Sotwe logo Sotwe logo
CTI__Updates's profile banner image
CTI__Updates's profile image

CTI Updates

Verified account

@CTI__Updates

Updates about all things threat intelligence & updates about stuffs going on in the cybersec, ransomware, OSINT, SOCMINT, and hacking communities. #threatintel
in the wires
Joined January 2026
889 Following
185 Followers
80 Posts
CTI__Updates  retweeted
DarkWebInformer's profile image
Dark Web Informer @DarkWebInformer
Threat Actor Username Search: Search through 2M+ threat actor usernames and find where they operate Link: https://t.co/HOoxZ5Ezkh Credit: @CTI__Updates
DarkWebInformer's tweet photo. Threat Actor Username Search: Search through 2M+ threat actor usernames and find where they operate Link: https://t.co/HOoxZ5Ezkh Credit: @CTI__Updates https://t.co/BqTlyZQOKu
3
36
4
30
3K
CTI__Updates  retweeted
DarkWebInformer's profile image
Dark Web Informer @DarkWebInformer
‼️ Nightmare Eclipse is back on GitHub under a new alias and has released a new Windows Defender vulnerability zero-day called RoguePlanet. PoC: https://t.co/n0xF6uGt4u New GitHub Account: https://t.co/qwU93VedpH
DarkWebInformer's tweet photo. ‼️ Nightmare Eclipse is back on GitHub under a new alias and has released a new Windows Defender vulnerability zero-day called RoguePlanet. PoC: https://t.co/n0xF6uGt4u New GitHub Account: https://t.co/qwU93VedpH https://t.co/7ih8xrXJI0
4
276
49
91
15K
CTI__Updates's profile image
CTI Updates Verified account @CTI__Updates
@zekly_ @DarkWebInformer @vxunderground these are usernames straight up scraped from forums mainly so someone made those usernames on a forum. unfortunately anyone can make their username anything they want.
0
0
0
0
12
CTI__Updates  retweeted
IntelOpsV3's profile image
IntelOps Verified account @IntelOpsV3
https://t.co/YC4ii76Xza by @CTI__Updates Input a username and locate active forum accounts, very useful for your OSINT research or finding posts shared on X
IntelOpsV3's tweet photo. https://t.co/YC4ii76Xza by @CTI__Updates Input a username and locate active forum accounts, very useful for your OSINT research or finding posts shared on X https://t.co/y9UJrZkg2u
9
401
62
432
21K
CTI__Updates  retweeted
v12sec's profile image
V12 Verified account @v12sec
firefox focus universal xss 0day (universal account takeover) this is still unpatched after almost a year in disclosure so we are releasing our poc
48
3K
198
2K
1M
CTI__Updates's profile image
CTI Updates Verified account @CTI__Updates
Qilin ransomware group lists The Banyans, a private rehabilitation facility located in Brisbane’s hinterland. #osint #threatintel #australia #rehab #healthcare
CTI__Updates's tweet photo. Qilin ransomware group lists The Banyans, a private rehabilitation facility located in Brisbane’s hinterland. #osint #threatintel #australia #rehab #healthcare https://t.co/aD8xsKZm5c
0
3
0
0
333
CTI__Updates's profile image
CTI Updates Verified account @CTI__Updates
Qilin ransomware group lists Isuzu Motors Thailand (https://t.co/PeJhx8nvJK) as a victim. #osint #threatintel #vehicles #cars #thai #raas
CTI__Updates's tweet photo. Qilin ransomware group lists Isuzu Motors Thailand (https://t.co/PeJhx8nvJK) as a victim. #osint #threatintel #vehicles #cars #thai #raas https://t.co/FLLUdGQ56h
0
0
0
0
218
CTI__Updates's profile image
CTI Updates Verified account @CTI__Updates
Akira ransomware group lists HRC Sicherheitsdienste, a family-owned security service provider with more than 45 years of experience. The group claims it will soon publish 24 GB of corporate data, including employee information, German passports and IDs, credit cards, payment details, financials, agreements, contracts, and confidential documents. #osint #threatintel #raas #german #germany
CTI__Updates's tweet photo. Akira ransomware group lists HRC Sicherheitsdienste, a family-owned security service provider with more than 45 years of experience. The group claims it will soon publish 24 GB of corporate data, including employee information, German passports and IDs, credit cards, payment details, financials, agreements, contracts, and confidential documents. #osint #threatintel #raas #german #germany
0
0
0
0
172
CTI__Updates's profile image
CTI Updates Verified account @CTI__Updates
Newer ransomware group BlackX has listed one new victim on its leak site. The company has not been named yet, but the listing identifies it as a Japanese organization. #osint #threatintel #raas
CTI__Updates's tweet photo. Newer ransomware group BlackX has listed one new victim on its leak site. The company has not been named yet, but the listing identifies it as a Japanese organization. #osint #threatintel #raas https://t.co/p1cHidsGbB
0
1
0
0
195
CTI__Updates  retweeted
IntCyberDigest's profile image
International Cyber Digest Verified account @IntCyberDigest
❗️Lexar's regional manager says RAM prices are expected to double by the end of 2026. The current "stable" pricing is an illusion. • Discounts mean sellers are dumping old stock before higher-priced inventory arrives. • AI demand is pulling nearly all chip capacity toward high-bandwidth memory, leaving consumers last in line.
IntCyberDigest's tweet photo. ❗️Lexar's regional manager says RAM prices are expected to double by the end of 2026. The current "stable" pricing is an illusion. • Discounts mean sellers are dumping old stock before higher-priced inventory arrives. • AI demand is pulling nearly all chip capacity toward high-bandwidth memory, leaving consumers last in line.
