[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.] #  @rst_cloud RST Cloud RST Cloud posts on X about llm, microsoft, geo, ukraine the most. They currently have XXX followers and XXX posts still getting attention that total XX engagements in the last XX hours. ### Engagements: XX [#](/creator/twitter::2990778574/interactions)  - X Week XXXXX +50% - X Month XXXXX +219% - X Months XXXXX -XX% - X Year XXXXXX +7,338% ### Mentions: X [#](/creator/twitter::2990778574/posts_active)  ### Followers: XXX [#](/creator/twitter::2990778574/followers)  - X Week XXX +1.30% - X Month XXX +9.40% - X Months XXX +106% ### CreatorRank: undefined [#](/creator/twitter::2990778574/influencer_rank)  ### Social Influence [#](/creator/twitter::2990778574/influence) --- **Social category influence** [stocks](/list/stocks) [technology brands](/list/technology-brands) [countries](/list/countries) [cryptocurrencies](/list/cryptocurrencies) [exchanges](/list/exchanges) **Social topic influence** [llm](/topic/llm), [microsoft](/topic/microsoft), [geo](/topic/geo), [ukraine](/topic/ukraine), [binance](/topic/binance), [zoom](/topic/zoom), [solana](/topic/solana), [shell](/topic/shell), [ip](/topic/ip), [japan](/topic/japan) **Top assets mentioned** [Microsoft Corp. (MSFT)](/topic/microsoft) [Solana (SOL)](/topic/solana) ### Top Social Posts [#](/creator/twitter::2990778574/posts) --- Top posts by engagements in the last XX hours "#threatreport #LowCompleteness Critical SonicWall SMA Vulnerability CVE-2025-40599: What You Need to Know 25-07-2025 Source: Key details below 🧑💻Actors/Campaigns: Unc6148 💀Threats: Overstep Abyss_locker Vsociety 🎯Victims: Organizations relying on sonicwall sma XXX series devices 🔓CVEs: CVE-2021-20038 - CVSS V3.1: *9.8* - Vulners: Exploitation: True Soft: - sonicwall sma_200_firmware (10.2.0.8-37sv 10.2.1.1-19sv 10.2.1.2-24sv) CVE-2024-38475 - CVSS V3.1: *9.1* - Vulners: Exploitation: True Soft: - apache http_server (2.4.60) CVE-2025-40599 - CVSS V3.1: *9.1* - Vulners: Exploitation:"  [@rst_cloud](/creator/x/rst_cloud) on [X](/post/tweet/1949168240329945330) 2025-07-26 18:01:36 UTC XXX followers, XX engagements "#threatreport #LowCompleteness Inside The ToolShell Campaign 27-07-2025 Source: Key details below 💀Threats: Toolshell_vuln Keysiphon 🎯Victims: Organizations 🔓CVEs: CVE-2025-49706 - CVSS V3.1: *6.5* - Vulners: Exploitation: True Soft: - microsoft sharepoint_enterprise_server (2016) - microsoft sharepoint_server (16.0.18526.20424 2019) CVE-2025-53771 - CVSS V3.1: *6.5* - Vulners: Exploitation: True CVE-2025-49704 - CVSS V3.1: *8.8* - Vulners: Exploitation: True Soft: - microsoft sharepoint_server (2016 2019) CVE-2025-53770 - CVSS V3.1: *9.8* - Vulners: Exploitation: True Soft: - microsoft"  [@rst_cloud](/creator/x/rst_cloud) on [X](/post/tweet/1949666753484615886) 2025-07-28 03:02:31 UTC XXX followers, XX engagements "#threatreport #MediumCompleteness Hive0156 continues Remcos campaigns against Ukraine 23-07-2025 Source: Key details below 🧑💻Actors/Campaigns: Uac0184 💀Threats: Remcos_rat Hijackloader Rshell Process_injection_technique Uac_bypass_technique 🎯Victims: Ukrainian military personnel Members of the ukrainian military Organizations and personnel in or with association to the ukrainian military General audience in ukraine 🏭Industry: Military 🌐Geo: Russian Ukrainian Iran Ukraine 🤖LLM extracted TTPs: T1005 T1027 T1055.012 T1059.001 T1071.001 T1105 T1140 T1204.002 T1480.001 T1566.001 . 