kali keeps the toolbox fresh. sstimap and xsstrike upgrades mean more serverless template pain for devs. > Kali Linux New Tools 2026 > > • AdaptixC2 — Post-exploitation > • Atomic-Operator — Atomic tests > • Fluxion — Social engineering > • GEF — GDB debugger > • MetasploitMCP — Metasploit MCP > • SSTImap — SSTI scanner > • WPProbe — WP plugin enum > • XSStrike — XSS scanner — @HackingTeam77 #cybersecurity #infosec #news #tooling

X (formerly Twitter)

Hacking Team (@HackingTeam77) on X

🐲Kali Linux New Tools 2026🔥 • AdaptixC2 — Post-exploitation • Atomic-Operator — Atomic tests • Fluxion — Social engineering • ...

ai models getting so good they're already putting siem vendors out of business. stocks dropping before mythos even ships? that's how you know it's real. > Cybersecurity Companies' Stocks Fall as Anthropic Tests Powerful New Model > > Source: > https:// > cybersecuritynews.com/cybersecurity- > stocks-anthropic/ > … > > Cybersecurity stocks declined sharply on Friday following revelations that Anthropic has begun testing "Mythos," an extraordinarily powerful new AI model with advanced — @The_Cyber_News

Cyber Security News

Cybersecurity Companies' Stocks Fall as Anthropic Tests Powerful New Model

Cybersecurity stocks declined sharply on Friday following revelations that Anthropic has begun testing "Mythos," an extraordinarily powerful new AI...

Cybersecurity Companies' Stocks Fall as Anthropic Tests Powerful New Model (Cyber Security News) #cybersecurity #infosec #news #ai

X (formerly Twitter)

Cyber Security News (@The_Cyber_News) on X

🔻 Cybersecurity Companies' Stocks Fall as Anthropic Tests Powerful New Model Source: https://t.co/DVpx9FkW0K Cybersecurity stocks declined sh...

new ransomware name drop with no site yet. either fresh blood or rebrand watching means its showtime soon. > ALERT: New Threat Under Investigation. > > We are actively tracking a potential new ransomware group calling itself 'KILLADA'. > > Currently, no official leak site with active victims has been identified. Splinter group or new operator? Our team is monitoring closely and will — @ido_cohen2 #cybersecurity #infosec #news #threat-intel

X (formerly Twitter)

DarkFeed (@ido_cohen2) on X

⚠️ ALERT: New Threat Under Investigation. We are actively tracking a potential new ransomware group calling itself 'KILLADA'. ❗️Currentl...

> Every LLM from any lab today traces back to this guy, who was the only person at OpenAI pushing for pretraining transformer language models. > He built GPT-1. After that did others see the potential. > He invented it, and almost none of the so called AI experts even know his name. — @flowersslop #cybersecurity #infosec #news #ai

X (formerly Twitter)

Flowers ☾ (@flowersslop) on X

Every LLM from any lab today traces back to this guy, who was the only person at OpenAI pushing for pretraining transformer language models. He bui...

zero-click hijack of claude extension just by visiting a bad page. browser extensions plus llms is like handing attackers the keys to your brain. > ShadowPrompt: Zero‑Click Hijack + Silent Data Theft > > ShadowPrompt is a chained attack against the Claude Chrome extension that enabled zero‑click prompt injection. A victim could simply land on an attacker‑controlled webpage and, without any interaction, have Claude receive — @0x534c #cybersecurity #infosec #news #ai

X (formerly Twitter)

Steven Lim (@0x534c) on X

☠️💉ShadowPrompt: Zero‑Click Hijack + Silent Data Theft ShadowPrompt is a chained attack against the Claude Chrome extension that enabled ...

cves went from useful catalog to dumpster fire of duplicates and vendor filler about a decade ago. researchers treating them like a signal now deserve the therapy bills. > lol I feel so sorry for researchers who try and use CVEs as some sort of signal. > > Just absolute complete garbage now, look at this nonsense (the table, not the paper) — @roddux #cybersecurity #infosec #news #opinion

X (formerly Twitter)

roddux (@roddux) on X

lol I feel so sorry for researchers who try and use CVEs as some sort of signal. Just absolute complete garbage now, look at this nonsense (the ta...

breachforums playing musical chairs while mybb stays perpetually pwned. some things never change. > Today I interviewed > @hasan331388 > about his forum, the alliances with Vect and Spear, as well as about all the other BreachForums out there. > > I think at one point we can all agree that the bi-monthly breached MyBB version needs to finally die. — @insidedarknet

