) was exploited in the wild since Dec [----]. Attackers target Windows & Linux dev servers. Patch now. #Metro4Shell #CVE202511953 #CyberSecurity #VulnCheck #DevSecOps #InfoSec #Exploit https://securityonline.info/silent-intrusion-metro4shell-exploited-in-the-wild-since-december/ https://securityonline.info/silent-intrusion-metro4shell-exploited-in-the-wild-since-december/"
X Link 2026-02-04T02:28Z 10.3K followers, [---] engagements
"APT28 (Fancy Bear) weaponized CVE-2026-21509 in [--] hours to target NATO. New "BeardShell" and "NotDoor" malware steals emails. Patch Office now. #APT28 #FancyBear #CyberSecurity #CVE202621509 #InfoSec #Espionage #NATO https://securityonline.info/apt28-weaponizes-office-flaw-to-spy-on-nato-military/ https://securityonline.info/apt28-weaponizes-office-flaw-to-spy-on-nato-military/"
X Link 2026-02-09T01:32Z 10.3K followers, [----] engagements
"CVSS [----] Alert: Kubernetes Local Path Provisioner flaw (CVE-2025-62878) allows host file overwrites. Upgrade to v0.0.34 immediately. #Kubernetes #K8s #CyberSecurity #CVE202562878 #CloudSecurity #InfoSec #DevSecOps https://securityonline.info/cve-2025-62878-critical-10-0-vulnerability-found-in-kubernetes-local-path-provisioner/ https://securityonline.info/cve-2025-62878-critical-10-0-vulnerability-found-in-kubernetes-local-path-provisioner/"
X Link 2026-02-09T01:34Z 10.3K followers, [---] engagements
"Critical Gogs flaws (CVE-2025-64111) allow RCE & 2FA bypass. Attackers can execute commands via .git config. Update to v0.13.4 immediately. #Gogs #Git #CyberSecurity #CVE202564111 #RCE #DevOps #InfoSec https://securityonline.info/triple-threat-critical-gogs-flaws-cvss-9-3-allow-rce-2fa-bypass/ https://securityonline.info/triple-threat-critical-gogs-flaws-cvss-9-3-allow-rce-2fa-bypass/"
X Link 2026-02-10T01:54Z 10.3K followers, [---] engagements
"North Korean hackers (UNC1069) use AI deepfakes & "ClickFix" tactics to deploy SILENCELIFT malware. Learn how they target crypto firms via Zoom. #UNC1069 #Deepfake #CryptoSecurity #CyberSecurity #InfoSec #AI #Malware https://securityonline.info/fake-ceo-real-hack-north-korea-uses-ai-deepfakes-to-steal-crypto/ https://securityonline.info/fake-ceo-real-hack-north-korea-uses-ai-deepfakes-to-steal-crypto/"
X Link 2026-02-11T02:05Z 10.3K followers, [---] engagements
"Critical Fiber framework vulnerability CVE-2025-66630 (CVSS 9.2) causes silent UUID failures leading to session hijacking. Update to v2.52.11 now. #FiberFramework #Golang #CyberSecurity #CVE202566630 #WebDev #InfoSec #UUID https://securityonline.info/fiber-optic-failure-predictable-uuids-expose-go-web-framework-to-hijacking/ https://securityonline.info/fiber-optic-failure-predictable-uuids-expose-go-web-framework-to-hijacking/"
X Link 2026-02-11T02:32Z 10.3K followers, [---] engagements
"Black Basta ransomware now embeds a vulnerable NsecSoft driver (BYOVD) to silently kill antivirus processes like Sophos & CrowdStrike. #BlackBasta #Ransomware #CyberSecurity #BYOVD #InfoSec #Malware #Cardinal https://securityonline.info/silent-killer-black-basta-bundles-byovd-driver-to-blind-antivirus/ https://securityonline.info/silent-killer-black-basta-bundles-byovd-driver-to-blind-antivirus/"
X Link 2026-02-10T01:46Z 10.3K followers, [---] engagements
"GitLab fixes critical CVE-2025-7659 (CVSS 8.0). Unauthenticated attackers can steal tokens via Web IDE. Update to v18.8.4 now to secure your code. #GitLab #DevOps #CyberSecurity #CVE20257659 #InfoSec #WebIDE #CodeSecurity https://securityonline.info/gitlab-patch-alert-high-severity-web-ide-flaw-exposes-private-repos/ https://securityonline.info/gitlab-patch-alert-high-severity-web-ide-flaw-exposes-private-repos/"
X Link 2026-02-11T02:01Z 10.3K followers, [---] engagements
"RansomWhen is the new open-source essential for AWS. Enumerate identities capable of locking S3 buckets with KMS and detect live ransomware events in minutes. https://meterpreter.org/locking-the-locks-how-ransomwhen-unmasks-the-identities-hijacking-your-aws-s3-buckets/ https://meterpreter.org/locking-the-locks-how-ransomwhen-unmasks-the-identities-hijacking-your-aws-s3-buckets/"
X Link 2026-02-11T08:00Z 10.3K followers, [---] engagements
"Stop guessing your EKS security posture. Use eks-security-scanner to build threat graphs detect privileged pods and audit RBAC/IAM access paths instantly. https://meterpreter.org/mapping-the-blast-radius-visualize-attack-paths-in-aws-eks-with-this-new-go-based-scanner/ https://meterpreter.org/mapping-the-blast-radius-visualize-attack-paths-in-aws-eks-with-this-new-go-based-scanner/"
X Link 2026-02-12T03:45Z 10.3K followers, [---] engagements
"MongoDB patches high-severity flaw. Unauthenticated attackers can crash servers via memory exhaustion. Update to v8.2.4 or v8.0.18 now. #MongoDB #CyberSecurity #CVE #DatabaseSecurity #InfoSec #DoS #PatchNow https://securityonline.info/mongodb-flaw-allows-unauthenticated-attackers-to-crash-database-servers/ https://securityonline.info/mongodb-flaw-allows-unauthenticated-attackers-to-crash-database-servers/"
X Link 2026-02-12T04:36Z 10.3K followers, [---] engagements
"Anthropic just unlocked Sonnet [---] File Creation and Connectors for all Claude Free users. No ads no paywallis this the end of ChatGPT's dominance #ClaudeAI #Anthropic #ChatGPT #AIWars #Sonnet45 #AdFree #TechNews2026 #GenerativeAI #Productivity https://securityonline.info/no-ads-no-paywall-anthropics-bold-sonnet-4-5-gambit-to-dethrone-chatgpt/ https://securityonline.info/no-ads-no-paywall-anthropics-bold-sonnet-4-5-gambit-to-dethrone-chatgpt/"
X Link 2026-02-12T08:40Z 10.3K followers, [--] engagements
"Microsoft is rotating UEFI Secure Boot certificates before they expire in June [----]. Ensure your PC stays secure by following this massive coordination effort. #SecureBoot #WindowsUpdate #UEFI #Microsoft #ITAdmin #FirmwareSecurity #Windows10 #Windows11 https://securityonline.info/the-15-year-deadline-microsoft-launches-massive-secure-boot-certificate-rotation-ahead-of-june-2026/ https://securityonline.info/the-15-year-deadline-microsoft-launches-massive-secure-boot-certificate-rotation-ahead-of-june-2026/"
X Link 2026-02-11T09:01Z 10.3K followers, [---] engagements
"Warning: 7zip . com has been hijacked to spread residential proxy malware. Learn how to identify this 7-Zip impersonator and protect your system. #7Zip #Phishing #Malware #CyberSecurity #ProxyBot #TechNews2026 #InfoSec #OnlineSafety #Trojan #Botnet https://securityonline.info/the-7-zip-trap-how-a-25-year-old-domain-was-weaponized-to-turn-your-pc-into-a-proxy-bot/ https://securityonline.info/the-7-zip-trap-how-a-25-year-old-domain-was-weaponized-to-turn-your-pc-into-a-proxy-bot/"
X Link 2026-02-11T09:09Z 10.3K followers, [---] engagements
"New LTX Stealer malware abuses Node.js & Inno Setup to bypass antivirus. This $10 tool steals browser passwords & crypto wallets. Stay alert. #LTXStealer #Malware #CyberSecurity #InfoSec #NodeJS #CryptoTheft #CYFIRMA https://securityonline.info/weaponized-code-ltx-stealer-abuses-node-js-to-bypass-antivirus/ https://securityonline.info/weaponized-code-ltx-stealer-abuses-node-js-to-bypass-antivirus/"
X Link 2026-02-12T01:39Z 10.3K followers, [---] engagements
"HPE Aruba patches critical Private 5G Core flaws. CVE-2026-23595 allows unauthenticated admin creation. Update to v1.25.1.0 now to prevent takeover. #HPEAruba #Private5G #CyberSecurity #CVE202623595 #InfoSec #NetworkSecurity #5G https://securityonline.info/5g-core-breach-critical-hpe-aruba-flaw-allows-unauthenticated-admin-takeover/ https://securityonline.info/5g-core-breach-critical-hpe-aruba-flaw-allows-unauthenticated-admin-takeover/"
