In Hungary somebody picked a simple #guloader in a 7ZIP archive and put it in a TXT with base64. 🤷🏻‍♂️ 'doc0012020020250212.exe' seen from Poland and Hungary @abuse_ch https://t.co/BYQn7R7dEE IP: 178.218.164(.)110:443 (Croatia) @_operations6_

Read the full story here: https://t.co/A9s5NefBtT

Joe Reverser automatically dissects a suspicious email: EML ➡️ extract doc attachment ➡️ create img ➡️ describe img ➡️ extracts QR URL ➡️ browse with web browser ➡️ describe img ➡️ read DOM ➡️ threat intel ➡️ detect phishing 🔥

Across all the 425 compromised packages so far, they have a total of 132 million monthly downloads. Damn.

. @posthog Also got compromised by Shai Hulud: @posthog/hedgehog-mode @posthog/nuxt @posthog/piscina @posthog/plugin-server @posthog/rrdom @posthog/rrweb @posthog/rrweb-player @posthog/rrweb-record @posthog/rrweb-replay @posthog/rrweb-snapshot @posthog/siphash

XBOW raised $117M to build AI hacking agents. Now someone just open-sourced it for FREE. Strix deploys autonomous AI agents that act like real hackers - they run your code dynamically, find vulnerabilities, and validate them through actual proof-of-concepts. Why it matters:

#malware #opendir at: http://179.43.176].109:8081/Downloads/1/

wow..... you have to be pwn3d really hard to have attestation letters to show you 'aren't totally compromised' etc. (this is linked from the F5 press release thing so it's clearly PUBLIC despite being marked otherwise)

G_Dropper_BRICKSTEAL 95a207976912b920d43894d88cb488fc04ec187d785b3dac533e1790fd4ea4e2 e6fff77afe636fc6e8486a4da400718cee3109688efb8490484ee7c53f46423c aa73901f4c28c4e90d957f5e45cd3f394ea333a873a23e807855396e6be91c51 01a81d7a4101144835c40dabc075c943384092f808b8f98dd62c53198fa1b517

Cyberattack on Jaguar Land Rover results in a prolonged production shutdown. 25% of suppliers have already taken steps to pause production and temporarily lay off workers. The attack has now forced a complete halt until October 1st, costing the company over $1.36 billion in lost

@Samsung @lumafield @Reddit @Delta We’ve detailed all of our findings in our new Battery Quality Report, which you can download for free right here: https://t.co/Xj6Jg2I2Tk You can't just take an online distributor's word for the quality of batteries; you need to look inside them yourself!

[Thread] 3 of the 6 largest VPN companies are owned and operated by an Israeli company, founded and led by "former" Israeli spies? Is your VPN affected? My investigation reveals all: https://t.co/UyeZOyL9hV

DAWG. They social engineered the United States judicial system (???), reset someone's password by pretending to be helpdesk, and LOOKED THEMSELVES UP

⚠️ A new ransomware is here → HybridPetya. It doesn’t just lock your files — it can bypass Secure Boot on modern PCs, sneak into UEFI, and encrypt your entire system.Victims see a fake CHKDSK screen before being hit with a $1,000 Bitcoin demand. The scariest part? Researchers

I was thinking Apple was having their Windows 8 moment with the horrible UI baked into Sequoia... but no, this is worse than that. It's like they didn't even test the UI on actual Macs or with human beings using them. Team stay-on-Sequoia here...

Imagine getting access to CI tokens across dev orgs - and blowing it because you didn’t pay $9 to https://t.co/OrOhg4aI4Z The attack didn’t fail because we stopped it - it failed because they used a free https://t.co/OrOhg4aI4Z account and hit the quota #NPM #SupplyChain

🚨 I was just targeted in a sophisticated phishing attempt that almost got me. But I got the scammer on a live call (video recording below), strung him along, and trolled him with Kim Jong Un gay porn while dissecting his $3k/month malware kit. Buckle up, this gets wild. 🧵👇

Ongoing Supply Chain Attack Targets CrowdStrike npm Packages

WORLDSTAR

🚨 BREAKING: The DuckDB npm account was compromised. Malicious versions of duckdb, duckdb-wasm, and more were published early this morning with the same wallet-drainer malware seen in yesterday’s supply-chain attack. Check your dependencies! https://t.co/i6ke5F3mWW #NodeJS