Validin
@ValidinLLC
Followers
2K
Following
1K
Media
195
Statuses
762
Validin is a next generation internet intelligence platform.
Southeast USA
Joined May 2017
Beware fake job platforms operated by the group behind "Contagious Interview." Our team found a surprisingly detailed lure site (lenvny[.]com) over the weekend with fake job listings for @AnthropicAI, @yugalabs, @Anchorage, and more. Analysis and IOCs: https://t.co/KHfiPL0j1K
validin.com
Inside DPRK’s Fake Job Platform Targeting U.S. AI Talent
0
4
13
New video dropped! 🤓 Vibe hunting through @ValidinLLC with no preparation at all, just pivoting on whatever looks interesting and seeing where it takes us 🐇🕳️ We stumbled across SmartApe, SmokedHam, Mintsloader ... Also caught up with Kenneth, the mind behind Validin! 🧠
2
20
82
Update on React Server Components CVE-2025-55182: over 165K IPs & 644K domains with vulnerable code found on 2025-12-08 after scan targeting improvements! See: https://t.co/2ELWyWmEOX Check for compromise & patch! Thank you to @ValidinLLC & @leak_ix for the collaboration!
React Server Components (CVE-2025-55182) RCE findings so far on 2025-12-05. 77664 IPs found vulnerable (based on @assetnote methodology). IP data is being shared in our Vulnerable HTTP reports: https://t.co/qxv0Gv6cAK Dashboard geo breakdown: https://t.co/2ELWyWmEOX
4
33
88
🥷Fake Chrome Driver (Win/MacOS) 🌐Domain: hxxp[:]//securityelectrum[.]org 📡C2: lodashmap[.]online Found via @ValidinLLC 🔎Query: :::"description":"Real-time meetings by Google. Using your browser, share your video, desktop, and presentations with teammates and customers."
2
5
20
🖱️ClickFix Host Title Search 🔎- 🔗Link- https://t.co/OSvrdM6zBX 🌐CC: @ValidinLLC 🕵️Query: Checking if you are human Very High TP rate
2
7
26
ICYMI: @SentinelOne released a new Synapse power-up for @validinLLC giving analysts faster pivots across DNS history, certs, WHOIS + web content to reveal hidden related infrastructure. Get the full story here:
sentinelone.com
Accelerate adversary tracking and reveal hidden infrastructure with our open-source Synapse Rapid Power-Up for Validin.
0
6
9
#Tycoon2FA #Phishing 🐟 We’ve reached the milestone of 10,000 malicious tycoon2fa-related domains uploaded to GitHub!!! 🐟 Full List: https://t.co/vltYUQwfv9 Uploaded to: @spamhaus Tools used: @censysio @ValidinLLC
3
5
23
We've detected additional domain names with new "dream job" listings leveraging this new theme including: stafnex[.]com equisphirep[.]com
Beware fake job platforms operated by the group behind "Contagious Interview." Our team found a surprisingly detailed lure site (lenvny[.]com) over the weekend with fake job listings for @AnthropicAI, @yugalabs, @Anchorage, and more. Analysis and IOCs: https://t.co/KHfiPL0j1K
1
0
4
Big thanks to @ValidinLLC on vhost identification collaboration! Data in Vulnerable HTTP: https://t.co/qxv0Gv6cAK More about Monsta FTP CVE-2025-34299 from @watchtowrcyber
https://t.co/kT9bVpNkrn Make sure to check for signs of compromise and patch:
labs.watchtowr.com
Happy Friday, friends and.. others. We’re glad/sorry to hear that your week has been good/bad, and it’s the weekend/but at least it’s almost the weekend! What’re We Doing Today, Mr Fox? Today, in a...
0
2
6
More active DPRK macOS malware "Contagious Interview" - thanks @malwrhunterteam :) Main Swift app (MediaPatcher) detected on VT. Domain undetected and there's a couple parts including a golang backdoor and infostealer behavior. Let's dive in :) 🧵
1
2
26
"Inside DPRK's Fake Job Platform Targeting U.S. AI Talent" published by @ValidinLLC. #ClickFix, #ContagiousInterview, #DPRK, #CTI
validin.com
Inside DPRK’s Fake Job Platform Targeting U.S. AI Talent
0
5
14
Not surprising to see DPRK expanding Contagious Interview activity into the AI hiring space, but the level of lure polish here is noteworthy. Strong research and a solid catch 🔥 Analysis & eye-oks: https://t.co/4D1r3JX6Wp Coverage:
cnn.com
North Korean operatives created a fake job-application platform targeting applicants to major US artificial intelligence and crypto firms as part of a new effort to steal money and know-how for the...
0
6
8
Inside DPRK’s Fake Job Platform Targeting U.S. AI Talent | https://t.co/XfZhEDIJbT
@ValidinLLC
validin.com
Inside DPRK’s Fake Job Platform Targeting U.S. AI Talent
0
10
22
Adversaries move fast, but their infrastructure patterns betray them. Our new @vtxproject Synapse Rapid Power-Up for @ValidinLLC, built in-house by @LabsSentinel engineers and open-sourced, makes those patterns visible — and operational for analysts. This is how you turn
2
3
12
💚🤝💜🤝💛 Love seeing my two favorite tools come together to level up what analysts can do (@ValidinLLC & @vtxproject). Huge shoutout to our @SentinelOne intelligence engineering team for making this happen: https://t.co/94se3MbRAA
sentinelone.com
Accelerate adversary tracking and reveal hidden infrastructure with our open-source Synapse Rapid Power-Up for Validin.
1
11
24
#PIVOTcon26 registration is now OPEN 🤟📷 #ThreatResearch #ThreatIntel 📷 https://t.co/O5LJfr5JlT Please read carefully the whole 🧵 for the rules about invite -> registration (1/6)🌐
1
13
17
@vxunderground @wbmmfq @_JohnHammond @DJSnM Investigations by @vxunderground, @wbmmfq, and @_JohnHammond: https://t.co/Szgxwp2uXl
https://t.co/z7jKktNgQ2
https://t.co/25xEsU5VC6
Yesterday folks got a phishing email for a fake DMCA report-- myself included. Caught me at a good time so I could record poking at the scam and the malware it leads to: ultimately infostealer malware (the usual) from a fake domain & clearly AI slop site: https://t.co/n0jiqgVi9Z
1
0
4
Just got an email from ' https://t.co/vFp72o6GE2' with a legal boilerplate threatening bad things. Site is only a few days old, and tries to get you to download a .exe containing 'evidence' - so yeah, if you're a creator be aware of this obvious scam.
1
0
3
Building on fantastic work by @vxunderground, @wbmmfq, and @_JohnHammond responding to a phish targeting @DJSnM, here's how Validin can further enrich and provide insights into their findings. ⤵️ https://t.co/fHxUUiNgbA
validin.com
Exploring fake DMCA Takedown scam pages, malware domains, and malicious IPs with Validin
1
1
10