匚ㄚ乃乇尺ㄖᐯ乇尺ㄥㄖ卂ᗪ @Cyber0verload - Twitter Profile

3 months ago

The AirSnitch Attack Bypasses Wi-Fi Encryption Security researchers have presented a series of attacks called AirSnitch, which exploit issues in the network stack and allow attackers to bypass client isolation in Wi-Fi networks. The problem affects routers from Netgear, D-Link, Ubiquiti, and Cisco, as well as devices running DD-WRT and OpenWrt We made an article to show you how to defend against it https://t.co/u4thhRm2gc @three_cube @_aircorridor #cybersecurity

co11ateral's tweet photo. The AirSnitch Attack Bypasses Wi-Fi Encryption

Security researchers have presented a series of attacks called AirSnitch, which exploit issues in the network stack and allow attackers to bypass client isolation in Wi-Fi networks. The problem affects routers from Netgear, D-Link, Ubiquiti, and Cisco, as well as devices running DD-WRT and OpenWrt

We made an article to show you how to defend against it

https://t.co/u4thhRm2gc

@three_cube @_aircorridor #cybersecurity

2

206

52

252

33K

匚ㄚ乃乇尺ㄖᐯ乇尺ㄥㄖ卂ᗪ @Cyber0verload

13 days ago

🛡️Hardening in 2026

Florian Roth ⚡️

@cyb3rops

13 days ago

VSCode Shift + Command + P (Mac) Ctrl + Shift + P (Windows/Linux) Disable Auto Update for All Extensions

3

121

23

61

12K

0

3

0

1

718

Cyber0verload retweeted

Medusa

@medusa_0xf

16 days ago

Microsoft just confirmed CVE-2026-42897 is being actively exploited in the wild. The target? Outlook Web Access. No malicious link. No attachment. Just open the email. I broke down exactly how the attack works 👇 https://t.co/DNCKVa3bQQ

medusa_0xf's tweet photo. Microsoft just confirmed CVE-2026-42897 is being actively exploited in the wild.

The target? Outlook Web Access.

No malicious link. No attachment. Just open the email.

I broke down exactly how the attack works 👇
https://t.co/DNCKVa3bQQ https://t.co/B2xDlCyYHO

9

309

66

224

67K

Cyber0verload retweeted

ESET Research

@ESETresearch

21 days ago

#ESETresearch uncovered a new compromise that we attribute to #FrostyNeighbor, using links in malicious PDFs sent via spearphishing attachments to target governmental organizations in Ukraine. @dmnsch https://t.co/2x75QnEMIe 1/5

ESETresearch's tweet photo. #ESETresearch uncovered a new compromise that we attribute to #FrostyNeighbor, using links in malicious PDFs sent via spearphishing attachments to target governmental organizations in Ukraine. @dmnsch https://t.co/2x75QnEMIe 1/5 https://t.co/xyCo5Z0UCn

2

52

26

12

9K

Who to follow

C2IntelFeedsBot

@drb_ra

Mostly here for posting C2s. Thank you to @modat_magnify for the raw data. Grateful to @censysio for the support in past years.

Germán Fernández

@1ZRR4H

🏴‍☠️ OFFENSIVE-INTEL 🏴‍☠️ Cyber Threat Intelligence by Hackers | Security Researcher at https://t.co/rDrSxZStZD | @CuratedIntel Member | 🥷🧠🇨🇱

Tommy M (TheAnalyst)

@ffforward

Threat Researcher @proofpoint | @Cryptolaemus1

Cyber0verload retweeted

Mr. OS @ksg93rd

about 1 month ago

#reversing The Cost of Understanding: LLM-Driven Reverse Engineering vs Iterative LLM Obfuscation https://t.co/sGJRCcANUW // Elastic Security Labs explores the ongoing arms race between LLM-driven reverse engineering and obfuscation..

0

8

2

6

1K

匚ㄚ乃乇尺ㄖᐯ乇尺ㄥㄖ卂ᗪ @Cyber0verload

24 days ago

#AiSOC #SOC #IRP #CTI

Beenu Arora @beenu_a

28 days ago

Open-sourcing AiSOC today. Autonomous SOC, rebuilt for AI agents. LangGraph orchestrator. Signed Investigation Ledger. Public eval harness on 200 incidents. 11-tool MCP server. MIT, self-hostable. Demo: https://t.co/nm1n6JBHAW Repo: https://t.co/qUwOJw4hY1

2

4

3

6

2K

0

6

2

6

1K

Cyber0verload retweeted

Beenu Arora @beenu_a

28 days ago

Open-sourcing AiSOC today. Autonomous SOC, rebuilt for AI agents. LangGraph orchestrator. Signed Investigation Ledger. Public eval harness on 200 incidents. 11-tool MCP server. MIT, self-hostable. Demo: https://t.co/nm1n6JBHAW Repo: https://t.co/qUwOJw4hY1

2

4

3

6

2K

Cyber0verload retweeted

Florian Roth ⚡️

@cyb3rops

24 days ago

Another LPE vector on Linux ... I lost count ... https://t.co/LL2BUe112O

8

488

91

295

49K

Cyber0verload retweeted

Kseniia \n @naumovax

27 days ago

#phishing + #backdoor + #ransom = 🧉 C2 (more than 100 of them!): endlessai\.io socolive\.studio novatoken\.io xoilac-3\.com techieankit\.in cakhia03\.tv ... POST requests have 4 body-values: SCREEN, FAST_BEACON, CLIP, HEARTBEAT https://t.co/pbkyDtrKgq https://t.co/Mjxe9p8AWO

$naumovax's tweet photo. #phishing + #backdoor + #ransom = 🧉 C2 (more than 100 of them!): endlessai\.io socolive\.studio novatoken\.io xoilac-3\.com techieankit\.in cakhia03\.tv ... POST requests have 4 body-values: SCREEN, FAST_BEACON, CLIP, HEARTBEAT https://t.co/pbkyDtrKgq https://t.co/Mjxe9p8AWO https://t.co/eVagPxFEBw$

2

81

17

37

4K

匚ㄚ乃乇尺ㄖᐯ乇尺ㄥㄖ卂ᗪ @Cyber0verload

27 days ago

#UAC0050 #DaVinciGroup

Maverits @Maverits

27 days ago

🚨 UAC-0050 conducts a new attack delivering NetSupport Manager + DeskHelper. NetSupport Manager = legitimate remote admin tool abused as RAT. DeskHelper = legitimate app abused for persistence via scheduled tasks. 1/2

1

2

1

0

1K

0

1

2

0

1K

Cyber0verload retweeted

Steven Lim

@0x534c

about 1 month ago

CVE-2026-31431 Windows WSL2 ROOTED No MDE log telemetry recorded.😅 #Cybersecurity #DefenderXDR #CVE202631431

5

450

62

224

36K

Cyber0verload retweeted

Dark Web Informer @DarkWebInformer

about 1 month ago

‼️ CVE-2026-32223: Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability

3

304

69

149

32K

Cyber0verload retweeted

blackorbird

@blackorbird

about 2 months ago

Mapping Ottercookie Infrastructure services.http.response.body_hashes="sha256:843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c" and services.banner_hashes="sha256:31d55cb5dd194cd99387d386e84d8b24d340c0b52983ce630f0aafd70fee008c" and services.port="17500" ref: https://t.co/S3fGuDphDf

blackorbird's tweet photo. Mapping Ottercookie Infrastructure
services.http.response.body_hashes="sha256:843ac01149cced785dfebd0028d3b03ba78e286e1c6f9517ebfcdb609d97af4c" and services.banner_hashes="sha256:31d55cb5dd194cd99387d386e84d8b24d340c0b52983ce630f0aafd70fee008c" and services.port="17500"
ref:
https://t.co/S3fGuDphDf

0

10

6

4

8K

Cyber0verload retweeted

faulty *ptrrr

@0x_shaq

about 2 months ago

CTF in 2026

27

2K

207

166

110K

Cyber0verload retweeted

DevopsCube

@devopscube

2 months ago

Falco Operator v0.2.0 is here. The Falco Operator just added a new Components CRD. Earlier, you had to manage Falco using the Operator and deploy Falcosidekick separately with Helm. Two different approaches. More moving parts. Now, one operator manages everything. No need for separate Helm charts for Falcosidekick or the UI. You define everything using Falco’s custom resources, and the operator handles the rest. 𝗥𝗲𝗹𝗲𝗮𝘀𝗲 𝗻𝗼𝘁𝗲𝘀: https://t.co/kx9GfvgC2M If you are working on runtime security in Kubernetes, this is worth trying. #Kubernetes #Falco #DevOps #Security

devopscube's tweet photo. Falco Operator v0.2.0 is here.

The Falco Operator just added a new Components CRD.

Earlier, you had to manage Falco using the Operator and deploy Falcosidekick separately with Helm.

Two different approaches. More moving parts.

Now, one operator manages everything.

No need for separate Helm charts for Falcosidekick or the UI.

You define everything using Falco’s custom resources, and the operator handles the rest.

𝗥𝗲𝗹𝗲𝗮𝘀𝗲 𝗻𝗼𝘁𝗲𝘀: https://t.co/kx9GfvgC2M

If you are working on runtime security in Kubernetes, this is worth trying.

#Kubernetes #Falco #DevOps #Security

0

16

3

11

3K

Cyber0verload retweeted

InfoGuard Labs

@InfoGuard_Labs

3 months ago

Abusing Cortex XDR Live Terminal as C2 We reverse-engineered the IR payload and found ways to route EDR traffic to attacker-controlled tenants or custom servers. Living off the Land #LOTL with EDRs. Full write-up by @p0w1_ 👇https://t.co/GezxRCBcDn

0

66

26

42

8K

匚ㄚ乃乇尺ㄖᐯ乇尺ㄥㄖ卂ᗪ @Cyber0verload

3 months ago

Possible #Vidar #Stealer C2: 216.126.236[.]17 CMD: GoogleUpdate.exe --exec 216.126.236[.]17 hxxps://cloudaxis[.]cc/gsmft/yueu/fkvqld/tvqqwh/ushu/update[.]exe hxxps://cloudaxis[.]cc/gsmft/yueu/fkvqld/tvqqwh/ushu/22[.]exe hxxps://t[.]me/flufff6262

Cyber0verload's tweet photo. Possible #Vidar #Stealer

C2: 216.126.236[.]17
CMD: GoogleUpdate.exe --exec 216.126.236[.]17

hxxps://cloudaxis[.]cc/gsmft/yueu/fkvqld/tvqqwh/ushu/update[.]exe
hxxps://cloudaxis[.]cc/gsmft/yueu/fkvqld/tvqqwh/ushu/22[.]exe

hxxps://t[.]me/flufff6262 https://t.co/yfXalk0tzM

Szabolcs Schmidt

@smica83

4 months ago

'Dogovor.rar' seen from Ukraine @abuse_ch https://t.co/iLPdIbx85Z CVE-2025-8088, CVE-2025-6218 @500mk500

0

4

0

3K

0

11

2

4

4K

匚ㄚ乃乇尺ㄖᐯ乇尺ㄥㄖ卂ᗪ @Cyber0verload

4 months ago

@500mk500 #APT #Gamaredon #PrimitiveBear #TridentUrsa #UAC0010 🤡 🔴IOCs *[.]pernicious[.]workers[.]dev *[.]pgffe70962-268[.]workers[.]dev *[.]fewfgwegf[.]workers[.]dev *[.]go0glee[.]workers[.]dev *[.]tmwco85016[.]workers[.]dev *[.]warker[.]workers[.]dev *[.]wznye68531[.]workers[.]dev

0

7

1

2K

匚ㄚ乃乇尺ㄖᐯ乇尺ㄥㄖ卂ᗪ @Cyber0verload

4 months ago

#APT #Gamaredon #PrimitiveBear #TridentUrsa #UAC0010 🤡 🎯Keep your eyes on this: *[.]loophole[.]site 🔴IOCs perspicacious[.]ru notathird[.]online moressa[.]online ansowhat[.]online oclouds[.]online *[.]drunk-bear[.]workers[.]dev *[.]yahhoo[.]workers[.]dev cc @500mk500

匚ㄚ乃乇尺ㄖᐯ乇尺ㄥㄖ卂ᗪ @Cyber0verload

about 1 year ago

#APT #Gamaredon #PrimitiveBear #TridentUrsa #UAC0010 🤡 🎯Keep your eyes on this: *.localhost[.]run *.lhr[.]life *.workers[.]dev *.trycloudflare[.]com 🔴IOCs: *.chocolate695.workers[.]dev *.70federal.workers[.]dev *.3022protestant.workers[.]dev *.213rrfgv.workers[.]dev

1

22

5

4

6K

2

17

2

6

3K

匚ㄚ乃乇尺ㄖᐯ乇尺ㄥㄖ卂ᗪ @Cyber0verload

4 months ago

@500mk500 #APT #Gamaredon #PrimitiveBear #TridentUrsa #UAC0010 🤡 🔴IOCs *[.]npvcr24265[.]workers[.]dev *[.]avhcz36777[.]workers[.]dev *[.]dpbki57860[.]workers[.]dev *[.]yojyk05723[.]workers[.]dev *[.]lgrpl85754[.]workers[.]dev *[.]rgrem29013[.]workers[.]dev *[.]rspqf54995[.]workers[.]dev

0

4

1

0

1K

匚ㄚ乃乇尺ㄖᐯ乇尺ㄥㄖ卂ᗪ

@Cyber0verload

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users