8
345
49
63
32K
CTI__Updates  retweeted
_IMalihi_'s profile image
TraiLeR Verified account @_IMalihi_
#DPRK #Kimsuky #APT43 #ThreatHunting IP Addresses: 123[.]58[.]201[.]34 152[.]32[.]138[.]131 152[.]32[.]243[.]178 101[.]36[.]114[.]231 101[.]36[.]114[.]66 118[.]193[.]69[.]19 123[.]58[.]201[.]2 118[.]193[.]68[.]242 152[.]32[.]139[.]36 152[.]32[.]243[.]238 123[.]58[.]200[.]69 123[.]58[.]200[.]119 118[.]193[.]69[.]245 101[.]36[.]114[.]248 118[.]193[.]68[.]25 118[.]194[.]249[.]154 118[.]193[.]69[.]44 152[.]32[.]138[.]158 118[.]193[.]69[.]37 118[.]194[.]248[.]158 123[.]58[.]201[.]222 118[.]193[.]68[.]11 118[.]194[.]248[.]95 101[.]36[.]114[.]215 118[.]194[.]248[.]246 118[.]194[.]249[.]36 152[.]32[.]138[.]146 123[.]58[.]200[.]186 152[.]32[.]138[.]225 123[.]58[.]201[.]8 118[.]193[.]68[.]95 152[.]32[.]243[.]215 152[.]32[.]243[.]169 118[.]193[.]69[.]100 101[.]36[.]114[.]24 165[.]154[.]52[.]21 152[.]32[.]243[.]224 152[.]32[.]138[.]167 152[.]32[.]138[.]172 101[.]36[.]114[.]83 152[.]32[.]138[.]116 152[.]32[.]139[.]104 118[.]194[.]248[.]103 Domains: bing-tost15[.]com zbtnvpxgykzo[.]top smubo-seurs[.]com www[.]mois-viewer[.]o-r[.]kr 6441056b613c32a9[.]invoice[.]naver[.]document[.]smt[.]evot[.]mnm[.]xn-----pc2i9rg5k15qctmolhpsan6pplbk6k[.]viewer-server[.]p-e[.]kr 090[.]apollo-page[.]kro[.]kr ndilogin[.]apollo-page[.]r-e[.]kr nidlogin[.]apollo-page[.]r-e[.]kr https-nld[.]xn--939a1gynmpm0ukuoxtbq59g[.]xn--lu5bv5y[.]xn--hk3b17f[.]xn--3e0b707e http-nld[.]xn--939a1gynmpm0ukuoxtbq59g[.]xn--lu5bv5y[.]xn--hk3b17f[.]xn--3e0b707e xn--pz2bq8r[.]mois-viewer[.]o-r[.]kr xn--220b630b[.]xn--pz2bq8r[.]mois-viewer[.]o-r[.]kr xn----wb6epoz76dbih4tag1h[.]xn--220b630b[.]xn--pz2bq8r[.]mois-viewer[.]o-r[.]kr ncoddbverify[.]v6[.]army www[.]ncodcjverify[.]dns[.]army nids[.]ncodcvverify[.]dns[.]navy ncodcvverify[.]dns[.]navy ncodcuverify[.]dns[.]navy nid[.]ncodcrverify[.]dns[.]navy ncodcsverify[.]dns[.]navy ncodcqverify[.]dns[.]navy ncodcrverify[.]dns[.]navy navs[.]ncodcrverify[.]dns[.]navy nidlogins[.]ncodcnverify[.]dns[.]navy ncodcoverify[.]dns[.]navy navs[.]ncodcoverify[.]dns[.]navy ncodcnverify[.]dns[.]navy nid[.]ncodcnverify[.]dns[.]navy ncodcmverify[.]dns[.]navy ncodckverify[.]dns[.]navy nids[.]ncodckverify[.]dns[.]navy ncodcjverify[.]dns[.]army ncodcgverify[.]dynv6[.]net navs[.]ncodcgverify[.]dynv6[.]net ncodcdverify[.]dynv6[.]net nidlogins[.]ncodcdverify[.]dynv6[.]net navs[.]ncodcbverify[.]dynv6[.]net nidlogins[.]ncodcbverify[.]dynv6[.]net ncodcbverify[.]dynv6[.]net nidloes[.]ncodcbverify[.]dynv6[.]net ncodbzverify[.]dynv6[.]net www[.]ncodbyverify[.]dynv6[.]net ncodbyverify[.]dynv6[.]net www[.]ndocavverify[.]dynv6[.]net www[.]ncodbvverify[.]dynv6[.]net www[.]ndocauverify[.]dynv6[.]net www[.]ncodbsverify[.]dynv6[.]net www[.]ndocawverify[.]dynv6[.]net ncodbvverify[.]dynv6[.]net nid[.]ncodbvverify[.]dynv6[.]net ncodbsverify[.]dynv6[.]net www[.]ndocazverify[.]dynv6[.]net ndocazverify[.]dynv6[.]net notification-kmcc[.]dns[.]navy auth[.]notification-kmcc[.]dns[.]navy www[.]edeliever-address-verify[.]biz delivery-info-review[.]dns[.]army inform[.]delivery-info-review[.]dns[.]army www[.]appleviewer[.]sbs k-delivery-post[.]v6[.]rocks secure-delivery-net[.]v6[.]army token[.]k-delivery-post[.]v6[.]rocks www[.]epdf-user-view[.]quest www[.]urgent-notice-check[.]click www[.]public-revenue-info[.]biz www[.]digital-notice-kr[.]sbs www[.]official-notice[.]click edeliever-address-verify[.]biz appleviewer[.]sbs digital-notice-kr[.]sbs public-revenue-info[.]biz www[.]digital-post[.]live urgent-notice-check[.]click epdf-user-view[.]quest digital-post[.]live official-notice[.]click tech-nid[.]z1gd[.]a93xkcs4y2[.]v6[.]army invoice-doc[.]tj5jw[.]rea5wljzgp[.]dns[.]army ipsdoc[.]groups[.]id redirect-nid[.]pluv[.]kd0wcadw5v[.]dns[.]army ndoc[.]nid-tax[.]abrdns[.]com 93vf4b71cv[.]dynv6[.]net du0oakjsbs[.]dynv6[.]net