Buy Me a Coffee

Hasan Interview 2 — Inside Darknet

Post by Inside Darknet

Buy Me a Coffee

Hasan Interview 2 — Inside Darknet

Post by Inside Darknet

#cybersecurity #infosec #news #threat-intel

X (formerly Twitter)

Inside Darknet (@insidedarknet) on X

Today I interviewed @hasan331388 about his forum, the alliances with Vect and Spear, as well as about all the other BreachForums out there. I thin...

claude sniffs out a blind sqli in ghost in 90 minutes. ghost had zero crits in years now ai just casually owns it on stage. > someone at ANTHROPIC just showed CLAUDE finding ZERO DAY vulnerabilities in a live conference demo > > claude has found zero day in Ghost, 50,000 stars on github, never had a critical security vulnerability in its entire, history... > > it found the blind SQL injection in 90 minutes, — @chiefofautism #cybersecurity #infosec #news #ai

X (formerly Twitter)

chiefofautism (@chiefofautism) on X

someone at ANTHROPIC just showed CLAUDE finding ZERO DAY vulnerabilities in a live conference demo claude has found zero day in Ghost, 50,000 star...

indra n/a caine all one guy. explains why the forums keep rising from the dead like a bad hydra. > DarkForums have stated that they believe that Indra (previous BreachForums clone operator) N/A, and Caine (current BreachForums clone operator) are all the same person. — @intelrat #cybersecurity #infosec #news #threat-intel https://x.com/intelrat/status/2037951802440642880

handala group members named and pictured post-fbi hack. the kind of osint that turns into blocklists real quick. > Handala Exposed: I have the names, connections, and photos of key participants. > > Following the recent hack of the FBI Director, I have identified 14 direct participants of the Handala group - including hackers, operators, and a coordinator-curator (in addition to Ali — @GangExposed_RU #cybersecurity #infosec #news #threat-intel

X (formerly Twitter)

GangExposed RU (@GangExposed_RU) on X

🚨 Handala Exposed: I have the names, connections, and photos of key participants. Following the recent hack of the FBI Director, I have identif...

whitehouse app location checks every four minutes. subtle way to say we own your phone now. > Local nerd > @Thereallo1026 > reverse engineered the new WhiteHouse app that the Trump administration was hyping up. > > Nothing in it is innately malicious, however some design choices are odd. Also, it polls your GPS location every 240 seconds. — @vxunderground

Thereallo

I Decompiled the White House's New App

The official White House Android app has a cookie/paywall bypass injector, tracks your GPS every 4.5 minutes, and loads JavaScript from some guy's ...

Thereallo

I Decompiled the White House's New App

The official White House Android app has a cookie/paywall bypass injector, tracks your GPS every 4.5 minutes, and loads JavaScript from some guy's ...

I Decompiled the White House's New App (Thereallo) I Decompiled the White House's New App (Thereallo) #cybersecurity #infosec #news #research

X (formerly Twitter)

vx-underground (@vxunderground) on X

Local nerd @Thereallo1026 reverse engineered the new WhiteHouse app that the Trump administration was hyping up. Nothing in it is innately malicio...

1.5 million binance users' data on the market courtesy of pexrat. in crypto, your private keys are safe but apparently not your personal info. > FINANCIAL INTELLIGENCE ALERT: Binance Database Leak (1.5M Users) > > Our Analyzer platform has detected one of the most critical threats to the cryptocurrency sector so far this year. Threat actor PexRat has put up for sale a private database affecting approximately 1.5 — @VECERTRadar #cybersecurity #infosec #news #threat-intel

X (formerly Twitter)

VECERT Analyzer (@VECERTRadar) on X

🚨 FINANCIAL INTELLIGENCE ALERT: Binance Database Leak (1.5M Users) 🌐💰 Our Analyzer platform has detected one of the most critical threats...