X Link 2026-02-12T01:42Z 10.3K followers, [---] engagements
"Phishing emails use malicious Excel files to deploy XWorm RAT. The fileless attack exploits CVE-2018-0802 to steal data & control systems. #XWorm #Phishing #Malware #CyberSecurity #InfoSec #Excel #RAT https://securityonline.info/excel-trap-new-phishing-campaign-deploys-fileless-xworm-rat/ https://securityonline.info/excel-trap-new-phishing-campaign-deploys-fileless-xworm-rat/"
X Link 2026-02-12T01:49Z 10.3K followers, [---] engagements
"Cisco Talos reveals VoidLink a modular Linux malware framework by UAT-9921. Features "compile-on-demand" tools to target IoT & cloud infrastructure. #VoidLink #LinuxSecurity #CyberSecurity #UAT9921 #IoTSecurity #InfoSec #Malware https://securityonline.info/voidlink-rising-new-ai-ready-malware-framework-targets-linux-iot/ https://securityonline.info/voidlink-rising-new-ai-ready-malware-framework-targets-linux-iot/"
X Link 2026-02-12T01:57Z 10.3K followers, [---] engagements
"Critical EverShop flaw CVE-2026-25993 (CVSS 9.3) allows Second-Order SQL Injection via URL keys. Update to v2.1.1 to prevent store takeover. #EverShop #Ecommerce #CyberSecurity #CVE202625993 #SQLInjection #WebDev #InfoSec https://securityonline.info/cve-2026-25993-critical-evershop-sql-injection-cvss-9-3-exposes-stores/ https://securityonline.info/cve-2026-25993-critical-evershop-sql-injection-cvss-9-3-exposes-stores/"
X Link 2026-02-12T02:01Z 10.3K followers, [---] engagements
"Urgent: Apple patches zero-day CVE-2026-20700 in dyld. The flaw is being exploited in the wild against specific targets. Update to iOS [----] now. #Apple #iOS #ZeroDay #CyberSecurity #CVE202620700 #InfoSec #Spyware https://securityonline.info/apple-zero-day-cve-2026-20700-exploited-in-the-wild/ https://securityonline.info/apple-zero-day-cve-2026-20700-exploited-in-the-wild/"
X Link 2026-02-12T02:03Z 10.3K followers, [----] engagements
"Darktrace detects AI-generated "vibecoding" malware exploiting React2Shell (CVE-2025-55182). Attackers use AI to deploy XMRig miners on Docker. #AI #Malware #CyberSecurity #React2Shell #Vibecoding #Darktrace #Docker https://securityonline.info/the-rise-of-vibecoding-ai-generated-malware-exploits-react2shell/ https://securityonline.info/the-rise-of-vibecoding-ai-generated-malware-exploits-react2shell/"
X Link 2026-02-12T02:06Z 10.3K followers, [---] engagements
"Python cryptography flaw CVE-2026-26007 (CVSS 8.2) allows private key recovery via ECC Subgroup Attack. Update to v46.0.5 now. #Python #Cryptography #CyberSecurity #CVE202626007 #ECC #InfoSec #Encryption https://securityonline.info/cve-2026-26007-python-cryptography-flaw-cvss-8-2-leaks-private-keys/ https://securityonline.info/cve-2026-26007-python-cryptography-flaw-cvss-8-2-leaks-private-keys/"
X Link 2026-02-12T02:17Z 10.3K followers, [---] engagements
"Google Chrome [---] patches [--] security flaws including [--] high-severity bugs in CSS & Codecs. Update to v145.0.7632.45 now to stay safe. #GoogleChrome #CyberSecurity #Chrome145 #InfoSec #BrowserSecurity #PatchNow https://securityonline.info/chrome-145-patches-3-high-severity-flaws-in-css-codecs/ https://securityonline.info/chrome-145-patches-3-high-severity-flaws-in-css-codecs/"
X Link 2026-02-12T02:35Z 10.3K followers, [---] engagements
"PAN-OS flaw CVE-2026-0229 allows unauthenticated attackers to trigger reboot loops & maintenance mode via malicious packets. Patch immediately. #PaloAltoNetworks #PANOS #CyberSecurity #CVE20260229 #NetworkSecurity #InfoSec #Firewall https://securityonline.info/crash-loop-palo-alto-networks-flaw-cve-2026-0229-forces-maintenance-mode/ https://securityonline.info/crash-loop-palo-alto-networks-flaw-cve-2026-0229-forces-maintenance-mode/"
X Link 2026-02-12T02:50Z 10.3K followers, [---] engagements
"Public PoC released for Windows Storage flaw. Attackers can gain SYSTEM privileges via WUDFHost.exe. Patch Windows [--] immediately. #WindowsSecurity #CVE #ExploitCode #InfoSec #CyberSecurity #SysAdmin #PatchTuesday https://securityonline.info/exploit-code-released-windows-storage-elevation-of-privilege-flaw-details-now-public/ https://securityonline.info/exploit-code-released-windows-storage-elevation-of-privilege-flaw-details-now-public/"
X Link 2026-02-12T03:12Z 10.3K followers, [----] engagements
"iVerify uncovers ZeroDayRAT a turnkey mobile spyware on Telegram that grants "absolute mastery" over Android and iOS devices including live camera & 2FA theft. https://meterpreter.org/total-mobile-dominion-the-zerodayrat-spyware-turning-iphones-and-androids-into-open-books/ https://meterpreter.org/total-mobile-dominion-the-zerodayrat-spyware-turning-iphones-and-androids-into-open-books/"
X Link 2026-02-12T03:32Z 10.3K followers, [---] engagements
"Ivanti patches critical EPM flaw CVE-2026-1603 allowing remote unauthenticated attackers to steal credentials. Update to [----] SU5 immediately. #Ivanti #CyberSecurity #InfoSec #CVE20261603 #PatchTuesday #NetworkSecurity #AuthBypass https://securityonline.info/cve-2026-1603-remote-unauthenticated-attacker-can-steal-ivanti-epm-secrets/ https://securityonline.info/cve-2026-1603-remote-unauthenticated-attacker-can-steal-ivanti-epm-secrets/"
X Link 2026-02-12T04:28Z 10.3K followers, [---] engagements
"Googles [----] "Agent Commerce" shift uses the Universal Commerce Protocol to let AI agents buy products for you instantly. The search-to-sale gap is closing. #AgentCommerce #GoogleAI #Gemini #UCP #FutureOfShopping #DigitalMarketing2026 #Veo3 #AIAgents https://securityonline.info/from-search-to-sale-how-googles-agent-commerce-turns-gemini-into-your-personal-buyer/ https://securityonline.info/from-search-to-sale-how-googles-agent-commerce-turns-gemini-into-your-personal-buyer/"
X Link 2026-02-12T08:49Z 10.3K followers, [--] engagements
"Siris long-awaited AI overhaul is delayed again. Discover why Apple is postponing the "Gemini-powered" assistant until iOS [----] or later. #AppleIntelligence #SiriAI #iOS26 #AppleDelay #TechNews2026 #iPhone18 #SiriUpdate #GeminiAI #WWDC2026 #MobileAI https://securityonline.info/the-silent-assistant-why-apple-just-pulled-the-plug-on-siris-cerebral-transplant-for-ios-26-4/ https://securityonline.info/the-silent-assistant-why-apple-just-pulled-the-plug-on-siris-cerebral-transplant-for-ios-26-4/"
X Link 2026-02-12T09:33Z 10.3K followers, [--] engagements
"Havoc: modern and malleable post-exploitation command and control framework https://meterpreter.org/havoc-modern-and-malleable-post-exploitation-command-and-control-framework/ https://meterpreter.org/havoc-modern-and-malleable-post-exploitation-command-and-control-framework/"
X Link 2025-09-08T07:29Z [----] followers, [---] engagements
"Rust for Windows Drivers: A Major Step Forward But Not for Production Yet https://meterpreter.org/rust-for-windows-drivers-a-major-step-forward-but-not-for-production-yet/ https://meterpreter.org/rust-for-windows-drivers-a-major-step-forward-but-not-for-production-yet/"
X Link 2025-09-08T09:31Z [----] followers, [---] engagements
"Cyberattack Disrupts Bridgestones North American Operations https://meterpreter.org/cyberattack-disrupts-bridgestones-north-american-operations/ https://meterpreter.org/cyberattack-disrupts-bridgestones-north-american-operations/"
X Link 2025-09-08T09:54Z [----] followers, [---] engagements
"A new report reveals TAG-150 a sophisticated new threat actor with evolving malware and a resilient multi-tiered infrastructure including a new RAT called CastleRAT. #TAG150 #CastleRAT #Cybersecurity #Malware #APT https://securityonline.info/from-castleloader-to-castlerat-tag-150s-multi-tiered-cyber-arsenal-expands/ https://securityonline.info/from-castleloader-to-castlerat-tag-150s-multi-tiered-cyber-arsenal-expands/"