gbotlft7b7[.]dynv6[.]net irg8gqizqz[.]dns[.]army ie7up41y3x[.]dynv6[.]net 1br8jch4r2l[.]dns[.]army 7l30nhkxuv[.]dynv6[.]net 0grde8ebon[.]dns[.]army 2tj40eda2f[.]dynv6[.]net 4nu00ypt6u[.]dynv6[.]net jghs63qw5w[.]v6[.]army 5a8zsghait2[.]dns[.]army picid1fdl6[.]dynv6[.]net i3idbzcf7m[.]dynv6[.]net ke6jp62jt2[.]dynv6[.]net zwrymm61og4[.]dns[.]army 73tlkp3alr[.]dynv6[.]net suyny3rnd6[.]v6[.]army oz3oqqrrxl[.]dns[.]army 7f44zhxz1x2[.]dns[.]navy ug4kghrroou[.]dns[.]navy cox7y4ipua[.]dns[.]navy check[.]086k3a[.]93vf4b71cv[.]dynv6[.]net www[.]ndoc-post[.]cloud-ip[.]cc 6pzmcnjfl7e[.]dns[.]navy l5m2cxdaxjy[.]dns[.]navy 1jjrv5oset8[.]dns[.]navy gpi7ynn4oqp[.]dns[.]navy o46r3ey36xw[.]dns[.]navy mois-nid[.]i0zhs[.]o46r3ey36xw[.]dns[.]navy fm4yoenkfru[.]dns[.]navy vmdm9xw4swx[.]dns[.]navy nid-session[.]govt[.]hu nidauth[.]4sifx[.]ug4kghrroou[.]dns[.]navy mos-nid[.]wazd9[.]7f44zhxz1x2[.]dns[.]navy uh431hluirw[.]dns[.]navy www[.]maincert[.]1cooldns[.]com guider[.]serverpit[.]com www[.]ndcondi[.]nooeg[.]1cooldns[.]com www[.]nooeg[.]1cooldns[.]com maincert[.]1cooldns[.]com nchosedirect[.]maincert[.]1cooldns[.]com nchosedirect[.]nooeg[.]1cooldns[.]com nooeg[.]1cooldns[.]com ndcondi[.]nooeg[.]1cooldns[.]com hlbr31s20w[.]v6[.]army nchosedirect[.]connection[.]n-e[.]kr nusersec[.]dns[.]navy ninvoice[.]nusersec[.]dns[.]navy ndoctax[.]dns[.]navy nid[.]ndoctax[.]dns[.]navy nid[.]naver[.]electricalone[.]com nid[.]naver[.]adworldlog[.]com nid[.]naver[.]courter[.]com er-edoc[.]ezgateway[.]net view[.]ips-nifty[.]dns[.]navy mld[.]navers[.]mew-pol[.]dns[.]navy jjzg[.]edoc[.]nts-hkiyum[.]dns[.]navy aekfz[.]ips-bank[.]dns[.]navy login[.]nodc-view[.]dns[.]navy otp[.]er-edoc[.]ezgateway[.]net uood[.]ips-kr[.]dns[.]army zxzc[.]edoc[.]ips-bang[.]dynv6[.]net taeo[.]edoc[.]ips-mew[.]dynv6[.]net access[.]ips-nifty[.]dns[.]navy djhl[.]edoc[.]ips-bang[.]dynv6[.]net info[.]edoc-mane[.]dns[.]army info[.]edoc-manc[.]dns[.]navy info[.]edoc-one[.]dns[.]navy ndbp[.]political-view[.]dns[.]army mld[.]edoc[.]pol-otp[.]dns[.]navy mood[.]navers[.]mew-pol[.]dns[.]navy mood[.]police-service[.]dns[.]army request[.]my-epost-order[.]dns[.]navy manage[.]cdn-verifying[.]homes www[.]alarm-doc-review[.]site www[.]confirm-userorder[.]biz www[.]cdn-verifying[.]homes read[.]security-kisa-info[.]dns[.]navy www[.]secsettingcheck[.]quest www[.]k-admin-portal[.]quest www[.]clarifypost[.]forum clarifypost[.]forum www[.]e-billing-service[.]autos k-admin-portal[.]quest secsettingcheck[.]quest alarm-doc-review[.]site e-billing-service[.]autos confirm-userorder[.]biz www[.]paperless-korea[.]one paperless-korea[.]one checko[.]paperless-korea[.]one cdn-verifying[.]homes srghftui[.]cc uterdsxz[.]cc mail[.]appvpensan[.]com hdoc8ns[.]dns[.]navy hdoc5ns[.]dns[.]navy hdoc10ns[.]dns[.]navy hdoc7ns[.]dns[.]navy www[.]hel35ko[.]dynv6[.]net ndoc23nhs[.]dns[.]navy hdoc14ns[.]dns[.]navy hdoc6ns[.]dns[.]navy hls15ro[.]dns[.]army al30nhs[.]dns[.]navy al4nhs[.]dns[.]navy hdoc1ns[.]dns[.]navy hlx7kro[.]dns[.]army nid-user[.]hdoc1ns[.]dns[.]navy www[.]tsx4is[.]dynuddns[.]com www[.]nid-login[.]tsx4is[.]dynuddns[.]com tsx4is[.]dynuddns[.]com nid-login[.]tsx4is[.]dynuddns[.]com al22nhs[.]dns[.]navy nid-user[.]al22nhs[.]dns[.]navy ndoc27nhs[.]dns[.]navy ndoc36nhs[.]dns[.]navy ndoc22nhs[.]dns[.]navy ndoc0nhs[.]dns[.]navy al39nhs[.]dns[.]navy hel33ko[.]dynv6[.]net al17nhs[.]dns[.]navy nid-user[.]al17nhs[.]dns[.]navy nhl2vc[.]dynu[.]org nuser-login[.]nhl2vc[.]dynu[.]org ntmaindoc12th[.]dns[.]army www[.]ntxsourcea65th[.]dynv6[.]net www[.]ntv-method38type[.]dynv6[.]net www[.]ntv-method50type[.]dynv6[.]net www[.]ntv-method88type[.]dynv6[.]net ntxsourcea65th[.]dynv6[.]net www[.]ntjune80th[.]dynv6[.]net www[.]ntxsourcea40th[.]dynv6[.]net www[.]ntdoc-epayload65s[.]dynv6[.]net ntjune80th[.]dynv6[.]net ntdoc-epayload65s[.]dynv6[.]net ntxsourcea40th[.]dynv6[.]net ntservicer68th[.]dns[.]army