JAMESWT
@JAMESWT_WT
Followers
37K
Following
87K
Media
10K
Statuses
55K
#Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcW https://t.co/WODUKncjFy
Joined August 2015
"CONFERMA IL TUO BONIFICO BANCARIO" @intesasanpaolo
#spam email #Italy spread #RemCosRat Eml>Img>js>exe RemcosRAT C2: ⛔️198.23.177.]222:3565 ⛔️arusicucloud.]es:3565 Samples👇 https://t.co/XixCdMn6gs 👇
2
3
20
Interesting #rmsrat sample: https://t.co/ZsHg0baeJK , which has connections to specific domains: erpezvit\.com ezvit\.net me-doc\.com Domains have one the same registrator and pretty poor detection ratio on VT for today (3/XX), being ITW from Aug 2025. https://t.co/zcazBCGiWu
0
2
5
Dopo essersi insediati, i garanti, che pretendono di viaggiare solo in business class, hanno aumentato le spese di rappresentanza: sono arrivate a 400 mila euro l'anno. Domenica sera Report tornerà a occuparsi del Garante della privacy con documenti esclusivi 👇
188
707
2K
Save up to 60 % OFF on Web3 Domains! + free .coms using code SAVEBIG. This is it. The biggest domain sale we’ve ever done.
14
5
110
FUD on VirusTotal Uploaded as "carrierRegistration.exe" Signed by "Super Creative Oy Ltd" 42d552db687411023d8e7c60ed1d8a101782ac9a Uses PDF icon; runs "whoami" and "hostname" to prevent full sandbox analysis: https://app.any[.]run/tasks/fe2d0f5b-eeae-44dc-a659-2e030d993878
2
5
28
⚠️ AI-driven ransomware surge in Europe Generative AI is abused to automate phishing, create malware, scale extortion. Europe is heavily targeted as attackers use AI for recon and personalised lures—urgent need for detection and governance now. 🔗 read more:
gbhackers.com
European organizations are facing an unprecedented surge in ransomware attacks as cybercriminals increasingly adopt artificial intelligence.
0
1
5
⚠️ Major Swedish software supplier breach hits 15M A data breach at Swedish software provider Telia-owned company #Affectus (Fasthosts?) impacts about 15M records including passwords and payment data. #ransomNews #supplyChain #databreach
0
3
2
6
22
130
🚨 Campagna di phishing Banca d’Italia @AgidCert segnala una campagna di #phishing che utilizza abusivamente del nome e del logo della Banca d’Italia. Fingendo un "aggiornamento antiriciclaggio" viene chiesto di inserire credenziali e il codice OTP ricevuto. @sonoclaudio
1
10
24
⚠️ Microsoft Teams flaws exploited Attackers abuse #Teams flaws to deliver #malware, hijack accounts and escalate access via malicious links, bots or external apps. Patch, restrict apps, enforce conditional access, monitor telemetry. #ransomNews #MicrosoftTeams #infosec
0
2
3
⚠️ @AnthropicAI launch desktop extensions for Claude #Claude now supports “Desktop Extensions” (DXT/.mcpb) enabling one-click installs of local Model Context Protocol (MCP) servers to integrate #AI with local tools and files, while raising questions about surface exposure from
1
1
5
"Ordinazione d'acquisto" #spam #ita ⛔️62.60.239].118/102/ 👇 oo09ihjj90khnb0/ou909h890090jjhggtr6789jhjjgkggjhgj0900090kjjhghjgjhgjgjbvbcf900s923jh23jhs9d8f398f92932.dOC? 👇 vrc.exe ⛔️go.arcanite.]ch #PureLogs Stealer C2 185.149.24.]201:22330 Samples👇 https://t.co/KqI9hf8XJH
0
3
18
🚨 Malicious “SleepyDuck” hijacks developer workflows A malicious VS Code extension named #SleepyDuck leverages compromised NPM packages to implant a reverse shell in dev environments, enabling code injection, credential theft and lateral movement. 🔗 read more:
0
6
21
#NetSupport #Rat 👇 Client32.ini MD5 👇 3106d32d0a7e71a30d05bac9abeec324 ⛔️88.214.27.]75:443 e1236f231b6bfef71f73927efdee847e ⛔️5.181.156.]244:443 1416fa393fd5164f00d09fbb84363fd1 ⛔️5.181.156.]238:443 cc @500mk500
1
7
21
#compromised ⚠️ https://t.co/lFJecQtKwL
#Italy
#AgentTesla Protocol: smtp Host: mail.memosrl.]it Port: 587 Username: ⚠️supporto@memosrl.it Email To: ⛔️charlesjoe1979@gmail.com Samples👇 https://t.co/4IKvvGQzQB
2
8
25
Samples Collection Updated/tagged 👇 ✅ https://t.co/2DbmLHzMIB ✅ https://t.co/LoU5zYw1iZ cc @abuse_ch
Interesting bash script that spreads through 89.110.95.186 (VDSINA 🇷🇺), fully undetected (FUD) by any AV 🔥. The script conducts various modifications on Linux based systems ⚙️ and uses iptables to forward certain ports to the following remote server 🔀, turning the victim's
0
6
10
Interesting bash script that spreads through 89.110.95.186 (VDSINA 🇷🇺), fully undetected (FUD) by any AV 🔥. The script conducts various modifications on Linux based systems ⚙️ and uses iptables to forward certain ports to the following remote server 🔀, turning the victim's
3
20
59
Samples Collection Updated 👇 https://t.co/8O76wQR7Hi
Spotted #formbook malspam in #italy 🇮🇹 ⛓️eml>.pdf>.7z>.js>.ps1 📦p://147.124.222,89/host/ #blackhawk .net loader
0
2
16
🚨 New Research: #Bulwark - The EDR/AV Bypasser Our #ThreatResearch team analyzes the environment and functionalities of this tool as well as other related #malware and #hacktools like #AuraStealer 🔗 Report: https://t.co/Lu3Roz2F5l
#threat #reversing #RE #CTI #intel
1
10
68