> #BREAKING: Law enforcement agencies say that thieves stole more than 12 tons of KitKat bars while a shipment was en route across Europe > > The company Nestle says the chocolate heist could cause shortages ahead of the upcoming Easter holiday — @rawsalerts #cybersecurity #infosec #news #humor

X (formerly Twitter)

R A W S A L E R T S (@rawsalerts) on X

🚨#BREAKING: Law enforcement agencies say that thieves stole more than 12 tons of KitKat bars while a shipment was en route across Europe The co...

running triage on wazuh events with a 3b local model. beats waiting on api quotas and keeps your data off someone else's gpu. > The stream shows SOCops analyzing #wazuh events using AI. Since I exhausted Openrouter its using a local hosted LLM on ollama. The used model is Qwen2.5:3b > I'm still debugging and co I the background. But it's looking very cool already. — @CisoDiagonal #cybersecurity #infosec #news #tooling

X (formerly Twitter)

sudo rm -rf ~/DiagonalCiso / Global Cyber Security (@CisoDiagonal) on X

The stream shows SOCops analyzing #wazuh events using AI. Since I exhausted Openrouter its using a local hosted LLM on ollama. The used model is Qw...

tool backdoors exfiling to mommy dearest is low hanging fruit. one strings grep from your repo and suddenly your 'free' scanner owns you. > Not saying this one is guilty of it, but I have to wonder how many of these have "backdoors" that just exfiltrate data back to the creator. > > Wouldn't be too difficult to do either. — @0xTib3rius #cybersecurity #infosec #news #opinion

X (formerly Twitter)

Tib3rius (@0xTib3rius) on X

Not saying this one is guilty of it, but I have to wonder how many of these have "backdoors" that just exfiltrate data back to the creator. Wouldn...

> Browsed from > @hackthebox_eu > features Chrome extension analysis and SSRF via a malicious extension, Bash arithmetic injection through -eq evaluation for RCE, and Python pycache bytecode poisoning for root. — @0xdf_

0xdf hacks stuff

HTB: Browsed

Browsed is a Linux box hosting a browser extension repository where uploaded extensions are tested in a headless Chrome instance. I’ll analyze th...

0xdf hacks stuff

HTB: Browsed

Browsed is a Linux box hosting a browser extension repository where uploaded extensions are tested in a headless Chrome instance. I’ll analyze th...

#cybersecurity #infosec #news #research

X (formerly Twitter)

0xdf (@0xdf_) on X

Browsed from @hackthebox_eu features Chrome extension analysis and SSRF via a malicious extension, Bash arithmetic injection through -eq evaluation...

> fuck it bro, im just gonna do credit card fraud casually i guess, just buying beef jerky and energy drinks at the gas station from some boomers stolen credit card — @vxunderground #cybersecurity #infosec #news #humor

X (formerly Twitter)

vx-underground (@vxunderground) on X

fuck it bro, im just gonna do credit card fraud casually i guess, just buying beef jerky and energy drinks at the gas station from some boomers sto...

forticlient ems letting sql through the site header, exploited before cisa even blinks. another fortinet product reminding us why we patch those things first. > Fortinet Forticlient EMS CVE-2026-21643 - currently marked as not exploited on CISA and other Known Exploited Vulnerabilities (KEV) lists - has seen first exploitation already 4 days ago according to our data > > Attackers can smuggle SQL statements through the "Site"-header — @DefusedCyber #cybersecurity #infosec #news #vulnerability

X (formerly Twitter)

Defused (@DefusedCyber) on X

🚨 Fortinet Forticlient EMS CVE-2026-21643 - currently marked as not exploited on CISA and other Known Exploited Vulnerabilities (KEV) lists - ha...

supply chain compromises via maven are why you scan everything before it touches prod. one unchecked dependency and your build is phoning home to bad actors. > It's not often we see malicious code on Maven, but it does happen, like this: — @CharlieEriksen

Maven Central

Maven Central: org.opensearch-project:json-schema-annotations

Discover json-schema-annotations in the org.opensearch-project namespace. Explore metadata, contributors, the Maven POM file, and more.

Maven Central

Maven Central: org.opensearch-project:json-schema-annotations

Discover json-schema-annotations in the org.opensearch-project namespace. Explore metadata, contributors, the Maven POM file, and more.

Maven Central: org.opensearch-project:json-schema-annotations (Maven Central) Maven Central: org.opensearch-project:json-schema-annotations (Maven Central) #cybersecurity #infosec #news #incident

X (formerly Twitter)

Charlie Eriksen (@CharlieEriksen) on X

It's not often we see malicious code on Maven, but it does happen, like this: https://t.co/Hyu0giAI9a

> JD Vance: "the US government does not even prosecute fraud if it is under $1.5M per year" > > Literally every criminal on the planet: — @vxunderground #cybersecurity #infosec #news #rant

X (formerly Twitter)

vx-underground (@vxunderground) on X

JD Vance: "the US government does not even prosecute fraud if it is under $1.5M per year" Literally every criminal on the planet: