freiburg.social

2 posts2 participants0 posts today

Dining & CookingPopular Japanese restaurant chain to shut 2,000 branches after rat found in soup <a href="https://www.diningandcooking.com/1990341/popular-japanese-restaurant-chain-to-shut-2000-branches-after-rat-found-in-soup/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.diningandcooking.com/1990341/popular-japanese-restaurant-chain-to-shut-2000-branches-after-rat-found-in-soup/</a> <a href="https://vive.im/tags/food" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#food</a> <a href="https://vive.im/tags/FoodTopics" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FoodTopics</a> <a href="https://vive.im/tags/Japan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Japan</a> <a href="https://vive.im/tags/rat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rat</a>

OTX BotCVE-2025-29927: Next.js Middleware Authorization Bypass FlawA critical vulnerability, CVE-2025-29927, with a CVSS score of 9.1 was disclosed on March 21, 2025. This flaw allows attackers to bypass authorization checks in Next.js Middleware, potentially granting unauthorized access to protected resources. The vulnerability affects applications using Middleware for user authorization, session data validation, route access control, redirections, and UI visibility management. The issue stems from how the runMiddleware function handles the x-middleware-subrequest header. Attackers can craft malicious headers to bypass middleware controls. Affected versions range from 11.1.4 to 15.2.3. Users are urged to update to patched versions or implement mitigation strategies to block external requests containing the vulnerable header.Pulse ID: 67e59d30fc2fe9b7ddaded28 Pulse Link: <a href="https://otx.alienvault.com/pulse/67e59d30fc2fe9b7ddaded28" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67e59d30fc2fe9b7ddaded28</a> Pulse Author: AlienVault Created: 2025-03-27 18:47:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> <a href="https://social.raytec.co/tags/RCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RCE</a> <a href="https://social.raytec.co/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

Brad2025-03-26 (Wednesday): <a href="https://infosec.exchange/tags/SmartApeSG" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SmartApeSG</a> traffic for a fake browser update page leads to a <a href="https://infosec.exchange/tags/NetSupport" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NetSupport</a> <a href="https://infosec.exchange/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> infection. A zip archive for <a href="https://infosec.exchange/tags/StealC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#StealC</a> sent over the <a href="https://infosec.exchange/tags/NetSupportRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NetSupportRAT</a> C2 traffic.The <a href="https://infosec.exchange/tags/StealC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#StealC</a> infection uses DLL side-loading by a legitimate EXE to <a href="https://infosec.exchange/tags/sideload" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sideload</a> the malicious DLL.A <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pcap</a> from an infection, the associated <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> samples, and <a href="https://infosec.exchange/tags/IOCs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IOCs</a> are available at at <a href="https://www.malware-traffic-analysis.net/2025/03/26/index.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.malware-traffic-analysis.net/2025/03/26/index.html</a>

Brad<a href="https://infosec.exchange/tags/MalspamMonday" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MalspamMonday</a>Malspam Monday is when I check the inboxes of my honey pot accounts for anything interesting distributed through email.Today, I found an example of <a href="https://infosec.exchange/tags/GuLoader" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GuLoader</a> for <a href="https://infosec.exchange/tags/Remcos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Remcos</a> <a href="https://infosec.exchange/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> Details at <a href="https://github.com/malware-traffic/indicators/blob/main/2025-03-24-GuLoader-for-Remcos-RAT.txt" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/malware-traffic/indicators/blob/main/2025-03-24-GuLoader-for-Remcos-RAT.txt</a><a href="https://infosec.exchange/tags/RemcosRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RemcosRAT</a> <a href="https://infosec.exchange/tags/malspam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malspam</a>

