Un tipo armado que dice ser periodista del Círculo Nacional de Prensa nos amenazó a @marvindelcid y a mí. Su seguridad intentó sacar sus armas.
Andaban en carros con placas alteradas ¿Por qué?
Ayúdennos a identificarlos a todos.
Video completo ▶️ https://t.co/KrXchFZbPj
🚨 CYBER INTELLIGENCE ALERT: WEB EXPLOIT INJECTION AND NEOLINK DECONFIGURATION — GUATEMALA 🇬🇹
[STATUS: UNDER SUPERVISION]
The threat actor, fully identified under the alias NemorisHacking, has perpetrated a web exploit injection attack. The actor indicates that they compromised and visually defaced transactional instances of the NeoLink/NeoNet payment gateway infrastructure in Guatemala (.gt). The incident directly affects active transactional links, exposing critical weaknesses in the sanitization of website entry points. According to the evidence collected, the attack replaced the legitimate card payment form with a custom panel titled "The Mirror of Your Shadow," with explicit text attributing the compromise to the attacker.
🏢 Affected Entity: Infrastructure associated with NeoLink/NeoNet Guatemala (Payment Gateway)
👤 Threat Actor: NemorisHacking
⚔️ Attack Vector: Web Exploit Injection / Active Link Defacement
⚠️ CRITICAL RISK ANALYSIS AND EXPOSED FIELDS
The presence of code injections on payment processing platforms represents an imminent risk of large-scale financial fraud:
💳 Phishing and Formjacking Risk: The attacker demonstrates the ability to inject HTML elements into high-trust domains (https://t.co/Kki7MNatVe). This facilitates the cloning of critical fields such as "Card Number", "MM/YY", and "CVV" for the silent exfiltration of banking data (Magecart style) before redirecting the user.
🛑 Payment Chain Disruption: By altering the legitimate transaction interface, secure fund collection for affiliated merchants that rely on that link ID is completely disabled.
🛡️ MITIGATION AND PREVENTIVE TECHNICAL RECOMMENDATIONS
🚫 Link Isolation and Deactivation: NeoLink platform administrators are urged to immediately revoke and disable the token/ID of the compromised link to stop the deployment of malicious code.
💻 Code Injection Audit (Web App Audit): Thoroughly review server-side variable validation mechanisms in payment link generation routes to block the injection of HTML/JS payloads.
📊 MONITORING AND EVALUATION
Intelligence System: https://t.co/wk9bZJ2Nli
Quickly assess your website's security with: https://t.co/QZhWp0kFrO
#CyberSecurity #Guatemala #NeoNet #NeoLink #WebExploit #Defacement #NemorisHacking #FinancialThreats #ThreatIntelligence #CyberAlert #VECERT #Infosec
🚨 NATIONAL SECURITY ALERT: MASSIVE DATA LEAK FROM THE MINISTRY OF LABOR – GUATEMALA 🇬🇹🏛️🔓
A security compromise of extreme severity has been detected, affecting Guatemala’s Ministry of Labor and Social Welfare (MINTRABAJO). Threat actors Izanagi, GordonFreeman, and cantpwn claim to have breached the entire API of the government employment portal (https://t.co/80yrPFf0h4), exposing the identities and employment histories of hundreds of thousands of Guatemalans.
🏢 Affected Entity: Ministry of Labor and Social Welfare (Guatemala).
👤 Threat Actors: Izanagi, GordonFreeman, cantpwn (L4TAMFUCKERS).
📂 Leak Volume:
+200,000 detailed user records.
40 GB of PDF files (original Curriculum Vitae).
📅 Publication Date: April 26, 2026.
📊 Scope of the Breach (PII and Employment Data)
This leak is one of the most invasive recorded in the region, as it combines official identity data with socioeconomic profiles:
Official Identity: Full names and DPI (Personal Identification Document) numbers.
Contact and Location: Phone numbers (multiple lines), email addresses, and residential addresses (categorized by department and municipality).
Socioeconomic Profile: Date of birth, last reported salary, employment status, ethnicity, and linguistic community.
Academic and Professional History: Educational levels, universities attended, degrees obtained, and languages spoken.
Attached Documentation: Direct access to the 40 GB of PDF CVs, which contain photos, personal references, and complete employment histories.
🛡️ Immediate Response Recommendations
🔒 Urgent API Shutdown: The Government of Guatemala must immediately deactivate the API for https://t.co/80yrPFf0h4 to halt the ongoing data exfiltration. 🔑 DPI Monitoring: Guatemalan citizens are advised to watch for any unusual activity or transactions involving the SAT or banking institutions.
Monitor: https://t.co/wk9bZJ2Nli
#CyberSecurity #Guatemala #MINTRABAJO #DataBreach #DPI #L4TAMFUCKERS #TuEmpleo #VECERT #InfoSec #CyberCrime 🇬🇹🛡️⚠️🚨
@MyronGainesX Of course it was! So what!! The US will do exactly what China and Russia has been doing...the difference...Venezuelans will have a much better life! Or do you think China and Russia were there for the Arepas!