X Link 2025-09-09T01:20Z [----] followers, [---] engagements
"A critical flaw in Spring Cloud Gateway (CVE-2025-41243) has a CVSS [----] score. The bug allows property modification when actuator endpoints are exposed. Update now. #SpringCloud #Vulnerability #Cybersecurity #CVE #PatchNow https://securityonline.info/cve-2025-41243-cvss-10-critical-spring-cloud-gateway-server-webflux-flaw-exposes-property-modification-risk/ https://securityonline.info/cve-2025-41243-cvss-10-critical-spring-cloud-gateway-server-webflux-flaw-exposes-property-modification-risk/"
X Link 2025-09-09T01:31Z [----] followers, [---] engagements
"A critical flaw (CVSS 9.8) in macOS file copy APIs allows apps to bypass sandboxing and TCC protections to access protected user data. A PoC is public. #macOS #Vulnerability #Cybersecurity #CVE #PoC https://securityonline.info/cvss-9-8-flaw-in-macos-allows-apps-to-access-protected-user-data-poc-available/ https://securityonline.info/cvss-9-8-flaw-in-macos-allows-apps-to-access-protected-user-data-poc-available/"
X Link 2025-09-09T02:07Z [----] followers, [---] engagements
"Qualcomm and Google Cloud are teaming up to bring Gemini AI and other agentic experiences to vehicles promising a new era of smarter connected cars. #Qualcomm #GoogleCloud #AutomotiveAI #Gemini #TechPartnership https://securityonline.info/qualcomm-and-google-partner-to-bring-ai-to-the-car/ https://securityonline.info/qualcomm-and-google-partner-to-bring-ai-to-the-car/"
X Link 2025-09-09T03:22Z [----] followers, [---] engagements
"Google has released Chrome [---] patching two vulnerabilities including a critical use-after-free flaw in ServiceWorker and a high-severity flaw in Mojo. #Chrome #Vulnerability #Google #SecurityUpdate #BrowserSecurity https://securityonline.info/chrome-140-released-patches-critical-cve-2025-10200-and-high-severity-cve-2025-10201-vulnerabilities/ https://securityonline.info/chrome-140-released-patches-critical-cve-2025-10200-and-high-severity-cve-2025-10201-vulnerabilities/"
X Link 2025-09-10T01:37Z [----] followers, [---] engagements
"Siemens has disclosed a critical flaw in its SIVaaS platform. A network share is exposed without authentication allowing unauthenticated attackers to access or alter sensitive data. #Siemens #SIVaaS #Vulnerability #OTsecurity #Cybersecurity https://securityonline.info/cve-2025-40804-critical-flaw-in-siemens-sivaas-exposes-network-share-without-authentication/ https://securityonline.info/cve-2025-40804-critical-flaw-in-siemens-sivaas-exposes-network-share-without-authentication/"
X Link 2025-09-10T02:20Z [----] followers, [---] engagements
"A new Android banking trojan RatOn merges overlay fraud with NFC relay attacks automated money transfers and crypto wallet theft posing a new threat to users. #RatOn #AndroidTrojan #Cybercrime #MobileSecurity #NFC https://securityonline.info/raton-the-new-android-trojan-that-steals-crypto-and-uses-nfc-relay-attacks/ https://securityonline.info/raton-the-new-android-trojan-that-steals-crypto-and-uses-nfc-relay-attacks/"
X Link 2025-09-10T02:31Z [----] followers, [---] engagements
"Apple introduces the iPhone Air the thinnest and lightest iPhone yet. Powered by the A19 Pro chip this device is both durable and powerful. #iPhoneAir #Apple #ThinAndLight #A19Pro #Smartphone https://securityonline.info/apple-unveils-iphone-air-the-thinnest-lightest-and-most-durable-iphone-ever/ https://securityonline.info/apple-unveils-iphone-air-the-thinnest-lightest-and-most-durable-iphone-ever/"
X Link 2025-09-10T02:39Z [----] followers, [---] engagements
"Salesloft has announced the restoration of its integration with Salesforce following the incident linked to the Drift platform and its associated technologies. https://meterpreter.org/salesloft-restores-salesforce-integration-after-github-aws-breach/ https://meterpreter.org/salesloft-restores-salesforce-integration-after-github-aws-breach/"
X Link 2025-09-10T08:02Z [----] followers, [---] engagements
"A new Linux botnet Luno combines cryptomining and modular DDoS attacks. It's a "self-healing" threat that targets gaming platforms and disguises itself as legitimate processes. #LunoBotnet #LinuxMalware #DDoS #Cryptomining #Cybersecurity https://securityonline.info/luno-a-self-healing-linux-botnet-that-mines-crypto-and-launches-ddos-attacks/ https://securityonline.info/luno-a-self-healing-linux-botnet-that-mines-crypto-and-launches-ddos-attacks/"
X Link 2025-09-11T01:36Z [----] followers, [---] engagements
"Australian authorities issue an urgent alert on a critical SonicWall SSL VPN flaw actively exploited by Akira ransomware urging immediate patching. #Ransomware #Cybersecurity #SonicWall #Vulnerability #Cyberattack https://securityonline.info/acsc-warns-of-active-exploitation-of-sonicwall-ssl-vpn-vulnerability-cve-2024-40766/ https://securityonline.info/acsc-warns-of-active-exploitation-of-sonicwall-ssl-vpn-vulnerability-cve-2024-40766/"
X Link 2025-09-11T02:18Z [----] followers, [---] engagements
"A high-severity Angular SSR vulnerability (CVE-2025-59052) could expose user data. Learn about the flaw affected versions and how to protect your application. #Angular #Security #WebDev #Vulnerability #CVE #DataSecurity https://securityonline.info/angular-ssr-flaw-cve-2025-59052-exposes-user-data-what-developers-need-to-know/ https://securityonline.info/angular-ssr-flaw-cve-2025-59052-exposes-user-data-what-developers-need-to-know/"
X Link 2025-09-11T10:59Z [----] followers, [---] engagements
"Zscaler has uncovered kkRAT a new malware targeting Chinese-speaking users. The RAT steals crypto hijacks clipboards and uses RMM tools for covert long-term control. #kkRAT #Zscaler #Malware #Cybersecurity #Hacking https://securityonline.info/kkrat-a-new-malware-blends-crypto-hijacking-with-legitimate-rmm-tools/ https://securityonline.info/kkrat-a-new-malware-blends-crypto-hijacking-with-legitimate-rmm-tools/"
X Link 2025-09-12T01:45Z [----] followers, [---] engagements
"A local privilege escalation flaw in PyInstaller (CVE-2025-59042) could let attackers execute code. Check if your apps are at risk. #PyInstaller #Python #Security #Vulnerability #InfoSec #Cybersecurity https://securityonline.info/pyinstaller-flaw-are-your-python-apps-vulnerable-to-hijacking/ https://securityonline.info/pyinstaller-flaw-are-your-python-apps-vulnerable-to-hijacking/"
X Link 2025-09-12T02:17Z [----] followers, [---] engagements
"Okta Threat Intelligence uncovers VoidProxy a dangerous new Phishing-as-a-Service (PhaaS) platform that uses Adversary-in-the-Middle attacks to bypass MFA. #VoidProxy #Phishing #MFA #Cybersecurity #Okta https://securityonline.info/unveiling-voidproxy-the-phishing-as-a-service-that-bypasses-mfa/ https://securityonline.info/unveiling-voidproxy-the-phishing-as-a-service-that-bypasses-mfa/"
X Link 2025-09-12T02:34Z [----] followers, [---] engagements
"A new vulnerability (CVE-2025-58754) in the Axios library could allow attackers to crash Node.js processes via crafted data: URIs leading to a denial-of-service. #Axios #Nodejs #Vulnerability #Cybersecurity #DoS https://securityonline.info/cve-2025-58754-axios-vulnerability-puts-node-js-processes-at-risk-of-dos-attacks/ https://securityonline.info/cve-2025-58754-axios-vulnerability-puts-node-js-processes-at-risk-of-dos-attacks/"
X Link 2025-09-12T03:17Z [----] followers, [---] engagements
"OpenAI and Microsoft have reached a new agreement that gives both companies equal equity stakes solidifying a long-term partnership in AI development. #OpenAI #Microsoft #AI #TechNews #Business https://securityonline.info/openai-and-microsoft-solidify-partnership-in-new-restructuring-deal/ https://securityonline.info/openai-and-microsoft-solidify-partnership-in-new-restructuring-deal/"
X Link 2025-09-12T03:59Z [----] followers, [---] engagements
"Google unveils VaultGemma the first LLM trained with differential privacy. The open-source model achieves near non-private performance setting a new standard for privacy-first AI. #VaultGemma #DifferentialPrivacy #AI #Google #OpenSource https://securityonline.info/vaultgemma-googles-new-ai-model-is-the-first-with-differential-privacy/ https://securityonline.info/vaultgemma-googles-new-ai-model-is-the-first-with-differential-privacy/"
X Link 2025-09-15T01:33Z [----] followers, [---] engagements
"A critical flaw (CVE-2025-58434) in FlowiseAI allows unauthenticated attackers to hijack any account. The bug has a CVSS [---] score and a PoC has been released. #FlowiseAI #Vulnerability #AccountTakeover #Cybersecurity #PatchNow https://securityonline.info/poc-available-flowiseai-flaw-cve-2025-58434-allows-full-account-takeover-cvss-9-8/ https://securityonline.info/poc-available-flowiseai-flaw-cve-2025-58434-allows-full-account-takeover-cvss-9-8/"
X Link 2025-09-15T02:14Z [----] followers, [---] engagements
"New patches for CUPS the open-source Linux printing system fix two flaws that can lead to remote DoS and authentication bypass. #CUPS #Linux #Cybersecurity #Vulnerability #Printing https://securityonline.info/cups-flaws-allow-linux-remote-dos-cve-2025-58364-and-authentication-bypass-cve-2025-58060/ https://securityonline.info/cups-flaws-allow-linux-remote-dos-cve-2025-58364-and-authentication-bypass-cve-2025-58060/"
X Link 2025-09-15T02:45Z [----] followers, [---] engagements
"Samsung has released its September security updates for Android addressing a critical zero-day vulnerability that had already been exploited in active attacks. https://meterpreter.org/samsung-users-update-now-to-patch-critical-zero-day-vulnerability/ https://meterpreter.org/samsung-users-update-now-to-patch-critical-zero-day-vulnerability/"
X Link 2025-09-15T03:35Z [----] followers, [---] engagements
"Qualcomm has officially unveiled the Snapdragon [--] Elite Gen [--] and Xiaomi will be the first to launch it in its upcoming Xiaomi [--] series this September. #Snapdragon #Qualcomm #Xiaomi #TechNews #Smartphone https://securityonline.info/qualcomm-unveils-the-snapdragon-8-elite-gen-5-launching-first-with-xiaomi/ https://securityonline.info/qualcomm-unveils-the-snapdragon-8-elite-gen-5-launching-first-with-xiaomi/"
X Link 2025-09-15T10:38Z [----] followers, [---] engagements
"Wine [-----] is here with a new NTSYNC driver that promises to boost Windows game performance on Linux paving the way for Proton [--]. #WineHQ #LinuxGaming #WindowsGamesOnLinux #NTSYNC #TechNews https://securityonline.info/wine-10-15-a-major-step-towards-faster-windows-gaming-on-linux/ https://securityonline.info/wine-10-15-a-major-step-towards-faster-windows-gaming-on-linux/"
X Link 2025-09-16T10:49Z [----] followers, [---] engagements
"A new Linux kernel flaw CVE-2025-38501 exposes KSMBD servers to unauthenticated remote DoS attacks. A public PoC is available now. #KSMBDrain #Linux #DoS #CVE #Vulnerability https://securityonline.info/ksmbdrain-cve-2025-38501-linux-kernel-flaw-allows-remote-dos-attacks-poc-available/ https://securityonline.info/ksmbdrain-cve-2025-38501-linux-kernel-flaw-allows-remote-dos-attacks-poc-available/"
X Link 2025-09-17T01:57Z [----] followers, [---] engagements
"A medium-severity vulnerability (CVE-2025-9708) in the Kubernetes C# client allows MITM attacks and API impersonation. Update now to patch. #Kubernetes #Cybersecurity #Vulnerability #CVE #APIsecurity https://securityonline.info/kubernetes-c-client-flaw-exposes-api-to-mitm-attacks-cve-2025-9708/ https://securityonline.info/kubernetes-c-client-flaw-exposes-api-to-mitm-attacks-cve-2025-9708/"
X Link 2025-09-17T02:15Z [----] followers, [---] engagements
"HPE Aruba Networking has patched multiple high-severity flaws in its SD-WAN gateways. The bugs could lead to RCE privilege escalation and unauthorized access. #HPEAruba #Vulnerability #Cybersecurity #SDWAN #PatchNow https://securityonline.info/multiple-high-severity-vulnerabilities-found-in-hpe-aruba-networking-edgeconnect-sd-wan-gateways/ https://securityonline.info/multiple-high-severity-vulnerabilities-found-in-hpe-aruba-networking-edgeconnect-sd-wan-gateways/"
X Link 2025-09-17T04:09Z [----] followers, [---] engagements
"A critical vulnerability (CVE-2025-9242) in WatchGuard's Fireware OS could allow an unauthenticated remote attacker to execute arbitrary code. #WatchGuard #FirewareOS #Vulnerability #CVE https://securityonline.info/cve-2025-9242-critical-watchguard-flaw-allows-remote-code-execution/ https://securityonline.info/cve-2025-9242-critical-watchguard-flaw-allows-remote-code-execution/"
X Link 2025-09-17T09:40Z [----] followers, [---] engagements
"Google has released an urgent Chrome update patching a V8 zero-day (CVE-2025-10585) being exploited in the wild along with other high-severity flaws. #Chrome #ZeroDay #Vulnerability #Cybersecurity #PatchNow https://securityonline.info/chrome-emergency-update-zero-day-cve-2025-10585-in-v8-exploited-in-the-wild/ https://securityonline.info/chrome-emergency-update-zero-day-cve-2025-10585-in-v8-exploited-in-the-wild/"
X Link 2025-09-18T01:40Z [----] followers, [---] engagements
"A new Linux kernel vulnerability CVE-2025-21692 can be exploited to achieve remote code execution by manipulating the ETS qdisc a simple but critical flaw. #Linux #Vulnerability #RCE #Cybersecurity https://securityonline.info/from-simple-bug-to-rce-a-flaw-cve-2025-21692-in-the-linux-kernel-poc-published/ https://securityonline.info/from-simple-bug-to-rce-a-flaw-cve-2025-21692-in-the-linux-kernel-poc-published/"
X Link 2025-09-18T01:47Z [----] followers, [---] engagements
"A new Rowhammer attack "Phoenix" bypasses DDR5 protections on all tested SK Hynix devices enabling memory corruption and privilege escalation. #Rowhammer #DDR5 #Cybersecurity #Phoenix #Memory https://securityonline.info/phoenix-cve-2025-6202-a-new-rowhammer-attack-bypasses-ddr5-protections/ https://securityonline.info/phoenix-cve-2025-6202-a-new-rowhammer-attack-bypasses-ddr5-protections/"
X Link 2025-09-18T01:50Z [----] followers, [---] engagements
"A critical vulnerability in HubSpots Jinjava template engine (CVE-2025-59340) could lead to remote code execution. Patch immediately to secure your site. #HubSpot #Vulnerability #RCE #Cybersecurity #CVE https://securityonline.info/cve-2025-59340-critical-hubspots-jinjava-engine-flaw-exposes-thousands-of-websites-to-rce/ https://securityonline.info/cve-2025-59340-critical-hubspots-jinjava-engine-flaw-exposes-thousands-of-websites-to-rce/"
X Link 2025-09-19T02:32Z [----] followers, [---] engagements
"A critical vulnerability (CVE-2025-9961) in TP-Link routers' CWMP service allows remote code execution bypassing ASLR. Patch your device immediately. https://meterpreter.org/critical-flaw-discovered-in-tp-link-routers/ https://meterpreter.org/critical-flaw-discovered-in-tp-link-routers/"
X Link 2025-09-19T08:17Z [----] followers, [---] engagements
"Meta is opening its smart glasses to outside developers allowing them to build new AI-powered services for Ray-Ban and Oakley smart glasses. #Meta #SmartGlasses #AI #TechNews #Connect2025 https://securityonline.info/meta-opens-smart-glasses-platform-to-developers-and-ai/ https://securityonline.info/meta-opens-smart-glasses-platform-to-developers-and-ai/"