PopPhoriaI'm looking for underground, low brow, pop surrealism artist that are similar to my style. I want to find my people and connect over weird art. Anyone have a good place? <a href="https://pixelfed.social/discover/tags/lowbrow?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#lowbrow</a> <a href="https://pixelfed.social/discover/tags/lowbrowart?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#lowbrowart</a> <a href="https://pixelfed.social/discover/tags/lowbrowpopsurrealist?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#lowbrowpopsurrealist</a> <a href="https://pixelfed.social/discover/tags/lowbrowsurrealism?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#lowbrowsurrealism</a> <a href="https://pixelfed.social/discover/tags/artist?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#artist</a> <a href="https://pixelfed.social/discover/tags/weird?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#weird</a> <a href="https://pixelfed.social/discover/tags/weirdart?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#weirdart</a> <a href="https://pixelfed.social/discover/tags/underground?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#underground</a> <a href="https://pixelfed.social/discover/tags/undergroundart?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#undergroundart</a> <a href="https://pixelfed.social/discover/tags/undergroundartist?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#undergroundartist</a> <a href="https://pixelfed.social/discover/tags/odd?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#odd</a> <a href="https://pixelfed.social/discover/tags/indie?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#indie</a> <a href="https://pixelfed.social/discover/tags/indieartist?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#indieartist</a> <a href="https://pixelfed.social/discover/tags/indieart?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#indieart</a> <a href="https://pixelfed.social/discover/tags/supportindieartists?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#supportindieartists</a> <a href="https://pixelfed.social/discover/tags/different?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#different</a> <a href="https://pixelfed.social/discover/tags/contrast?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#contrast</a> <a href="https://pixelfed.social/discover/tags/vibrant?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#vibrant</a> <a href="https://pixelfed.social/discover/tags/vibrantcolors?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#vibrantcolors</a> <a href="https://pixelfed.social/discover/tags/surrealismartcommunity?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#surrealismartcommunity</a> <a href="https://pixelfed.social/discover/tags/ratcommunity?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#ratcommunity</a> <a href="https://pixelfed.social/discover/tags/abstractartcommunity?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#abstractartcommunity</a> <a href="https://pixelfed.social/discover/tags/lowbrowartcommunity?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#lowbrowartcommunity</a> <a href="https://pixelfed.social/discover/tags/weirdartcommunity?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#weirdartcommunity</a> <a href="https://pixelfed.social/discover/tags/weird?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#weird</a> <a href="https://pixelfed.social/discover/tags/weirdartist?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#weirdartist</a> <a href="https://pixelfed.social/discover/tags/cute?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#cute</a> <a href="https://pixelfed.social/discover/tags/adorable?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#adorable</a> <a href="https://pixelfed.social/discover/tags/rainbow?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#rainbow</a> <a href="https://pixelfed.social/discover/tags/sky?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#sky</a> <a href="https://pixelfed.social/discover/tags/floating?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#floating</a> <a href="https://pixelfed.social/discover/tags/rat?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#rat</a> <a href="https://pixelfed.social/discover/tags/mouse?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#mouse</a> <a href="https://pixelfed.social/discover/tags/rodent?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#rodent</a> <a href="https://pixelfed.social/discover/tags/high?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#high</a> <a href="https://pixelfed.social/discover/tags/trippy?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#trippy</a> <a href="https://pixelfed.social/discover/tags/psychedelicart?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#psychedelicart</a> <a href="https://pixelfed.social/discover/tags/trippyart?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#trippyart</a> <a href="https://pixelfed.social/discover/tags/acid?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#acid</a> <a href="https://pixelfed.social/discover/tags/drugs?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#drugs</a> <a href="https://pixelfed.social/discover/tags/hallucinogene?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#hallucinogene</a> <a href="https://pixelfed.social/discover/tags/hallucination?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#hallucination</a> <a href="https://pixelfed.social/discover/tags/shrooms?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#shrooms</a> <a href="https://pixelfed.social/discover/tags/mushrooms?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#mushrooms</a> <a href="https://pixelfed.social/discover/tags/hippy?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#hippy</a> <a href="https://pixelfed.social/discover/tags/eyecatching?src=hash" class="u-url hashtag" rel="nofollow noopener noreferrer" target="_blank">#eyecatching</a>