www[.]ntjune57th[.]dynv6[.]net ntservicer97th[.]dns[.]army ntjune1th[.]dynv6[.]net ntxsourcea18th[.]dynv6[.]net ntjune37th[.]dynv6[.]net ntjune57th[.]dynv6[.]net www[.]ntxsourcea36th[.]dynv6[.]net ntxsourcea62th[.]dynv6[.]net ntxsourcea72th[.]dynv6[.]net ntservicer98th[.]dns[.]army ntxsourcea36th[.]dynv6[.]net ntxsourcea10th[.]dynv6[.]net www[.]ntjune76th[.]dynv6[.]net ntxsourcea45th[.]dynv6[.]net ntxsourcea2th[.]dynv6[.]net ntxsourcea73th[.]dynv6[.]net ntjune76th[.]dynv6[.]net www[.]ntv-method78type[.]dynv6[.]net www[.]ntv-method75type[.]dynv6[.]net www[.]ntv-method80type[.]dynv6[.]net www[.]ntv-method54type[.]dynv6[.]net www[.]ntv-method53type[.]dynv6[.]net www[.]ntv-method42type[.]dynv6[.]net www[.]resourcentdoc86th[.]dynv6[.]net www[.]nt-taxbill51th[.]dynv6[.]net www[.]ntjune14th[.]dynv6[.]net www[.]ntjune27th[.]dynv6[.]net nts-doc[.]dns[.]army txmfeidfzs[.]dns[.]navy g3odkh1zx2q[.]dns[.]army xp2xbk8ukme[.]dns[.]army nidauth[.]b473s1[.]022hucku25u[.]dns[.]navy nid-log[.]9frf[.]j26f2jp0q6v[.]v6[.]navy ndoc[.]5jiuas[.]gha84kbfex6[.]dns[.]navy ndoc[.]h48g65[.]o7dtm8hqny3[.]v6[.]navy ninvoice[.]tjepqo[.]5np5cfu3uqi[.]v6[.]navy nid[.]nmlist[.]p-e[.]kr ndoc-support[.]2chs[.]pobb0fec9oy[.]v6[.]navy t6n0tgju441[.]v6[.]navy 7bh35m2hwx9[.]dns[.]army www[.]wos-nver[.]abrdns[.]com 2brpj4v0n4f[.]dns[.]navy 1exi8anhok2[.]dns[.]navy j7uv8yww6la[.]dns[.]navy 6unv9e8nulu[.]v6[.]navy juqc7swtyb[.]v6[.]army 3pc3b9ph4f7[.]dns[.]navy chatai[.]trcipg[.]top noreply[.]gov[.]ydns[.]eu korbit[.]work[.]gd tablenote[.]dynv6[.]net www[.]tablenote[.]dynv6[.]net nid[.]naver[.]subsoniclabs[.]com nid[.]naver[.]corporateadworld[.]com nid[.]naver[.]techartsserver[.]com nid[.]naver[.]casepractice[.]com nid[.]naver[.]lifepixeled[.]com nid[.]naver[.]desaindigital[.]com skb375[.]com mhoc11ls[.]dns[.]navy pax36cs[.]dns[.]navy pax14cs[.]dns[.]navy mhoc13ls[.]dns[.]navy mhoc17ls[.]dns[.]navy nid-user[.]mhoc17ls[.]dns[.]navy mhoc7ls[.]dns[.]navy pax11cs[.]dns[.]navy mhoc19ls[.]dns[.]navy pax32cs[.]dns[.]navy nsc13tx[.]dns[.]navy mtx6cs[.]dns[.]navy mtx0cs[.]dns[.]navy mls1sl[.]dns[.]navy nsc23tx[.]dns[.]navy pax19cs[.]dns[.]navy pax33cs[.]dns[.]navy pax37cs[.]dns[.]navy pax31cs[.]dns[.]navy pax38cs[.]dns[.]navy nid-login[.]pax38cs[.]dns[.]navy pax30cs[.]dns[.]navy pax35cs[.]dns[.]navy pax34cs[.]dns[.]navy pax12cs[.]dns[.]navy op6ntyx[.]dns[.]navy op21ntyx[.]dns[.]navy pax17cs[.]dns[.]navy ntc35xt[.]dns[.]navy ntx5exp[.]dns[.]navy niduser[.]1cooldns[.]com nsecpage[.]s55d7l[.]ywcdrzkqzmo[.]dns[.]navy ndoc[.]niduser[.]1cooldns[.]com ninvoice[.]vnbz[.]39cunkk67we[.]dns[.]navy ndoc[.]nisdn[.]1cooldns[.]com nudoc-check[.]dhl2[.]cagh03wcpld[.]dns[.]army mois-auth-log[.]ttl[.]ydns[.]eu nts-doc[.]9iywpm[.]mg21vmhrnuc[.]dns[.]army nudoc-check[.]a7lk6[.]vea4cc4pbgk[.]dns[.]army nid-sign[.]g0uiyz[.]wrg82twv1kl[.]dns[.]navy ccsxfcgr9iq[.]dns[.]navy www[.]ndocreply[.]giize[.]com ndocreply[.]giize[.]com x835dbumebh[.]dns[.]navy eae1usfwr2x[.]v6[.]navy www[.]nid-check[.]o-r[.]kr ywcdrzkqzmo[.]dns[.]navy ss3pr6a1ae2[.]dns[.]navy rhi1altf5vc[.]dns[.]navy qp3lwuwy7lk[.]dns[.]navy embrj3y4f79[.]dns[.]navy gk47z2guhfv[.]dns[.]army m7ayhqorgds[.]dns[.]navy jg66oli7quk[.]v6[.]navy ilhvhrz2ize[.]dns[.]navy dectaur8upb[.]dns[.]navy p7w3p3anpr7[.]dns[.]navy nid-check[.]lmpr[.]p7w3p3anpr7[.]dns[.]navy nidlog[.]q6xir[.]dectaur8upb[.]dns[.]navy nid-sign[.]mi4q[.]ilhvhrz2ize[.]dns[.]navy nivercloud[.]d-n-s[.]name nsign[.]hardsoft[.]nu www[.]redirect[.]abrdns[.]com kpq8p1t81e[.]dns[.]army uvtiwwmlrl[.]dns[.]army nauthlogin[.]dns[.]army vea4cc4pbgk[.]dns[.]army n4zsbi0vab[.]dns[.]army nid-doc[.]naveira[.]tk nid[.]puoios[.]o-r[.]kr zzddwzm[.]cn kr-edoc[.]xubi[.]org nid[.]kr-edoc[.]xubi[.]org access[.]edoc[.]korea-app[.]dns[.]army jfzb[.]coupang[.]dns[.]navy dmf[.]ips-cert[.]dns[.]army view[.]ips-nifty[.]dns[.]army cp10523[.]epost-kr[.]dns[.]army xpo[.]coupang[.]dns[.]navy htax-login[.]nts-kr[.]dns[.]army pc[.]ips-cert[.]dns[.]army cgre[.]ips-activate[.]dns[.]navy cdcb[.]edoc[.]ips-mew[.]dns[.]army rii[.]ips-bang[.]dns[.]army link[.]epost-kr[.]dns[.]army cid[.]nts-top[.]dns[.]army edoc[.]nts-docview[.]dns[.]army info[.]edoc-manc[.]dns[.]army info[.]edoc-one[.]dns[.]army edoc[.]once-view[.]dns[.]army nood[.]nts-xor[.]dns[.]army cbcl[.]cert-view[.]dns[.]army mood[.]mois-view[.]dns[.]army nood[.]police-service[.]dns[.]navy ezarki-eron[.]icu nid[.]naver[.]cloudbarfbag[.]com nid[.]naver[.]strangersduo[.]com nid[.]naver[.]seclogistic[.]com ncodcypass[.]v6[.]army www[.]bn[.]ndocaapass[.]dynv6[.]net navs[.]ncodcppass[.]dns[.]navy nidlogins[.]ncodcppass[.]dns[.]navy ncodcjpass[.]dns[.]army nid[.]ncodcqpass[.]dns[.]navy ncodcppass[.]dns[.]navy ncodcqpass[.]dns[.]navy ncodctpass[.]dns[.]navy ncodcwpass[.]dns[.]navy nid[.]ncodcnpass[.]dns[.]navy ncodcnpass[.]dns[.]navy nidloes[.]ncodcnpass[.]dns[.]navy ncodclpass[.]dns[.]navy nid[.]ncodclpass[.]dns[.]navy nid[.]ncodckpass[.]dns[.]navy ncodckpass[.]dns[.]navy nids[.]ncodckpass[.]dns[.]navy ncodcgpass[.]dynv6[.]net navs[.]ncodcgpass[.]dynv6[.]net nidlogins[.]ncodcipass[.]dns[.]army navs[.]ncodcipass[.]dns[.]army www[.]ncodcepass[.]dynv6[.]net ncodcepass[.]dynv6[.]net nidloes[.]ncodcepass[.]dynv6[.]net www[.]ncodbspass[.]dynv6[.]net www[.]ncodccpass[.]dynv6[.]net www[.]ncodbzpass[.]dynv6[.]net www[.]ncodcbpass[.]dynv6[.]net ncodccpass[.]dynv6[.]net ncodcbpass[.]dynv6[.]net www[.]ncodcapass[.]dynv6[.]net ncodcapass[.]dynv6[.]net ncodbspass[.]dynv6[.]net nid[.]ncodbspass[.]dynv6[.]net nid[.]ncodbzpass[.]dynv6[.]net www[.]ncodbypass[.]dynv6[.]net ncodbzpass[.]dynv6[.]net ncodbypass[.]dynv6[.]net www[.]ncodbvpass[.]dynv6[.]net ncodbvpass[.]dynv6[.]net navs[.]bn[.]ndocaapass[.]dynv6[.]net ndocaapass[.]dynv6[.]net ndocbgpass[.]v6[.]army ndocbfpass[.]v6[.]army www[.]ndocbepass[.]dynv6[.]net ndocbepass[.]dynv6[.]net www[.]ndocbdpass[.]dynv6[.]net ndocbdpass[.]dynv6[.]net www[.]ndocbcpass[.]dynv6[.]net ndocbcpass[.]dynv6[.]net www[.]ndocazpass[.]dynv6[.]net ndocazpass[.]dynv6[.]net www[.]ndocbapass[.]dynv6[.]net ndocbapass[.]dynv6[.]net www[.]ndocaupass[.]dynv6[.]net www[.]ndocatpass[.]dynv6[.]net ndocaupass[.]dynv6[.]net ndocatpass[.]dynv6[.]net www[.]ndocaqpass[.]dynv6[.]net ndocaqpass[.]dynv6[.]net www[.]ndocappass[.]dynv6[.]net ndocappass[.]dynv6[.]net www[.]ndocaopass[.]dynv6[.]net ndocaopass[.]dynv6[.]net www[.]ndocampass[.]dynv6[.]net ndocampass[.]dynv6[.]net www[.]ndocalpass[.]dynv6[.]net ndocalpass[.]dynv6[.]net www[.]ndocakpass[.]dynv6[.]net ndocakpass[.]dynv6[.]net www[.]ndocajpass[.]dynv6[.]net ndocajpass[.]dynv6[.]net www[.]ndocaipass[.]dynv6[.]net ndocaipass[.]dynv6[.]net ndocagpass[.]dynv6[.]net www[.]ndocadpass[.]dynv6[.]net ndocadpass[.]dynv6[.]net www[.]ndocabpass[.]dynv6[.]net ndocabpass[.]dynv6[.]net ndocs2mai1[.]dns[.]army ndocs5mai1[.]dns[.]army ndoc-pass[.]dns[.]army ndocfpass[.]dns[.]army ndocppass[.]dns[.]army ndocnpass[.]dns[.]army ndochpass[.]dns[.]army ndocepass[.]dns[.]army ndocopass[.]dns[.]army ndocbpass[.]dns[.]army dt[.]ndocbpass[.]dns[.]army ndocpass[.]dns[.]army yzjkdaspo[.]top yzopjasdiw[.]top yzopjklfs[.]top yzkjdasiouej[.]top yzjladsiouewk[.]top legx2[.]dns[.]army z1fsd[.]v6[.]rocks www[.]6ez92[.]dns[.]navy y4e0e[.]v6[.]navy hwquo[.]v6[.]navy www[.]dtvsf[.]dns[.]army www[.]27p5m[.]dns[.]army qkqir[.]v6[.]rocks kcdxy[.]dns[.]army check-document-nid[.]dtvsf[.]dns[.]army doc-naver[.]x111a[.]dxavr1fqe8[.]dynv6[.]net nid-redirect[.]s1zis[.]dns[.]army qjktp[.]v6[.]rocks email-verification[.]wavo4[.]v6[.]rocks k1qsa[.]v6[.]rocks wavo4[.]v6[.]rocks lufhn[.]dns[.]army ia3lp[.]v6[.]rocks yzj00ivzg6[.]dynv6[.]net 5ji71[.]v6[.]rocks doc-naver[.]rspp8[.]yzj00ivzg6[.]dynv6[.]net k5ae0[.]v6[.]rocks email-verification[.]k5ae0[.]v6[.]rocks