🔍 2025's top OSINT tools are here! Whether you're tracking domains, digging up metadata, or investigating social networks, this list has the latest free & paid tools. 🧵 Let’s run through some of the best picks for #OSINT pros and cybersecurity analysts:

#OperationEndgame: Authorities shut down infrastructure for Rhadamanthys Infostealer, VenomRAT and the Elysium botnet, seize 1025 servers and arrest one key suspect. Read: https://t.co/i4n5sQL8MT #CyberCrime #Malware #Rhadamanthys #Infostealer #CyberSecurity

🚨 Urgent patch alert: a 9.9/10 severity flaw (CVE-2025-42887) in #SAP Solution Manager allows code injection and full system takeover. Act now. Read: https://t.co/XaAadSHiyQ #CyberSecurity #Vulnerability #ZeroDay #InfoSec #PatchNow

⚠️ Researchers have discovered a vulnerability in #Sora2 that allows its hidden system prompt to leak through audio output. 🤖 🔗 https://t.co/VzflHDCwxS #AI #Sora #Cybersecurity #OpenAI #Infosec #Vulnerability

The #DarkComet spyware for Windows, once linked to the CIA in #WikiLeaks’ Vault 7 leak, is back and now targeting your crypto wallets and data through fake Bitcoin wallet and trading apps. Read: https://t.co/WFHkhPF5kf #CyberSecurity #Bitcoin #Crypto #Trading #Malware

🪝 North Korea-linked #KONNI hackers used KakaoTalk and Google Find Hub to spy on victims and remotely wipe #Android devices in a targeted phishing campaign. Read: https://t.co/PMp7bX7gCi #CyberSecurity #NorthKorea #SouthKorea #Spyware #KakaoTalk

⚠️ Real #facebookmail.com invites are being exploited in a large phishing campaign targeting businesses on #Meta platforms. One company received more than 4,200 malicious invite emails.🪝 Read more: https://t.co/4fSmdL5DmP #Cybersecurity #FacebookBusiness #Phishing #Scam

Cl0p ransomware claims NHS UK breach days after breaching The Washington Post, stealing 183GB of data through Oracle EBS flaws, a breach confirmed by the Post. Read: https://t.co/2rohJ3gqrI #CyberSecurity #Cl0p #Ransomware #Oracle #NHS #DataBreach

NEW 📢 Have I Been Pwned just added 1.96 billion accounts from the Synthient credential data. Check if your email or password is in the list. 🚨 Read: https://t.co/iqNq7M21Cl #CyberSecurity #HaveIBeenPwned #DataBreach #Passwords #Infosec

Welp; over 206,000 developers downloaded a fake npm package that targeted #GitHub’s code base to steal credentials. Read: https://t.co/iSWRgywG4K #npm #CyberSecurity #Malware #SupplyChain #Developers

NEW: Open-weight #AI models face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data with success rates up to 92.78%. Read: https://t.co/lZfECY9kZh #CyberSecurity #OpenModels #InfoSec #Cisco

⚖️ Intel files lawsuit against Jinfeng Luo, a former engineer accusing Luo of stealing about 18,000 files, including “Top Secret” Intel data, just days before his termination. Read more: https://t.co/zgAUZfOM7Q #CyberSecurity #Intel #DataBreach #InsiderThreat

A new Android spyware called #LANDFALL used fake WhatsApp images to infect Samsung Galaxy phones by exploiting a cricket zero-click vulnerability. Read: https://t.co/JMOQBQdzqv #CyberSecurity #Samsung #SamsungGalaxy #Spyware #WhatsApp

🛑 “I Paid Twice” scam hits hotels and guests using #PureRAT via ClickFix. Attackers breach booking accounts like #Booking.com, then message travelers about fake payment issues to steal bank info. Read 🔗 https://t.co/T7isjJ6Mu1 #Cybersecurity #Malware #Phishing #ClickFix

FBI has issued a federal subpoena aimed at unmasking the anonymous operator of #Archive.ph (also known as ArchiveToday / ArchiveIs) - what this means for web-archiving is massive. Read more: https://t.co/gY5i4iFmNF #CyberSecurity #ArchivePh #InternetArchive #ArchiveToday

A pre-auth RCE vulnerability (CVE-2025-34299) in #MonstaFTP lets attackers drop web shells and seize full control of servers. Over 5,000 instances exposed online. Update to version 2.11.3 or later 📌 🔗 Read: https://t.co/b9zMutShOO #CyberSecurity #InfoSec #Vulnerability #RCE

FBI has issued a federal subpoena aimed at unmasking the anonymous operator of #Archive.ph (also known as ArchiveToday / ArchiveIs) - what this means for web-archiving is massive. Read more: https://t.co/gY5i4iFmNF #CyberSecurity #ArchivePh #InternetArchive #ArchiveToday

🛑 “I Paid Twice” scam hits hotels and guests using #PureRAT via ClickFix. Attackers breach booking accounts like #Booking.com, then message travelers about fake payment issues to steal bank info. Read 🔗 https://t.co/T7isjJ6Mu1 #Cybersecurity #Malware #Phishing #ClickFix

New scam targets Swapzone users, sending fake “0-day” exploit emails that lure victims to paste malicious #Javascript snippet into their browser. Read: https://t.co/RL1AhH4MTh #Crypto #Phishing #Swapzone #Malware #InfoSec #CyberSecurity

🚨 NEW: Tenable reports 7 critical vulnerability found across #ChatGPT models let attackers steal user data and inject malicious memory instructions. 🔗 https://t.co/Ot7GrdjS08 #AIsecurity #Vulnerability #Privacy #LLM #Cybersecurity #AI

🚨 New: Hackers from the #CavalryWerewolf group targeted a Russian government organisation with phishing emails and a new backdoor called #ShellNET to gain remote access. Read more: https://t.co/vUslwNMdXe #CyberSecurity #Malware #Infosec #ThreatIntel #Phishing #Russia