🧨IOCs: -"  [@rst_cloud](/creator/x/rst_cloud) on [X](/post/tweet/1949636418772377711) 2025-07-28 01:01:59 UTC XXX followers, XX engagements "#threatreport #LowCompleteness Threat Intelligence: An Analysis of a Malicious Solana Open-source Trading Bot 22-07-2025 Source: Key details below 🏭Industry: Financial Government 🤖LLM extracted TTPs: T1005 T1027 T1041 T1071.001 T1195 T1552.001 🧨IOCs: - IP: X - Hash: X - File: X 💽Software: SlowMist Zoom 🪙Crypto: solana binance 🔢Algorithms: base58 sha256 🔠Functions: create_coingecko_proxy import_wallet import_env_var from_utf8 to_base58_string main new 🗂Win API: Arc 📜Programming Languages: python #threatreport: In July 2025 investigations by the SlowMist security team revealed that the"  [@rst_cloud](/creator/x/rst_cloud) on [X](/post/tweet/1949778136549245145) 2025-07-28 10:25:07 UTC XXX followers, XX engagements "#threatreport #LowCompleteness In-Depth Analysis of an Obfuscated Web Shell Script 27-07-2025 Source: Key details below 🎯Victims: Critical national infrastructure 🌐Geo: Middle east 🤖LLM extracted TTPs: T1005 T1083 T1505.003 🧨IOCs: - File: X - Hash: X 🔢Algorithms: sha256 base64 🔠Functions: GetBasicServerInfo GetBasicServerApplicationInfo GetDrives GetDriveInformation GetWebRoot GetFileSystemsList DeleteDirectory GetDirectoryInformation SetDirectoryTime SetDirectoryAttributes . 🗂Win API: CreateDirectory CopyFile MoveFile DeleteFile SetFileTime 📜Programming Languages: c_language python"  [@rst_cloud](/creator/x/rst_cloud) on [X](/post/tweet/1949621140810277233) 2025-07-28 00:01:16 UTC XXX followers, XX engagements "#threatreport #LowCompleteness Weekly Threat Infrastructure Investigation(Week29) 26-07-2025 Source: Key details below 💀Threats: Cobalt_strike_tool Netsupportmanager_rat Sliver_c2_tool Redguard_tool Brc4_tool 🌐Geo: Japan 🤖LLM extracted TTPs: T1071 T1105 T1219 🧨IOCs: - IP: XX #threatreport: A recent investigation into command and control (C2) infrastructure in Japan has revealed the presence of XX C2 servers operational within the region. The survey utilized the Censys search function to identify these servers with the research period spanning from July XX to July XX 2025. Notably the"  [@rst_cloud](/creator/x/rst_cloud) on [X](/post/tweet/1949198612535132323) 2025-07-26 20:02:18 UTC XXX followers, XX engagements "#threatreport #LowCompleteness ToolShell Aftermath: What Defenders Should Do After Patching CVE-2025-53770 25-07-2025 Source: Key details below 💀Threats: Toolshell_vuln Thor 🔓CVEs: CVE-2025-53770 - CVSS V3.1: *9.8* - Vulners: Exploitation: True Soft: - microsoft sharepoint_server (16.0.18526.20508 2016 2019) 🤖LLM extracted TTPs: T1005 T1059.001 T1078 T1105 T1140 T1190 T1505.003 T1552.004 🧨IOCs: - File: X - Path: X 💽Software: Event Tracing for Windows SharePoint server 🔢Algorithms: base64 📜Programming Languages: powershell YARA: Found SIGMA: Found #threatreport: The ToolShell"  [@rst_cloud](/creator/x/rst_cloud) on [X](/post/tweet/1949213850156355890) 2025-07-26 21:02:51 UTC XXX followers, XXX engagements
[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]
@rst_cloud RST Cloud
RST Cloud posts on X about llm, microsoft, geo, ukraine the most. They currently have XXX followers and XXX posts still getting attention that total XX engagements in the last XX hours.
Engagements: XX #
- X Week XXXXX +50%
- X Month XXXXX +219%
- X Months XXXXX -XX%
- X Year XXXXXX +7,338%
Mentions: X #
Followers: XXX #
- X Week XXX +1.30%
- X Month XXX +9.40%
- X Months XXX +106%
CreatorRank: undefined #
Social Influence #
Social category influence stocks technology brands countries cryptocurrencies exchanges
Social topic influence llm, microsoft, geo, ukraine, binance, zoom, solana, shell, ip, japan
Top assets mentioned Microsoft Corp. (MSFT) Solana (SOL)
Top Social Posts #
Top posts by engagements in the last XX hours
"#threatreport #LowCompleteness Critical SonicWall SMA Vulnerability CVE-2025-40599: What You Need to Know 25-07-2025 Source: Key details below 🧑💻Actors/Campaigns: Unc6148 💀Threats: Overstep Abyss_locker Vsociety 🎯Victims: Organizations relying on sonicwall sma XXX series devices 🔓CVEs: CVE-2021-20038 - CVSS V3.1: 9.8 - Vulners: Exploitation: True Soft: - sonicwall sma_200_firmware (10.2.0.8-37sv 10.2.1.1-19sv 10.2.1.2-24sv) CVE-2024-38475 - CVSS V3.1: 9.1 - Vulners: Exploitation: True Soft: - apache http_server (2.4.60) CVE-2025-40599 - CVSS V3.1: 9.1 - Vulners: Exploitation:"
@rst_cloud on X 2025-07-26 18:01:36 UTC XXX followers, XX engagements