q6vvv[.]v6[.]rocks nid-doc-load[.]u3yte[.]v6[.]rocks xpyen[.]dns[.]navy u3yte[.]v6[.]rocks taxs8mxkhp[.]dynv6[.]net xmu61[.]v6[.]rocks s1zis[.]dns[.]army www[.]gmbolkol[.]online kjbfue2sdjvndfheg3sdfjejvnsdkgjeriu3kfjvierjfhuh3df[.]cfd vbhwy2sdlvkfie3djfheubdfmej3sdlvkfiro[.]cfd djeu2fejwvndfj3gewobkdfmwej3jdfhbmne[.]cfd vbfgeiosdghe12fvnfhrjeddfyet2vndfjeufgisdoew2dfefggerw[.]cfd w2kvfje3fieogjsvnfhwjdsvjfhru3kvjdfhe3vmdnfeh2dvd[.]cfd d2hfjvd3fkejghe3dkvmfbnrhdgwh3fbkglrihd3dkvmfh4dje[.]cfd suw2vndjwivkdfw3sjvnfh4dhvwoifjvmfke2sjnvhfje[.]cfd bmfketsd2dvfghe3fvsgfhbefhut4fgsgew2dvfger[.]cfd hjeuv2idfvkfdlej3gkeibjdfnem3dfhvbgh3hfdvbfd3dfv[.]cfd store[.]auction[.]dynv6[.]net store[.]online-kt[.]dynv6[.]net www[.]chromeupdate[.]mydns[.]vc chromeupdate[.]mydns[.]vc guck[.]top pxl32op[.]dns[.]army pxl29op[.]dns[.]army pox16ep[.]dns[.]army pxl24op[.]dns[.]army pxl28op[.]dns[.]army n-store[.]pxl28op[.]dns[.]army pxl21op[.]dns[.]army pxl16op[.]dns[.]army pxl1op[.]dns[.]army pxl7op[.]dns[.]army www[.]pol4vz[.]dynu[.]org pol4vz[.]dynu[.]org pox22ep[.]dns[.]army pox34ep[.]dns[.]army pox10ep[.]dns[.]army pox23ep[.]dns[.]army pox28ep[.]dns[.]army pox25ep[.]dns[.]army pox2ep[.]dns[.]army pox7ep[.]dns[.]army pox6ep[.]dns[.]army poce31cs[.]dns[.]navy poce32cs[.]dns[.]navy poce22cs[.]dns[.]navy police26cs[.]dns[.]navy poce8cs[.]dns[.]navy n-cloud[.]police26cs[.]dns[.]navy poce10cs[.]dns[.]navy police35cs[.]dns[.]navy police14cs[.]dns[.]navy police5cs[.]dns[.]navy police30cs[.]dns[.]navy police9cs[.]dns[.]navy police16cs[.]dns[.]navy police3cs[.]dns[.]navy police8cs[.]dns[.]navy police2cs[.]dns[.]navy police12cs[.]dns[.]navy asl38ips[.]dns[.]navy asl28ips[.]dns[.]navy asl10ips[.]dns[.]navy pl10als[.]dns[.]navy pl15als[.]dns[.]navy www[.]pold13kr[.]dynv6[.]net www[.]ins19ips[.]dynv6[.]net www[.]iec28px[.]dynv6[.]net www[.]pes28ip[.]dynv6[.]net www[.]ins5ips[.]dynv6[.]net www[.]msi5ex[.]dynv6[.]net www[.]iec12px[.]dynv6[.]net www[.]ins27ips[.]dynv6[.]net pos26ps[.]dns[.]army nuser-login[.]pos26ps[.]dns[.]army pos38ps[.]dns[.]army pos32ps[.]dns[.]army nuser-login[.]pos32ps[.]dns[.]army n-corp[.]pld8ker[.]dynv6[.]net www[.]peld38or[.]dynv6[.]net peld38or[.]dynv6[.]net www[.]plod17kor[.]dynv6[.]net ntsdcom[.]dns[.]army ndoc[.]ntsdcom[.]dns[.]army ndoc[.]nauthorize[.]r-e[.]kr nid[.]2mao5r[.]5szam0syb9u[.]v6[.]navy ndoc[.]tg8s[.]y3a40i9umdr[.]v6[.]navy nid-opiohy[.]b0i1[.]ktvw0gpwhq[.]dns[.]army nistog[.]lwf63[.]ar2aqxha855[.]dns[.]navy nidigsn[.]lwf63[.]ar2aqxha855[.]dns[.]navy pinvoice-nid[.]3c2q8[.]obr3jxs5ie4[.]dns[.]navy y3a40i9umdr[.]v6[.]navy npigoji24sv[.]dns[.]army www[.]ntorg-ins81th[.]dynv6[.]net ntvcorp-ins6th[.]dns[.]army ntorg-ins81th[.]dynv6[.]net nstaticorg67th[.]dynv6[.]net www[.]nstaticorg70th[.]dynv6[.]net www[.]ntorg-ins25th[.]dynv6[.]net nstaticorg83th[.]dynv6[.]net nstaticorg70th[.]dynv6[.]net ntorg-ins25th[.]dynv6[.]net hgfhfj[.]ddnsfree[.]com ncodcwcheck[.]dns[.]navy ncodctcheck[.]dns[.]navy nid[.]ncodctcheck[.]dns[.]navy ncodcpcheck[.]dns[.]navy nid[.]ncodcpcheck[.]dns[.]navy ncodcocheck[.]dns[.]navy nids[.]ncodcocheck[.]dns[.]navy navs[.]ncodcncheck[.]dns[.]navy navs[.]ncodclcheck[.]dns[.]navy ncodcncheck[.]dns[.]navy binfo[.]cert-dns[.]o-r[.]kr www[.]check-self[.]o-r[.]kr information[.]www[.]check-self[.]o-r[.]kr sec[.]information[.]www[.]check-self[.]o-r[.]kr mt[.]sec[.]information[.]www[.]check-self[.]o-r[.]kr niduser[.]mt[.]sec[.]information[.]www[.]check-self[.]o-r[.]kr msc19ox[.]dns[.]navy msc16ox[.]dns[.]navy msc6ox[.]dns[.]navy pxes20es[.]dns[.]navy pxes25es[.]dns[.]navy pxes13es[.]dns[.]navy pxes19es[.]dns[.]navy pxes11es[.]dns[.]navy ntxes36cs[.]dns[.]navy ntxes20cs[.]dns[.]navy ntxes38cs[.]dns[.]navy ntxes31cs[.]dns[.]navy ntag8ks[.]dns[.]navy ntxes33cs[.]dns[.]navy ntxes10cs[.]dns[.]navy ntc16ks[.]dns[.]navy ncog10ks[.]dns[.]navy ncog30ks[.]dns[.]navy ncog3ks[.]dns[.]navy www[.]nids[.]nblog4krs[.]dynu[.]org nblog4krs[.]dynu[.]org nids[.]nblog4krs[.]dynu[.]org ntpx12ee[.]dns[.]army nav-logins[.]ntpx12ee[.]dns[.]army tpox18er[.]dns[.]army nav-logins[.]tpox18er[.]dns[.]army tpox17er[.]dns[.]army nidservers[.]tpox17er[.]dns[.]army ntxr12os[.]dns[.]army ntpx15ee[.]dns[.]army 5w9y60z9yy[.]dynv6[.]net www[.]account-login[.]userauth[.]mydns[.]vc userauth[.]mydns[.]vc user-login[.]userauth[.]mydns[.]vc account-login[.]userauth[.]mydns[.]vc login[.]account-kakao[.]dynv6[.]net 88q858[.]com 88q118[.]com edoc[.]kr-info[.]dns[.]army jjki[.]political-view[.]dns[.]navy qfgh[.]edoc[.]ips-mew[.]dns[.]navy xfh[.]political-view[.]dns[.]navy www[.]ips-bank[.]dynv6[.]net info[.]edoc-mane[.]dns[.]navy info[.]edoc-mand[.]dns[.]army info[.]edoc-mana[.]dns[.]army www[.]edoc-mew[.]dynv6[.]net info[.]edoc-mew[.]dynv6[.]net
1
44
15
25
4K
CTI__Updates  retweeted
Kryx7z's profile image
kryx @Kryx7z
this exploit would have gone triple platinum on ogusers in 2018
7
522
14
84
40K
CTI__Updates  retweeted
cyber__razz's profile image
Abdulkadir | Cybersec Verified account @cyber__razz
Someone hid a self-replicating worm inside 37 npm packages. Written in Rust. Hidden behind an eBPF kernel rootkit. Talking to its operator over Tor. It steals 86 environment variables. AWS keys. GCP keys. Vault secrets. Kubernetes tokens. Your Anthropic API key. Your OpenAI key. Your Exodus wallet seed phrase. Then it uses your own npm credentials to republish itself into your packages. So your code infects the next developer. Who infects the next one. The commits were backdated up to 13 years. The commit author name was “claude.” The malware named itself after the AI to hide in plain sight. The attacker also left their own wallet recovery phrase in the debug data. Nobody is having a good day. Check your preinstall hooks.
90
3K
541
2K
498K
CTI__Updates's profile image
CTI Updates Verified account @CTI__Updates
Krybit ransomware group lists Shantou Huashan Electronic Devices Co., Ltd. (SHEDCL), a Chinese manufacturer of semiconductor devices and electronic components based in Shantou, Guangdong Province. The company produces and distributes components including voltage regulators, transistors, Schottky diodes, wafers, capacitors, inductors, and resistors. #china #chinese #osint #threatintel #cti #raas
CTI__Updates's tweet photo. Krybit ransomware group lists Shantou Huashan Electronic Devices Co., Ltd. (SHEDCL), a Chinese manufacturer of semiconductor devices and electronic components based in Shantou, Guangdong Province. The company produces and distributes components including voltage regulators, transistors, Schottky diodes, wafers, capacitors, inductors, and resistors. #china #chinese #osint #threatintel #cti #raas
0
0
0
0
135
CTI__Updates  retweeted
beyondmemory_io's profile image
BeyondMemory Intelligence. Verified account @beyondmemory_io
Well, well, well. The public JSON formatter sites your developers paste production data into have been quietly publishing every paste for about seven years. Naturally, we read all seven years of it. 200,000+ documents. Cloud keys, SSH keys, payment API keys, whole tax returns with SSNs, people's full identities, bank balances. Nobody hacked anything. People pasted it in to make it look tidy, as you do. Full writeup below. Yes, it's as bad as it sounds.
beyondmemory_io's tweet photo. Well, well, well. The public JSON formatter sites your developers paste production data into have been quietly publishing every paste for about seven years. Naturally, we read all seven years of it. 200,000+ documents. Cloud keys, SSH keys, payment API keys, whole tax returns with SSNs, people's full identities, bank balances. Nobody hacked anything. People pasted it in to make it look tidy, as you do. Full writeup below. Yes, it's as bad as it sounds.
30
1K
293
846
227K
CTI__Updates's profile image
CTI Updates Verified account @CTI__Updates
threat actor diencracked announces they will be stepping away from Breached forum. #osint #threatintel #breached
CTI__Updates's tweet photo. threat actor diencracked announces they will be stepping away from Breached forum. #osint #threatintel #breached https://t.co/mTc6mPmecB
0
9
1
11
2K
CTI__Updates  retweeted
James_inthe_box's profile image
James @James_inthe_box
From #clickfix to #stealc https://t.co/5BA7rhco1x c2: https://pas.canamrent\.com/ cc @k3dg3
James_inthe_box's tweet photo. From #clickfix to #stealc https://t.co/5BA7rhco1x c2: https://pas.canamrent\.com/ cc @k3dg3 https://t.co/4s5pd30NCe
1
47
11
23
4K
CTI__Updates's profile image
CTI Updates Verified account @CTI__Updates
Akira ransomware group lists three new victims on its DLS: Oaks Park, Kennon Worldwide, and T/CCI Manufacturing. The group claims it will soon publish 10 GB of data from Oaks Park, 30 GB from Kennon Worldwide, and 35 GB from T/CCI Manufacturing. Alleged data includes employee information, payment details, contracts, NDAs, client information, financials, and confidential files. #osint #threatintel #raas
CTI__Updates's tweet photo. Akira ransomware group lists three new victims on its DLS: Oaks Park, Kennon Worldwide, and T/CCI Manufacturing. The group claims it will soon publish 10 GB of data from Oaks Park, 30 GB from Kennon Worldwide, and 35 GB from T/CCI Manufacturing. Alleged data includes employee information, payment details, contracts, NDAs, client information, financials, and confidential files. #osint #threatintel #raas
0
1
0
0
80
CTI__Updates's profile image
CTI Updates Verified account @CTI__Updates
@JustWantToQ1 iirc if you have the bot token you can whip up a quick script to spam their telegram channel depending upon how they have it exactly setup
0
0
0
0
98
CTI__Updates's profile image
CTI Updates Verified account @CTI__Updates
LockBit lists Uni-China Group, a Hong Kong-based conglomerate with more than 25 years of history in retail, wholesale trade, logistics, cold storage, and market operations. The group claims to have stolen 170,656 files across 9,075 folders, totaling roughly 195 GB of data. #ransomware #raas #osint #threatintel #china #chinese
CTI__Updates's tweet photo. LockBit lists Uni-China Group, a Hong Kong-based conglomerate with more than 25 years of history in retail, wholesale trade, logistics, cold storage, and market operations. The group claims to have stolen 170,656 files across 9,075 folders, totaling roughly 195 GB of data. #ransomware #raas #osint #threatintel #china #chinese
0
1
0
0
86

Last Seen Users on Sotwe

azert_yyt's profile image
القبايلي النياك ابو زب خشين 🥒🫦
Seen from United States
Burak26744704's profile image
Burak
Seen from Turkey
mommyteresa_1's profile image
₥Ø₥₥Ɏ ₮ɆⱤɆⱤ₳👑 Verified account
Seen from Chile
CuckoldTolga01's profile image
Fatma’nın Oğlu
Seen from United Kingdom
Curiosone2k22's profile image
Curiosone
Seen from United States
oldssbbwlover's profile image
ssbbw / granny hunter
Seen from Turkey
let_me_lickyou's profile image
Let me lick you 18+
Seen from Austria
Donyv2bj's profile image
Dony
Seen from Switzerland
SANANE__AMK_'s profile image
ENSEST - KÜLOTLU ÇORAP - TÜRBANLI - EŞ PAYLASIMI
Seen from Turkey
al41294129's profile image
AL4129
Seen from Vietnam

Trends for you

1
Karmelo Anthony
Under 10K tweets
2
#raindelayquestions
Under 10K tweets
3
Belfast
Under 10K tweets
4
Apache
Under 10K tweets
5
Fable 5
Under 10K tweets
6
GoFundMe
Under 10K tweets
7
Jury
Under 10K tweets
8
Nintendo
Under 10K tweets
9
Teach
Under 10K tweets
10
Black Panthers
Under 10K tweets

Most Popular Users

elonmusk's profile image
1
Elon Musk Verified account
@elonmusk
240.1M followers
barackobama's profile image
2
Barack Obama Verified account
@barackobama
119.3M followers
realdonaldtrump's profile image
3
Donald J. Trump Verified account
@realdonaldtrump
111.6M followers
cristiano's profile image
4
Cristiano Ronaldo Verified account
@cristiano
109.1M followers
narendramodi's profile image
5
Narendra Modi Verified account
@narendramodi
106.9M followers
rihanna's profile image
6
Rihanna Verified account
@rihanna
97.3M followers
nasa's profile image
7
NASA Verified account
@nasa
92.1M followers
justinbieber's profile image
8
Justin Bieber Verified account
@justinbieber
90.6M followers
katyperry's profile image
9
KATY PERRY Verified account
@katyperry
86.9M followers
taylorswift13's profile image
10
Taylor Swift Verified account
@taylorswift13
80.7M followers
ladygaga's profile image
11
Lady Gaga Verified account
@ladygaga
72.3M followers
kimkardashian's profile image
12
Kim Kardashian Verified account
@kimkardashian
69.4M followers
imvkohli's profile image
13
Virat Kohli Verified account
@imvkohli
68.7M followers
youtube's profile image
14
YouTube Verified account
@youtube
68.6M followers
billgates's profile image
15
Bill Gates Verified account
@billgates
63.4M followers
theellenshow's profile image
16
The Ellen Show
@theellenshow
62.5M followers
cnn's profile image
17
CNN Verified account
@cnn
61.9M followers
neymarjr's profile image
18
Neymar Jr Verified account
@neymarjr
61.3M followers
x's profile image
19
X Verified account
@x
60.9M followers
selenagomez's profile image
20
Selena Gomez Verified account
@selenagomez
60M followers