OTX BotOperation FishMedley targeting governments, NGOs, and think tanksESET researchers have uncovered a global espionage operation called Operation FishMedley, conducted by the FishMonger APT group, which is operated by the Chinese contractor I-SOON. The campaign targeted governments, NGOs, and think tanks across Asia, Europe, and the United States during 2022. The attackers used implants like ShadowPad, SodaMaster, and Spyder, which are common or exclusive to China-aligned threat actors. The operation involved sophisticated tactics including lateral movement, credential theft, and custom malware deployment. Seven victims were identified across various countries and sectors. The analysis provides technical details on the malware used, initial access methods, and command and control infrastructure.Pulse ID: 67dd406f6ba9eecd280aa95e Pulse Link: <a href="https://otx.alienvault.com/pulse/67dd406f6ba9eecd280aa95e" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67dd406f6ba9eecd280aa95e</a> Pulse Author: AlienVault Created: 2025-03-21 10:33:19Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/Asia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Asia</a> <a href="https://social.raytec.co/tags/China" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#China</a> <a href="https://social.raytec.co/tags/Chinese" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Chinese</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/ESET" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESET</a> <a href="https://social.raytec.co/tags/Espionage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Espionage</a> <a href="https://social.raytec.co/tags/Europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Europe</a> <a href="https://social.raytec.co/tags/Government" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Government</a> <a href="https://social.raytec.co/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ICS</a> <a href="https://social.raytec.co/tags/ISoon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ISoon</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> <a href="https://social.raytec.co/tags/ShadowPad" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ShadowPad</a> <a href="https://social.raytec.co/tags/UnitedStates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UnitedStates</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

OTX BotCredit Card Skimmer and Backdoor on WordPress E-commerce SiteA sophisticated malware attack targeting WordPress WooCommerce sites was discovered, involving multiple components: a credit card skimmer, a hidden backdoor file manager, and a reconnaissance script. The attack focused on financial gain and long-term control. The skimmer, injected into the checkout page, collected payment and billing information, sending it to a malicious server. A PHP backdoor allowed remote system command execution, while a reconnaissance script gathered server information. The attack demonstrates the evolving complexity of e-commerce platform threats, emphasizing the need for strict security measures, regular scans, proper access controls, and timely updates to prevent such exploits.Pulse ID: 67d52aad906732f7bad24dfa Pulse Link: <a href="https://otx.alienvault.com/pulse/67d52aad906732f7bad24dfa" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67d52aad906732f7bad24dfa</a> Pulse Author: AlienVault Created: 2025-03-15 07:22:21Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/BackDoor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BackDoor</a> <a href="https://social.raytec.co/tags/CreditCard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CreditCard</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/PHP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PHP</a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> <a href="https://social.raytec.co/tags/RCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RCE</a> <a href="https://social.raytec.co/tags/RDP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RDP</a> <a href="https://social.raytec.co/tags/Word" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Word</a> <a href="https://social.raytec.co/tags/Wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Wordpress</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

ScarpyroÇa gratte<a href="https://piaille.fr/tags/crochet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#crochet</a> <a href="https://piaille.fr/tags/rat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rat</a> <a href="https://piaille.fr/tags/amigurumi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#amigurumi</a>

OTX BotMalicious Packages Identified in the Wild: Insights and Trends from November 2024 OnwardFortiGuard Labs has analyzed malicious software packages detected from November 2024 to March 2025, revealing various attack techniques used to exploit system vulnerabilities. Key findings include 1,082 packages with low file counts, 1,052 packages with suspicious install scripts, and 1,043 packages lacking repository URLs. Attackers employ methods such as obfuscation, command overwrite, and typosquatting to bypass security measures. The analysis highlights the use of suspicious APIs, URLs, and installation scripts to exfiltrate data, establish backdoors, and perform remote control activities. Specific cases involve malicious Python and Node.js packages targeting developers and harvesting sensitive information. The report emphasizes the importance of robust detection strategies and proactive defense measures to mitigate these evolving cybersecurity threats.Pulse ID: 67cf4b932b27ceeadb710aab Pulse Link: <a href="https://otx.alienvault.com/pulse/67cf4b932b27ceeadb710aab" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67cf4b932b27ceeadb710aab</a> Pulse Author: AlienVault Created: 2025-03-10 20:29:07Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/BackDoor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BackDoor</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/FortiGuard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FortiGuard</a> <a href="https://social.raytec.co/tags/FortiGuardLabs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FortiGuardLabs</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Nodejs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Nodejs</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Python</a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> <a href="https://social.raytec.co/tags/TypoSquatting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TypoSquatting</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/developers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#developers</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