"#threatreport #LowCompleteness Inside The ToolShell Campaign 27-07-2025 Source: Key details below 💀Threats: Toolshell_vuln Keysiphon 🎯Victims: Organizations 🔓CVEs: CVE-2025-49706 - CVSS V3.1: 6.5 - Vulners: Exploitation: True Soft: - microsoft sharepoint_enterprise_server (2016) - microsoft sharepoint_server (16.0.18526.20424 2019) CVE-2025-53771 - CVSS V3.1: 6.5 - Vulners: Exploitation: True CVE-2025-49704 - CVSS V3.1: 8.8 - Vulners: Exploitation: True Soft: - microsoft sharepoint_server (2016 2019) CVE-2025-53770 - CVSS V3.1: 9.8 - Vulners: Exploitation: True Soft: - microsoft" @rst_cloud on X 2025-07-28 03:02:31 UTC XXX followers, XX engagements
"#threatreport #MediumCompleteness Hive0156 continues Remcos campaigns against Ukraine 23-07-2025 Source: Key details below 🧑💻Actors/Campaigns: Uac0184 💀Threats: Remcos_rat Hijackloader Rshell Process_injection_technique Uac_bypass_technique 🎯Victims: Ukrainian military personnel Members of the ukrainian military Organizations and personnel in or with association to the ukrainian military General audience in ukraine 🏭Industry: Military 🌐Geo: Russian Ukrainian Iran Ukraine 🤖LLM extracted TTPs: T1005 T1027 T1055.012 T1059.001 T1071.001 T1105 T1140 T1204.002 T1480.001 T1566.001 . 🧨IOCs: -" @rst_cloud on X 2025-07-28 01:01:59 UTC XXX followers, XX engagements
"#threatreport #LowCompleteness Threat Intelligence: An Analysis of a Malicious Solana Open-source Trading Bot 22-07-2025 Source: Key details below 🏭Industry: Financial Government 🤖LLM extracted TTPs: T1005 T1027 T1041 T1071.001 T1195 T1552.001 🧨IOCs: - IP: X - Hash: X - File: X 💽Software: SlowMist Zoom 🪙Crypto: solana binance 🔢Algorithms: base58 sha256 🔠Functions: create_coingecko_proxy import_wallet import_env_var from_utf8 to_base58_string main new 🗂Win API: Arc 📜Programming Languages: python #threatreport: In July 2025 investigations by the SlowMist security team revealed that the" @rst_cloud on X 2025-07-28 10:25:07 UTC XXX followers, XX engagements
"#threatreport #LowCompleteness In-Depth Analysis of an Obfuscated Web Shell Script 27-07-2025 Source: Key details below 🎯Victims: Critical national infrastructure 🌐Geo: Middle east 🤖LLM extracted TTPs: T1005 T1083 T1505.003 🧨IOCs: - File: X - Hash: X 🔢Algorithms: sha256 base64 🔠Functions: GetBasicServerInfo GetBasicServerApplicationInfo GetDrives GetDriveInformation GetWebRoot GetFileSystemsList DeleteDirectory GetDirectoryInformation SetDirectoryTime SetDirectoryAttributes . 🗂Win API: CreateDirectory CopyFile MoveFile DeleteFile SetFileTime 📜Programming Languages: c_language python" @rst_cloud on X 2025-07-28 00:01:16 UTC XXX followers, XX engagements
"#threatreport #LowCompleteness Weekly Threat Infrastructure Investigation(Week29) 26-07-2025 Source: Key details below 💀Threats: Cobalt_strike_tool Netsupportmanager_rat Sliver_c2_tool Redguard_tool Brc4_tool 🌐Geo: Japan 🤖LLM extracted TTPs: T1071 T1105 T1219 🧨IOCs: - IP: XX #threatreport: A recent investigation into command and control (C2) infrastructure in Japan has revealed the presence of XX C2 servers operational within the region. The survey utilized the Censys search function to identify these servers with the research period spanning from July XX to July XX 2025. Notably the" @rst_cloud on X 2025-07-26 20:02:18 UTC XXX followers, XX engagements
"#threatreport #LowCompleteness ToolShell Aftermath: What Defenders Should Do After Patching CVE-2025-53770 25-07-2025 Source: Key details below 💀Threats: Toolshell_vuln Thor 🔓CVEs: CVE-2025-53770 - CVSS V3.1: 9.8 - Vulners: Exploitation: True Soft: - microsoft sharepoint_server (16.0.18526.20508 2016 2019) 🤖LLM extracted TTPs: T1005 T1059.001 T1078 T1105 T1140 T1190 T1505.003 T1552.004 🧨IOCs: - File: X - Path: X 💽Software: Event Tracing for Windows SharePoint server 🔢Algorithms: base64 📜Programming Languages: powershell YARA: Found SIGMA: Found #threatreport: The ToolShell" @rst_cloud on X 2025-07-26 21:02:51 UTC XXX followers, XXX engagements