X Link 2025-09-22T01:22Z [----] followers, [---] engagements
"A new report reveals a CWMP service flaw in TP-Link routers that can be exploited for RCE. Researchers have published a detailed write-up and a PoC on GitHub. #TPLink #RCE #Vulnerability #Cybersecurity https://securityonline.info/cve-2025-9961-tp-link-router-flaw-could-be-exploited-for-rce-poc-released/ https://securityonline.info/cve-2025-9961-tp-link-router-flaw-could-be-exploited-for-rce-poc-released/"
X Link 2025-09-22T01:52Z [----] followers, [---] engagements
"AhnLab has uncovered BlackLock a Go-based ransomware targeting Windows Linux and VMware ESXi. The malware uses advanced crypto and covert backup deletion. #BlackLock #Ransomware #Cybercrime #AhnLab #Cybersecurity https://securityonline.info/blacklock-ransomware-a-new-cross-platform-threat-spreading-rapidly/ https://securityonline.info/blacklock-ransomware-a-new-cross-platform-threat-spreading-rapidly/"
X Link 2025-09-22T02:47Z [----] followers, [---] engagements
"A critical flaw (CVE-2025-55241) in Microsoft Entra ID could have allowed a compromise of every tenant worldwide by bypassing security with "Actor tokens." #EntraID #AzureAD #Vulnerability #Cybersecurity #Microsoft https://securityonline.info/cve-2025-55241-microsoft-entra-id-flaw-with-cvss-10-0-could-have-compromised-every-tenant-worldwide/ https://securityonline.info/cve-2025-55241-microsoft-entra-id-flaw-with-cvss-10-0-could-have-compromised-every-tenant-worldwide/"
X Link 2025-09-22T03:09Z [----] followers, [---] engagements
"AhnLab has uncovered Kawa4096 a Go-based ransomware targeting Windows Linux and VMware ESXi. The malware uses advanced crypto and covert backup deletion. #Kawa4096 #Ransomware #Cybercrime #AhnLab #Cybersecurity https://securityonline.info/kawa4096-a-new-ransomware-group-with-akira-style-branding-and-qilin-like-notes/ https://securityonline.info/kawa4096-a-new-ransomware-group-with-akira-style-branding-and-qilin-like-notes/"
X Link 2025-09-23T01:50Z [----] followers, [---] engagements
"Nimbo-C2 agent supports x64 Windows & Linux. It's written in Nim with some usage of .NET on Windows (by dynamically loading the CLR to the process). https://meterpreter.org/nimbo-c2-simple-and-lightweight-c2-framework-written-in-nim/ https://meterpreter.org/nimbo-c2-simple-and-lightweight-c2-framework-written-in-nim/"
X Link 2025-09-23T08:11Z [----] followers, [---] engagements
"SolarWinds has released an urgent hotfix for its Web Help Desk software patching an unauthenticated RCE vulnerability (CVE-2025-26399) that bypasses earlier fixes. #SolarWinds #RCE #Vulnerability #Cybersecurity #CVE https://securityonline.info/cve-2025-26399-cvss-9-8-solarwinds-web-help-desk-hit-by-critical-rce-vulnerability/ https://securityonline.info/cve-2025-26399-cvss-9-8-solarwinds-web-help-desk-hit-by-critical-rce-vulnerability/"
X Link 2025-09-23T08:48Z [----] followers, [---] engagements
"Apple has disabled signature verification for iOS 18.6.2 preventing users from downgrading from iOS [--] effectively locking them into the new OS. #Apple #iOS26 #Downgrade #TechNews #iPhone https://securityonline.info/no-going-back-apple-disables-ios-26-downgrades/ https://securityonline.info/no-going-back-apple-disables-ios-26-downgrades/"
X Link 2025-09-23T09:16Z [----] followers, [---] engagements
"Microsoft has fixed a long-standing bug in Windows Hello removing the upgrade block that prevented affected devices from installing Windows [--] version 24H2. #WindowsHello #Windows11 #Microsoft #BugFix #TechNews https://securityonline.info/long-standing-windows-hello-bug-finally-fixed-after-11-months/ https://securityonline.info/long-standing-windows-hello-bug-finally-fixed-after-11-months/"
X Link 2025-09-24T01:40Z [----] followers, [---] engagements
"Zscaler ThreatLabz has uncovered a new backdoor malware YiBackdoor that shares extensive code with IcedID and Latrodectus and is being tested for ransomware ops. #YiBackdoor #Malware #Ransomware #Cybersecurity #IcedID https://securityonline.info/new-malware-yibackdoor-linked-to-icedid-and-latrodectus/ https://securityonline.info/new-malware-yibackdoor-linked-to-icedid-and-latrodectus/"
X Link 2025-09-24T02:04Z [----] followers, [---] engagements
"CISA has added a high-severity V8 zero-day (CVE-2025-10585) to its exploited vulnerabilities catalog. An urgent Chrome update is available to patch the flaw. #Chrome #ZeroDay #Vulnerability #Cybersecurity #CISA https://securityonline.info/cisa-adds-chrome-zero-day-cve-2025-10585-to-kev-after-public-exploit-appears/ https://securityonline.info/cisa-adds-chrome-zero-day-cve-2025-10585-to-kev-after-public-exploit-appears/"
X Link 2025-09-24T04:23Z [----] followers, [---] engagements
"A SNMP flaw (CVE-2025-20352) in Cisco IOS/IOS XE is being actively exploited allowing attackers root access. Urgent patching and mitigation required #Cisco #SNMP #CVE #CyberSecurity #PatchNow https://securityonline.info/cisco-snmp-flaw-cve-2025-20352-actively-exploited-patch-now-to-stop-root-access/ https://securityonline.info/cisco-snmp-flaw-cve-2025-20352-actively-exploited-patch-now-to-stop-root-access/"
X Link 2025-09-25T02:11Z [----] followers, [---] engagements
"Shoggoth is an open-source project based on C++ and asmjit library used to encrypt given shellcode PE and COFF files polymorphically. Shoggoth will generate an output file that stores the payload and its corresponding loader in an obfuscated form. https://meterpreter.org/shoggoth-asmjit-based-polymorphic-encryptor/ https://meterpreter.org/shoggoth-asmjit-based-polymorphic-encryptor/"
X Link 2025-09-25T08:07Z [----] followers, [---] engagements
"Cisco patches a Critical [---] zero-day (CVE-2025-20333) in ASA/FTD VPN web servers. Authenticated attackers can exploit the flaw for root-level Remote Code Execution. #CiscoZeroDay #RCE #ASAVulnerability #PatchCritical https://securityonline.info/critical-cisco-zero-day-cve-2025-20333-cvss-9-9-under-active-attack-vpn-flaw-allows-root-rce/ https://securityonline.info/critical-cisco-zero-day-cve-2025-20333-cvss-9-9-under-active-attack-vpn-flaw-allows-root-rce/"
X Link 2025-09-26T01:18Z [----] followers, [---] engagements
"A vulnerability dubbed "LNK Stomping" (CVE-2024-38217) is actively used to strip the 'Mark of the Web' from LNK files bypassing Windows security policies. #LNKStomping #MoTW #WindowsSecurity #CVE #Cyberattack https://securityonline.info/lnk-stomping-attackers-bypass-windows-security-by-stripping-the-mark-of-the-web/ https://securityonline.info/lnk-stomping-attackers-bypass-windows-security-by-stripping-the-mark-of-the-web/"
X Link 2025-09-26T01:57Z [----] followers, [---] engagements
"SUSE patches three flaws in Rancher Manager. A phishing vulnerability (CVSS 8.1) can steal admin tokens while a DoS flaw can lock out administrators. #Rancher #SAMLPhishing #KubernetesSecurity #CVE #PatchNow https://securityonline.info/suse-rancher-security-team-patches-three-vulnerabilities-in-rancher-manager/ https://securityonline.info/suse-rancher-security-team-patches-three-vulnerabilities-in-rancher-manager/"
X Link 2025-09-29T02:19Z [----] followers, [---] engagements
"A DLL hijacking flaw (CVE-2025-56383) in Notepad++ v8.8.3 allows attackers to replace a trusted DLL with a malicious one to execute arbitrary code. #NotepadPlusPlus #DLLHijacking #CVE #Cybersecurity #SecurityAlert https://securityonline.info/dll-hijacking-flaw-cve-2025-56383-found-in-notepad-allowing-arbitrary-code-execution-poc-available/ https://securityonline.info/dll-hijacking-flaw-cve-2025-56383-found-in-notepad-allowing-arbitrary-code-execution-poc-available/"
X Link 2025-09-29T02:46Z [----] followers, [---] engagements
"GoAnywhere MFT Zero-Day Actively Exploited for Days Before Patch Release CVE-2025-10035 stems from a deserialization bug in the License Servlet component enabling unauthenticated command injection. https://meterpreter.org/goanywhere-mft-zero-day-actively-exploited-for-days-before-patch-release/ https://meterpreter.org/goanywhere-mft-zero-day-actively-exploited-for-days-before-patch-release/"
X Link 2025-09-29T07:54Z [----] followers, [---] engagements
"Broadcom has patched three flaws in VMware Aria Operations and VMware Tools. The vulnerabilities include privilege escalation and information disclosure. #Broadcom #VMware #SecurityPatch #CVE #Cybersecurity https://securityonline.info/broadcom-patches-vmware-flaws-privilege-escalation-and-info-disclosure-vulnerabilities-affect-vmware-tools-and-aria-operations/ https://securityonline.info/broadcom-patches-vmware-flaws-privilege-escalation-and-info-disclosure-vulnerabilities-affect-vmware-tools-and-aria-operations/"
X Link 2025-09-30T01:44Z [----] followers, [---] engagements
"A critical RCE flaw (CVSS 10) in Doxense's Watchdoc print management solution allows unauthenticated attackers to execute code and take control of the print server. #Watchdoc #RCE #CVE #Cybersecurity #PrintServer https://securityonline.info/cve-2025-58384-cvss-10-critical-rce-flaw-found-in-watchdoc-print-management-software/ https://securityonline.info/cve-2025-58384-cvss-10-critical-rce-flaw-found-in-watchdoc-print-management-software/"
X Link 2025-09-30T01:54Z [----] followers, [---] engagements
"Broadcom patches three vulnerabilities in VMware vCenter and NSX. The flaws could lead to SMTP header injection and username enumeration increasing the risk of unauthorized access. #Broadcom #VMware #SecurityPatch #vCenter #NSX https://securityonline.info/broadcom-fixes-multiple-vmware-vcenter-and-nsx-vulnerabilities/ https://securityonline.info/broadcom-fixes-multiple-vmware-vcenter-and-nsx-vulnerabilities/"
X Link 2025-09-30T02:08Z [----] followers, [---] engagements
"Zero-Day PoC Published: Local Privilege Escalation Flaw in VMware Tools Used by Chinese APT #VMwareZeroDay #UNC5174 #Cybersecurity #PrivilegeEscalation #PatchNow https://securityonline.info/zero-day-poc-published-privilege-escalation-flaw-in-vmware-tools-used-by-chinese-apt/ https://securityonline.info/zero-day-poc-published-privilege-escalation-flaw-in-vmware-tools-used-by-chinese-apt/"
X Link 2025-09-30T02:29Z [----] followers, [---] engagements
"OpenSSL patches three flaws including CVE-2025-9230 (RCE/DoS risk) and a SM2 timing side-channel (CVE-2025-9231) that could allow private key recovery on ARM64. #OpenSSL #Crypto #SecurityPatch #CVE9230 #TimingAttack https://securityonline.info/openssl-patches-three-flaws-timing-side-channel-rce-risk-and-memory-corruption-affect-all-versions/ https://securityonline.info/openssl-patches-three-flaws-timing-side-channel-rce-risk-and-memory-corruption-affect-all-versions/"
X Link 2025-10-01T02:06Z [----] followers, [---] engagements
"A critical flaw (CVE-2025-7493) in FreeIPA allows authenticated users to exploit Kerberos alias checks to gain full domain administrator privileges. Patch to v4.12.5 now. #FreeIPA #CVE #PrivilegeEscalation #Kerberos #Cybersecurity https://securityonline.info/cve-2025-7493-critical-flaw-in-freeipa-allows-host-users-to-escalate-to-domain-administrator/ https://securityonline.info/cve-2025-7493-critical-flaw-in-freeipa-allows-host-users-to-escalate-to-domain-administrator/"
X Link 2025-10-01T03:00Z [----] followers, [---] engagements
"A critical flaw (CVE-2025-10725) in Red Hat OpenShift AI allows low-privileged users to escalate to full cluster admin privileges risking complete platform compromise. #OpenShiftAI #RedHat #CVE #Kubernetes #Cybersecurity https://securityonline.info/cve-2025-10725-cvss-9-9-red-hat-openshift-ai-privilege-escalation-flaw-could-lead-to-full-cluster-compromise/ https://securityonline.info/cve-2025-10725-cvss-9-9-red-hat-openshift-ai-privilege-escalation-flaw-could-lead-to-full-cluster-compromise/"
X Link 2025-10-01T04:16Z [----] followers, [---] engagements
"The Django team released urgent updates (v5.2.7 5.1.13 4.2.25) to fix a High-severity SQL Injection flaw (CVE-2025-59681) affecting QuerySet methods in MySQL/MariaDB. #Django #SQLInjection #Cybersecurity #WebDev #PatchNow https://securityonline.info/django-security-alert-high-severity-sql-injection-flaw-cve-2025-59681-fixed-in-latest-updates/ https://securityonline.info/django-security-alert-high-severity-sql-injection-flaw-cve-2025-59681-fixed-in-latest-updates/"
X Link 2025-10-02T01:35Z [----] followers, [---] engagements
"Splunk issued patches for six flaws including a High-severity blind SSRF (CVE-2025-20371) and XSS issues that could allow attackers to access sensitive data and crash the platform. #Splunk #SplunkSecurity #SSRF #XSS #Cybersecurity https://securityonline.info/splunk-fixes-six-flaws-including-unauthenticated-ssrf-and-xss-vulnerabilities-in-enterprise-platform/ https://securityonline.info/splunk-fixes-six-flaws-including-unauthenticated-ssrf-and-xss-vulnerabilities-in-enterprise-platform/"
X Link 2025-10-02T01:47Z [----] followers, [---] engagements
"AI-Powered CAPTCHA Solver is a Python-based command-line tool that uses large multimodal models (LMMs) like OpenAI's GPT-4o and Google's Gemini to automatically solve various types of CAPTCHAs. https://meterpreter.org/ai-captcha-solver-new-tool-uses-gpt-4o-and-gemini-to-beat-various-web-security-challenges/ https://meterpreter.org/ai-captcha-solver-new-tool-uses-gpt-4o-and-gemini-to-beat-various-web-security-challenges/"
X Link 2025-10-06T02:34Z [----] followers, [---] engagements
"A flaw in the Unity Runtime (CVE-2025-59489) allows local code execution in games via DLL injection through the Android intent handler. Developers must rebuild their apps. #Unity #CVE #GameSecurity #RCE #PatchNow https://securityonline.info/unity-flaw-cve-2025-59489-allows-local-code-execution-in-millions-of-games/ https://securityonline.info/unity-flaw-cve-2025-59489-allows-local-code-execution-in-millions-of-games/"
X Link 2025-10-06T03:43Z [----] followers, [---] engagements
"Synacktiv exposed a critical flaw chain in Snipe-IT. A low-privileged user can exploit a Stored XSS (CVE-2025-59712) to hijack admin sessions and trigger RCE (CVE-2025-59713) via unsafe deserialization. #SnipeIT #RCEChain #Deserialization #Cybersecurity https://securityonline.info/snipe-it-flaw-chained-xss-cve-2025-59712-to-rce-cve-2025-59713-achieves-full-server-compromise-poc-released/ https://securityonline.info/snipe-it-flaw-chained-xss-cve-2025-59712-to-rce-cve-2025-59713-achieves-full-server-compromise-poc-released/"
X Link 2025-10-07T01:22Z [----] followers, [---] engagements
"A Chinese APT used fake Cloudflare verification pages and malicious LNK files to inject PlugX via DLL sideloading into a Serbian aviation agency aiming for long-term espionage. #PlugX #ChineseAPT #Spearphishing #CyberEspionage #DLLsideloading https://securityonline.info/chinese-apt-launches-spearphishing-campaign-using-fake-cloudflare-lure-to-deliver-plugx-malware/ https://securityonline.info/chinese-apt-launches-spearphishing-campaign-using-fake-cloudflare-lure-to-deliver-plugx-malware/"
X Link 2025-10-07T01:30Z [----] followers, [---] engagements
"A Critical (CVSS 10.0) zero-day RCE flaw (CVE-2025-10035) in GoAnywhere MFT is being actively exploited by the Medusa ransomware group Storm-1175. Patch immediately. #GoAnywhere #CVE10035 #Ransomware #Storm1175 #ZeroDay https://securityonline.info/critical-rce-cve-2025-10035-in-goanywhere-mft-used-by-medusa-ransomware-group/ https://securityonline.info/critical-rce-cve-2025-10035-in-goanywhere-mft-used-by-medusa-ransomware-group/"
X Link 2025-10-07T01:41Z [----] followers, [---] engagements
"CrowdStrike warns that the Critical RCE zero-day (CVE-2025-61882) in Oracle E-Business Suite is being actively exploited by GRACEFUL SPIDER (Clop affiliate) for corporate data theft. Patch immediately. #OracleEBS #ZeroDay #CVE #Ransomware #CrowdStrike https://securityonline.info/oracle-ebs-zero-day-cve-2025-61882-under-active-rce-exploitation-by-graceful-spider/ https://securityonline.info/oracle-ebs-zero-day-cve-2025-61882-under-active-rce-exploitation-by-graceful-spider/"
X Link 2025-10-07T02:15Z [----] followers, [---] engagements
"Elastic patched five flaws in Kibana/Elasticsearch including three Critical XSS issues (CVE-2025-25009) and credential leaks urging immediate upgrades to v8.18.8+. #Elasticsearch #Kibana #XSS #CVE #Cybersecurity https://securityonline.info/elastic-fixes-multiple-high-severity-vulnerabilities-in-kibana-and-elasticsearch/ https://securityonline.info/elastic-fixes-multiple-high-severity-vulnerabilities-in-kibana-and-elasticsearch/"
X Link 2025-10-07T02:29Z [----] followers, [---] engagements
"OpenAI CEO Sam Altman announced at DevDay that ChatGPT now has [---] million weekly active users making it the world's most dominant generative AI platform. #ChatGPT #AIAdoption #800Million #OpenAI #GenerativeAI https://securityonline.info/chatgpt-reaches-800-million-weekly-users-cementing-dominance-in-generative-ai-adoption/ https://securityonline.info/chatgpt-reaches-800-million-weekly-users-cementing-dominance-in-generative-ai-adoption/"
X Link 2025-10-07T03:12Z [----] followers, [---] engagements
"Chrome 141.0.7390.65/66 is released patching High-severity memory flaws: CVE-2025-11458 (Sync Heap Overflow) and CVE-2025-11460 (Storage UAF) risking RCE. Update immediately. #ChromeUpdate #MemorySafety #CVE #UAF #SecurityAlert https://securityonline.info/chrome-141-stable-fixes-two-high-severity-flaws-heap-overflow-in-sync-and-uaf-in-storage/ https://securityonline.info/chrome-141-stable-fixes-two-high-severity-flaws-heap-overflow-in-sync-and-uaf-in-storage/"
X Link 2025-10-08T02:22Z [----] followers, [---] engagements
"CISA added the Zimbra XSS zero-day (CVE-2025-27915) to its KEV Catalog due to active exploitation since January. Attackers use malicious .ICS files to steal mail data. #ZimbraXSS #ZeroDay #CVE #CISA_KEV #PatchNow https://securityonline.info/zimbra-xss-zero-day-cve-2025-27915-actively-exploited-cisa-adds-to-kev-catalog/ https://securityonline.info/zimbra-xss-zero-day-cve-2025-27915-actively-exploited-cisa-adds-to-kev-catalog/"
X Link 2025-10-08T02:55Z [----] followers, [---] engagements
"A Critical (CVSS 9.9) flaw (CVE-2025-44823) in Nagios Log Server allows any authenticated user to retrieve plaintext administrative API keys leading to full system compromise. Update now. #Nagios #APILeak #Cybersecurity #CVE #LogServer https://securityonline.info/critical-nagios-flaw-cve-2025-44823-cvss-9-9-leaks-plaintext-admin-api-keys-poc-available/ https://securityonline.info/critical-nagios-flaw-cve-2025-44823-cvss-9-9-leaks-plaintext-admin-api-keys-poc-available/"
X Link 2025-10-08T03:59Z [----] followers, [---] engagements
"Google launched the Gemini [---] Computer Use model enabling AI agents to interact directly with web interfaces (clicking typing) to execute complex multi-step tasks. #GeminiAI #ComputerUse #WebAutomation #AIAgent #GoogleDeepMind https://securityonline.info/google-unveils-gemini-2-5-computer-use-the-next-gen-ai-model-that-takes-action-on-web-interfaces/ https://securityonline.info/google-unveils-gemini-2-5-computer-use-the-next-gen-ai-model-that-takes-action-on-web-interfaces/"
X Link 2025-10-08T04:33Z [----] followers, [---] engagements
"patched a Critical (CVSS 9.3) flaw in Akka.Remote (CVE-2025-61778). Missing mutual TLS allows unauthenticated untrusted clients to connect to secure clusters. #AkkaNet #CVE #mTLS #Cybersecurity #DistributedSystems https://securityonline.info/critical-akka-net-flaw-cve-2025-61778-cvss-9-3-allows-untrusted-nodes-to-join-secure-clusters/ http://Akka.NET https://securityonline.info/critical-akka-net-flaw-cve-2025-61778-cvss-9-3-allows-untrusted-nodes-to-join-secure-clusters/ http://Akka.NET"
X Link 2025-10-09T01:40Z [----] followers, [---] engagements
"CrowdStrike patched two flaws in Falcon Sensor for Windows (CVE-2025-42701). Attackers with local code execution can delete arbitrary files risking system stability. #CrowdStrike #FalconSensor #WindowsSecurity #FileDeletion #Cybersecurity https://securityonline.info/crowdstrike-releases-fixes-for-two-falcon-sensor-for-windows-vulnerabilities-cve-2025-42701-cve-2025-42706/ https://securityonline.info/crowdstrike-releases-fixes-for-two-falcon-sensor-for-windows-vulnerabilities-cve-2025-42701-cve-2025-42706/"
X Link 2025-10-09T01:55Z [----] followers, [---] engagements
"GitLab patched two high-severity flaws: CVE-2025-11340 (Auth Bypass) allows API write access with read-only tokens and CVE-2025-10004 permits unauthenticated DoS via GraphQL. #GitLab #GraphQL #CVE #SecurityUpdate #DevOps https://securityonline.info/gitlab-patches-two-high-severity-flaws-in-graphql-api-affecting-both-ce-and-ee-editions/ https://securityonline.info/gitlab-patches-two-high-severity-flaws-in-graphql-api-affecting-both-ce-and-ee-editions/"
X Link 2025-10-09T02:14Z [----] followers, [---] engagements
"Unit [--] exposed the IUAM ClickFix Generator an automated phishing tool that tricks victims into manually executing PowerShell commands to install DeerStealer and Odyssey malware. #ClickFix #PhishingKit #SocialEngineering #Cybercrime https://securityonline.info/clickfix-phishing-new-automated-kits-trick-users-into-manually-running-malware-and-stealers/ https://securityonline.info/clickfix-phishing-new-automated-kits-trick-users-into-manually-running-malware-and-stealers/"
X Link 2025-10-10T01:36Z [----] followers, [---] engagements
"Expel uncovered a phishing attack using Cache Smuggling to deliver malware. The technique uses a fake Fortinet lure and PowerShell to execute a payload staged in the browser's cache bypassing network detection. #CacheSmuggling #ClickFix #MalwareEvasion https://securityonline.info/zero-download-malware-new-cache-smuggling-phishing-attack-delivers-payload-via-browser-cache/ https://securityonline.info/zero-download-malware-new-cache-smuggling-phishing-attack-delivers-payload-via-browser-cache/"
X Link 2025-10-10T01:39Z [----] followers, [---] engagements
"NVIDIA released an urgent update for its GPU Display Driver fixing multiple high-severity flaws including RCE via an uncontrolled DLL loading path (CVE-2025-23309). Update now. #NVIDIA #GPUdriver #Cybersecurity #RCE #CVE https://securityonline.info/nvidia-gpu-driver-patches-multiple-high-severity-flaws-risking-rce-and-privilege-escalation/ https://securityonline.info/nvidia-gpu-driver-patches-multiple-high-severity-flaws-risking-rce-and-privilege-escalation/"
X Link 2025-10-10T02:39Z [----] followers, [---] engagements
"A Critical (CVSS 9.4) flaw in Happy DOM allows untrusted JavaScript to escape the Node.js VM context and achieve RCE on the host system via the Function inheritance chain. Update to v20. #HappyDOM #VMEscape #RCE #Nodejs #Cybersecurity https://securityonline.info/cve-2025-61927-cvss-9-4-critical-rce-flaw-discovered-in-happy-dom-over-2-7-million-weekly-downloads-impacted/ https://securityonline.info/cve-2025-61927-cvss-9-4-critical-rce-flaw-discovered-in-happy-dom-over-2-7-million-weekly-downloads-impacted/"
X Link 2025-10-13T03:00Z [----] followers, [---] engagements
"A consortium of LAPSUS$/ShinyHunters hackers launched an EaaS campaign claiming [--] billion records stolen from [--] Salesforce customers and demanded a ransom before an October [--] deadline. #SalesforceHack #Extortion #TrinityOfChaos #Cybercrime https://securityonline.info/hacker-alliance-demands-ransom-scattered-lapsus-hunters-claim-1-billion-records-stolen-from-salesforce/ https://securityonline.info/hacker-alliance-demands-ransom-scattered-lapsus-hunters-claim-1-billion-records-stolen-from-salesforce/"
X Link 2025-10-14T01:50Z [----] followers, [---] engagements
"Veeam patched two Critical RCE flaws (CVE-2025-48983 & -48984) in Backup & Replication v12 that let authenticated domain users compromise backup infrastructure. #Veeam #RCE #Cybersecurity #CVE https://securityonline.info/critical-rce-flaws-cve-2025-48983-cve-2025-48984-cvss-9-9-found-in-veeam-backup-replication/ https://securityonline.info/critical-rce-flaws-cve-2025-48983-cve-2025-48984-cvss-9-9-found-in-veeam-backup-replication/"
X Link 2025-10-15T02:26Z [----] followers, [---] engagements
"Samba released an urgent fix for a Critical (CVSS 10.0) RCE flaw (CVE-2025-10230) allowing unauthenticated command injection on AD DCs when the WINS hook is enabled. #Samba #RCE #Cybersecurity https://securityonline.info/critical-samba-rce-flaw-cve-2025-10230-cvss-10-0-allows-unauthenticated-command-injection-on-ad-dcs/ https://securityonline.info/critical-samba-rce-flaw-cve-2025-10230-cvss-10-0-allows-unauthenticated-command-injection-on-ad-dcs/"
X Link 2025-10-16T02:41Z [----] followers, [---] engagements
"RPC Investigator (RPCI) is a .NET/C# Windows Forms UI application that provides an advanced discovery and analysis interface to Windows RPC endpoints. https://meterpreter.org/rpc-investigator-advanced-discovery-and-analysis-interface-to-windows-rpc-endpoints/ https://meterpreter.org/rpc-investigator-advanced-discovery-and-analysis-interface-to-windows-rpc-endpoints/"
X Link 2025-10-16T08:47Z [----] followers, [---] engagements
"Resecurity exposed Qilin RaaS's reliance on bulletproof hosting (BPH) in Russia/HK. The same network was linked to the Asahi Group Holdings ransomware attack that stole [--] GB of data. #Qilin #Ransomware #BPH #Cybercrime https://securityonline.info/qilin-ransomwares-resilience-exposed-bulletproof-hosting-network-underpins-asahi-group-holdings-attack/ https://securityonline.info/qilin-ransomwares-resilience-exposed-bulletproof-hosting-network-underpins-asahi-group-holdings-attack/"
X Link 2025-10-17T01:49Z [----] followers, [---] engagements
"Hydra [--] released. CHANGELOG for [---] =================== Development moved to a public github. http://t.co/B5GasQiuIM http://fb.me/1mc131kgx http://fb.me/1mc131kgx"
X Link 2014-05-12T18:44Z [----] followers, [--] engagements
"Best SQL Injection Tools for Penetration Testers [--]. BSQL Hacker This is a useful tool for both experts and. http://t.co/o0uDhYOths http://fb.me/1oWzboPFb http://fb.me/1oWzboPFb"
X Link 2014-10-27T08:22Z [----] followers, [--] engagements
"I liked a @YouTube video GoldenEye Layer [--] DoS Test Tool http://youtu.be/qhYiFLDVuD8a http://youtu.be/qhYiFLDVuD8a"
X Link 2016-05-22T11:57Z [----] followers, [--] engagements
"Kali Linux [------] Fix sound mute and start pulseaudio on startup http://kalilinux.co/forums/topic/kali-linux-2016-2-fix-sound-mute-and-start-pulseaudio-on-startup/#.WHcDZXTvwy4.twitter http://kalilinux.co/forums/topic/kali-linux-2016-2-fix-sound-mute-and-start-pulseaudio-on-startup/#.WHcDZXTvwy4.twitter"
X Link 2017-01-12T04:17Z [----] followers, [--] engagements
"PyREBox: a Python scriptable Reverse Engineering sandbox https://goo.gl/crpXaA https://goo.gl/crpXaA"
X Link 2017-08-22T12:01Z [----] followers, [--] engagements
"angularjs-csti-scanner: Automated client-side template injection (sandbox escape/bypass) detection for AngularJS https://securityonline.info/angularjs-csti-scanner-automated-client-side-template-injection-sandbox-escapebypass-detection-angularjs/ https://securityonline.info/angularjs-csti-scanner-automated-client-side-template-injection-sandbox-escapebypass-detection-angularjs/"
X Link 2017-09-27T10:47Z [----] followers, [--] engagements
"angularjs-csti-scanner: Automated client-side template injection (sandbox escape/bypass) detection for AngularJS https://goo.gl/i6SvBM https://goo.gl/i6SvBM"
X Link 2017-10-10T12:01Z [----] followers, [--] engagements
"ClickHouse: a free analytic DBMS for big data #opensource #infosec #Security #pentest https://securityonline.info/clickhouse-analystic-dbms-bigdata/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost https://securityonline.info/clickhouse-analystic-dbms-bigdata/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost"
X Link 2017-12-26T22:11Z [----] followers, [--] engagements
"yersinia: A framework for layer [--] attacks #opensource #infosec #Security #pentest https://securityonline.info/yersinia-framework-layer-2-attacks/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost https://securityonline.info/yersinia-framework-layer-2-attacks/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost"
X Link 2018-01-06T13:17Z [----] followers, [--] engagements
"CVE-2018-5702: Transmission BitTorrent flaw allow hacker to take control your computer https://securityonline.info/cve-2018-5702-transmission-bittorrent-flaw-allow-hacker-to-take-control-your-computer/ https://securityonline.info/cve-2018-5702-transmission-bittorrent-flaw-allow-hacker-to-take-control-your-computer/"
X Link 2018-01-17T02:53Z [----] followers, [--] engagements
"MorphAES: IDPS & SandBox & AntiVirus STEALTH KILLER #opensource #infosec #Security #pentest https://securityonline.info/morphaes-idps-sandbox-antivirus-stealth-killer/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost https://securityonline.info/morphaes-idps-sandbox-antivirus-stealth-killer/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost"
X Link 2018-03-22T02:38Z [----] followers, [--] engagements
"cloudfrunt: dentifying misconfigured CloudFront domains https://securityonline.info/cloudfrunt-dentifying-misconfigured-cloudfront-domains/ https://securityonline.info/cloudfrunt-dentifying-misconfigured-cloudfront-domains/"
X Link 2018-04-06T02:51Z [----] followers, [--] engagements
"Collection HTML/CSS/JavaScript/SQL: Static analysis tools #opensource #infosec #infosecurity #Security #pentest https://securityonline.info/collection-htmlcssjavascriptsql-static-analysis-tools/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost https://securityonline.info/collection-htmlcssjavascriptsql-static-analysis-tools/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost"
X Link 2018-04-17T04:00Z [----] followers, [--] engagements
"cloudfrunt: dentifying misconfigured CloudFront domains #opensource #infosec #Security #pentest https://securityonline.info/cloudfrunt-dentifying-misconfigured-cloudfront-domains/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost https://securityonline.info/cloudfrunt-dentifying-misconfigured-cloudfront-domains/utm_source=ReviveOldPost&utm_medium=social&utm_campaign=ReviveOldPost"
X Link 2018-04-28T20:07Z [----] followers, [--] engagements
Limited data mode. Full metrics available with subscription: lunarcrush.com/pricing