BradSocial media post I wrote about <a href="https://infosec.exchange/tags/RemcosRAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RemcosRAT</a> for my employer at <a href="https://www.linkedin.com/posts/unit42_remcos-rat-keylogger-activity-7304958245322768385-tu-a/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.linkedin.com/posts/unit42_remcos-rat-keylogger-activity-7304958245322768385-tu-a/</a> and <a href="https://x.com/malware_traffic/status/1899207006939947440" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://x.com/malware_traffic/status/1899207006939947440</a>2025-03-10 (Monday): <a href="https://infosec.exchange/tags/Remcos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Remcos</a> <a href="https://infosec.exchange/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> activity. Email distribution used a zip archive attachment with a .7z file extension. During a test infection, we saw indicators of a <a href="https://infosec.exchange/tags/Keylogger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Keylogger</a> and a Hacking tool to view browser passwords.More info at <a href="https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2025-03-10-IOCs-for-Remcos-RAT-activity.txt" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/PaloAltoNetworks/Unit42-timely-threat-intel/blob/main/2025-03-10-IOCs-for-Remcos-RAT-activity.txt</a>A <a href="https://infosec.exchange/tags/pcap" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pcap</a> of the infection traffic and the associated <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> files are available at <a href="https://malware-traffic-analysis.net/2025/03/10/index.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://malware-traffic-analysis.net/2025/03/10/index.html</a>

Michael BlumeZu 3, digitaler <a href="https://sueden.social/tags/Thymokratie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Thymokratie</a>, bewegend:„Fragen wir den Wind:Wer misst Ehre in Einsen und Nullen?Wer entscheidet, ob dein digitaler Mut mehr wiegt als meine digitale Weisheit?Ist das Netz ein gerechter Richter oder nur ein Spiegel unserer Schatten?“(10/x)<a href="https://sueden.social/tags/Weisheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Weisheit</a> <a href="https://sueden.social/tags/Rat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Rat</a> <a href="https://sueden.social/tags/Philosophie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Philosophie</a> <a href="https://sueden.social/tags/Internet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Internet</a> <a href="https://sueden.social/tags/Medienethik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Medienethik</a>

OTX BotHavoc: SharePoint with Microsoft Graph API turns into FUD C2A phishing campaign combines ClickFix and multi-stage malware to deploy a modified Havoc Demon Agent. The attack starts with an HTML attachment using ClickFix to deceive users into executing malicious PowerShell commands. The malware stages are hidden behind SharePoint sites, and a modified Havoc Demon uses Microsoft Graph API to obscure C2 communications. The attack chain includes sandbox evasion, Python shellcode loader, KaynLdr for DLL loading, and a customized Havoc Demon DLL. The threat actor creates two files in SharePoint for C2 communication, encrypts data with AES-256, and supports various malicious commands. This campaign demonstrates the integration of public services with modified open-source tools to evade detection.Pulse ID: 67c5eea6bb77c4b4d02e4ca0 Pulse Link: <a href="https://otx.alienvault.com/pulse/67c5eea6bb77c4b4d02e4ca0" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67c5eea6bb77c4b4d02e4ca0</a> Pulse Author: AlienVault Created: 2025-03-03 18:02:14Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/HTML" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HTML</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Phishing</a> <a href="https://social.raytec.co/tags/PowerShell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PowerShell</a> <a href="https://social.raytec.co/tags/Python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Python</a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> <a href="https://social.raytec.co/tags/RCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RCE</a> <a href="https://social.raytec.co/tags/ShellCode" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ShellCode</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

creohn 💥Neontot <a href="https://chaos.social/tags/deadAnimal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#deadAnimal</a> <a href="https://chaos.social/tags/rat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rat</a> <a href="https://chaos.social/tags/photography" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#photography</a> <a href="https://pixelfed.social/p/creohn/802134903057897491" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://pixelfed.social/p/creohn/802134903057897491</a> <a href="https://cara.app/post/fd0324e8-86d5-4aa0-89f4-c6acd7c60f24" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cara.app/post/fd0324e8-86d5-4aa0-89f4-c6acd7c60f24</a>

eon 🐀i'm just really thinking about pizza rn <a href="https://possum.city/tags/rat" rel="nofollow noopener noreferrer" target="_blank">#rat</a> <a href="https://possum.city/tags/rats" rel="nofollow noopener noreferrer" target="_blank">#rats</a> <a href="https://possum.city/tags/ratsOfMastodon" rel="nofollow noopener noreferrer" target="_blank">#ratsOfMastodon</a> <a href="https://possum.city/tags/ratsOfFediverse" rel="nofollow noopener noreferrer" target="_blank">#ratsOfFediverse</a> <a href="https://possum.city/tags/cute" rel="nofollow noopener noreferrer" target="_blank">#cute</a> <a href="https://possum.city/tags/cuteArt" rel="nofollow noopener noreferrer" target="_blank">#cuteArt</a> <a href="https://possum.city/tags/OC" rel="nofollow noopener noreferrer" target="_blank">#OC</a> <a href="https://possum.city/tags/OCs" rel="nofollow noopener noreferrer" target="_blank">#OCs</a> <a href="https://possum.city/tags/OCart" rel="nofollow noopener noreferrer" target="_blank">#OCart</a>

eon 🐀working on a sticker sheet...? <a href="https://possum.city/tags/rat" rel="nofollow noopener noreferrer" target="_blank">#rat</a> <a href="https://possum.city/tags/rats" rel="nofollow noopener noreferrer" target="_blank">#rats</a> <a href="https://possum.city/tags/ratsOfMastodon" rel="nofollow noopener noreferrer" target="_blank">#ratsOfMastodon</a> <a href="https://possum.city/tags/ratsOfFediverse" rel="nofollow noopener noreferrer" target="_blank">#ratsOfFediverse</a> <a href="https://possum.city/tags/cute" rel="nofollow noopener noreferrer" target="_blank">#cute</a> <a href="https://possum.city/tags/cuteArt" rel="nofollow noopener noreferrer" target="_blank">#cuteArt</a> <a href="https://possum.city/tags/shop" rel="nofollow noopener noreferrer" target="_blank">#shop</a> <a href="https://possum.city/tags/merch" rel="nofollow noopener noreferrer" target="_blank">#merch</a> <a href="https://possum.city/tags/stickerShop" rel="nofollow noopener noreferrer" target="_blank">#stickerShop</a> <a href="https://possum.city/tags/stickers" rel="nofollow noopener noreferrer" target="_blank">#stickers</a> <a href="https://possum.city/tags/wip" rel="nofollow noopener noreferrer" target="_blank">#wip</a>

eon 🐀today i rescued a sock from the window ledge of the 12th floor using two plastic clothes hangers. thought it was funny so i drew it <a href="https://possum.city/tags/rat" rel="nofollow noopener noreferrer" target="_blank">#rat</a> <a href="https://possum.city/tags/rats" rel="nofollow noopener noreferrer" target="_blank">#rats</a> <a href="https://possum.city/tags/ratsOfMastodon" rel="nofollow noopener noreferrer" target="_blank">#ratsOfMastodon</a> <a href="https://possum.city/tags/ratsOfFediverse" rel="nofollow noopener noreferrer" target="_blank">#ratsOfFediverse</a> <a href="https://possum.city/tags/cute" rel="nofollow noopener noreferrer" target="_blank">#cute</a> <a href="https://possum.city/tags/cuteArt" rel="nofollow noopener noreferrer" target="_blank">#cuteArt</a> <a href="https://possum.city/tags/meme" rel="nofollow noopener noreferrer" target="_blank">#meme</a> <a href="https://possum.city/tags/memes" rel="nofollow noopener noreferrer" target="_blank">#memes</a>

DarkRatThe other day I finally took the time to edit the <a href="https://mastodon.art/@Pulex" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@Pulex</a> <a href="https://chaosfurs.social/tags/Rat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Rat</a> Sticker set to my fursona.Still some stickers left to do, but so far looking great.<a href="https://www.pulexart.com/store/p92/Rat_Stickers.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.pulexart.com/store/p92/Rat_Stickers.html</a>

OTX BotTargeting of freelance developersNorth Korea-aligned cybercriminals are targeting freelance software developers through fake job offers and coding challenges containing malware. The campaign, dubbed DeceptiveDevelopment, uses two main malware families - BeaverTail and InvisibleFerret - to steal cryptocurrency wallets and login credentials. Attackers pose as recruiters on platforms like LinkedIn and GitHub, providing trojanized projects as part of fake interview processes. The malware steals browser data, cryptocurrency wallets, and system information, and can deploy remote access tools. Hundreds of victims globally have been observed across Windows, Linux and macOS systems. The operation shows increasing sophistication and is expected to continue evolving its tactics to target cryptocurrency users.Pulse ID: 67b81609424eb59f7dd64a0b Pulse Link: <a href="https://otx.alienvault.com/pulse/67b81609424eb59f7dd64a0b" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67b81609424eb59f7dd64a0b</a> Pulse Author: AlienVault Created: 2025-02-21 05:58:33Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/Browser" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Browser</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GitHub</a> <a href="https://social.raytec.co/tags/ICS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ICS</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Korea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Korea</a> <a href="https://social.raytec.co/tags/LinkedIn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LinkedIn</a> <a href="https://social.raytec.co/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://social.raytec.co/tags/Mac" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Mac</a> <a href="https://social.raytec.co/tags/MacOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MacOS</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/NorthKorea" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NorthKorea</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RAT</a> <a href="https://social.raytec.co/tags/Trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Trojan</a> <a href="https://social.raytec.co/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptocurrency</a> <a href="https://social.raytec.co/tags/developers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#developers</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

NordstadtbloggerRatsbeschluss: Das <a href="https://ruhr.social/tags/Verkaufsverbot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Verkaufsverbot</a> von <a href="https://ruhr.social/tags/Lachgas" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lachgas</a> an <a href="https://ruhr.social/tags/Minderj%C3%A4hrige" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Minderjährige</a> in <a href="https://ruhr.social/tags/Dortmund" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Dortmund</a> ist in Kraft getreten. Der <a href="https://ruhr.social/tags/Stadtrat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Stadtrat</a> teilt die Sorge vor gesundheitlichen Gefahren des <a href="https://ruhr.social/tags/Konsums" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Konsums</a>. <a href="https://ruhr.social/tags/Gesundheit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Gesundheit</a> <a href="https://ruhr.social/tags/Politik" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Politik</a> <a href="https://ruhr.social/tags/Polizei" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Polizei</a> <a href="https://ruhr.social/tags/Rat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Rat</a> <a href="https://www.nordstadtblogger.de/ratsbeschluss-das-verkaufsverbot-von-lachgas-an-minderjaehrige-in-dortmund-ist-in-kraft-getreten/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.nordstadtblogger.de/ratsbeschluss-das-verkaufsverbot-von-lachgas-an-minderjaehrige-in-dortmund-ist-in-kraft-getreten/</a>

BrulexIa suite des images pour mon prochain livre."La genèse" peinture acrylique et encre / 35 x 35 cm. / 2024<a href="https://mastodon.social/tags/painting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#painting</a> <a href="https://mastodon.social/tags/peinture" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#peinture</a> <a href="https://mastodon.social/tags/paint" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#paint</a> <a href="https://mastodon.social/tags/art" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#art</a> <a href="https://mastodon.social/tags/artwork" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#artwork</a> <a href="https://mastodon.social/tags/dessin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#dessin</a> <a href="https://mastodon.social/tags/drawing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#drawing</a> <a href="https://mastodon.social/tags/book" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#book</a> <a href="https://mastodon.social/tags/livre" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#livre</a> <a href="https://mastodon.social/tags/animals" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#animals</a> <a href="https://mastodon.social/tags/genese" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#genese</a> <a href="https://mastodon.social/tags/rat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rat</a> <a href="https://mastodon.social/tags/paintings" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#paintings</a> <a href="https://mastodon.social/tags/inking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#inking</a> <a href="https://mastodon.social/tags/acrylic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#acrylic</a> <a href="https://mastodon.social/tags/artwork" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#artwork</a> <a href="https://mastodon.social/tags/encre" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#encre</a> <a href="https://mastodon.social/tags/illustration" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#illustration</a> <a href="https://mastodon.social/tags/texts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#texts</a> <a href="https://mastodon.social/tags/story" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#story</a> <a href="https://mastodon.social/tags/artbook" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#artbook</a> <a href="https://mastodon.social/tags/poembook" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#poembook</a> <a href="https://mastodon.social/tags/edition" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#edition</a> <a href="https://mastodon.social/tags/horreurduvide" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#horreurduvide</a> <a href="https://mastodon.social/tags/brulex" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#brulex</a> <a href="https://mastodon.social/tags/surreal" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#surreal</a> <a href="https://mastodon.social/tags/surrealism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#surrealism</a> <a href="https://mastodon.social/tags/painting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#painting</a> <a href="https://mastodon.social/tags/darkillustration" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#darkillustration</a> <a href="https://mastodon.social/tags/stories" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#stories</a>

Recent searches

Search options

Administered by:

Server stats:

#rat