Elusive

about 16 hours ago

Silent Ransom Group Russia-linked extortion gang escalates from phone calls to physical office visits. Silent Ransom Group (UNC3753 / Luna Moth / Chatty Spider) poses as IT support to breach US law firms and professional services. 38 firms leaked. Data exfiltration within hours of initial contact. New Mandiant report covers Jan–May 2026 campaign. Source: BleepingComputer / Mandiant / FBI FLASH Follow @VulnerabilityNw

0

4

1

148

about 16 hours ago

C0XMO Botnet New Gafgyt variant spreads via a 5-year-old DD-WRT router flaw, then kills rival malware to monopolize the device. C0XMO exploits CVE-2021-27137 a stack buffer overflow in the UPnP service for unauthenticated access. Cross-platform, moving between architectures. FortiGuard Labs discovered it. Source: BleepingComputer / FortiGuard Labs Follow @VulnerabilityNw

0

1

0

44

1 day ago

Will Monero reach 1000$ before ZEC? https://t.co/5V80ErsBtj

2

8

1

0

216

1 day ago

🔮 Will Monero reach $1000 by December 31, 2026? Trade it on https://t.co/xraIHfIM96 — private prediction markets on Monero 🔒 https://t.co/xt2iG239NL

0

4

1

0

24

ElusivePrivacy retweeted

The CyberSec Guru

@thecybersecguru

1 day ago

@ElusivePrivacy Also check this out. It has completely traversed into PyPI: https://t.co/mqetwuk0i4

0

1

0

23

1 day ago

2/2 Miasma is an evolved variant of Mini Shai-Hulud, mutating rapidly new poisoned repos created daily with slight description variations. The worm steals secrets from developer environments and self-propagates via compromised CI/CD pipelines. This is the most significant enterprise-grade supply chain escalation to date. Source: The Hacker News / OpenSourceMalware Full analysis → @VulnerabilityNw

1

3

2

0

115

1 day ago

Miasma Worm Hits Microsoft GitHub 1/2⚠️The Miasma supply chain worm has hit 73 Microsoft GitHub repositories across four orgs Azure, Azure-Samples, Microsoft, and MicrosoftDocs. GitHub disabled access to the impacted repos. The worm re-compromised the "durabletask" PyPI package, previously targeted by TeamPCP last month for Linux credential theft. @VulnerabilityNw

2

8

3

1

841

1 day ago

2/2 Chrome's worst: CVE-2026-10881, CVSS 9.6 an out-of-bounds read/write in ANGLE that escapes the sandbox. Google paid $97K for it. The trend is accelerating: AI agents are finding bugs faster than teams can patch. The February benchmark had an agent reproduce PoCs for 50%+ of 100 Linux kernel N-days. Source: The Hacker News / RevEng AI Full analysis → @VulnerabilityNw

0

2

0

128

1 day ago

AI Agent 21 FFmpeg Zero-Days 1/2🔓An autonomous AI agent from RevEng AI discovered 21 confirmed zero-days in FFmpeg each with a reproducible PoC after scanning the project's 1.5M lines of C. Claude Mythos also pulled a 16-year-old H.264 flaw from FFmpeg for $10K. In the same week, Google shipped Chrome 149 with patches for 429 security bugs the most in a single release.

1

2

0

129

1 day ago

Smart TV Proxies for AI Scraping Researcher reverse-engineers Bright Data's iOS SDK embedded in free apps, it turns always-on smart TVs into exit nodes for AI web-scraping traffic. The successor to Luminati (the Hola VPN scandal), Bright Data sells residential proxy access to AI companies bypassing datacenter IP blocks. The SDK's peer tunnel has fewer security checks than most malware. Source: The Hacker News / Lowpass Full analysis → https://t.co/Slr9YmI7KM Follow @VulnerabilityNw

1

0

133

1 day ago

Everest Forms Pro RCE WordPress Everest Forms Pro under active attack. CVE-2026-3300, CVSS 9.8 unauthenticated RCE via crafted file upload. Wordfence blocked 29,300+ exploitation attempts since April 13. 4,000 active installs exposed. Source: BleepingComputer / Wordfence Full analysis → https://t.co/Slr9YmI7KM Follow @VulnerabilityNw

1

2

1

0

276

1 day ago

ChatGPT Lockdown Mode OpenAI rolls out Lockdown Mode for ChatGPT an optional security setting that kills live browsing, canvas networking, image retrieval, and file downloads to block URL-based data exfiltration via prompt injection. Not intended for everyone, but a meaningful hardening option for orgs handling sensitive data. Source: The Hacker News / OpenAI Full analysis → https://t.co/Slr9YmI7KM Follow @VulnerabilityNw

1

0

87

2 days ago

Awesome updates are coming!! If you are a market maker reach out to talk about fees discounts!

2 days ago

If you missed the @monerotopia podcast: we are live with new markets and more are coming every day!! Predict the future in Monero no KYC, fully private. #Monero $XMR

0

5

0

79

0

2

0

20

ElusivePrivacy retweeted

3 days ago

https://t.co/vAku9PA2ax The time for monero to predict the future with one click.

0

2

1

0

39

ElusivePrivacy retweeted

3 days ago

We’re going live on @monerotopia today. https://t.co/o3pS3oTbaa the Monero prediction market is unveiling its new markets. No KYC. Full privacy. Predict the future with XMR. 🔴 https://t.co/8gjR9lmfes

1

4

1

0

125

ElusivePrivacy retweeted

3 days ago

The future is unwritten. So take a position on it privately. https://t.co/o3pS3oTbaa goes deep on @monerotopia today. New markets, fully revealed. 🔴 [06/06/2026] · https://t.co/MFWmmyzwgx #Monero #PredictionMarkets

0

2

1

0

44

ElusivePrivacy retweeted

3 days ago

Them: “Please verify your identity to place a bet.” https://t.co/o3pS3oTbaa: 🫥 Predict the future. Keep your privacy. No KYC. #Monero #NoKYC

0

3

1

0

41

3 days ago

Five Eyes: Chinese Spy Recruitment Five Eyes agencies warn Chinese operatives are posing as recruiters on professional platforms to target government and military personnel. Goal: compromise individuals with access to classified or privileged information. Tailored fake job offers serve as the initial vector. Source: SecurityWeek Full analysis → https://t.co/Slr9YmI7KM Follow @VulnerabilityNw

0

1

0

35

3 days ago

Chrome 149: 429 Patches Chrome 149 patches 429 vulnerabilities over 100 rated critical or high severity. Dominated by use-after-free flaws and insufficient input validation. The surge reflects Google's AI-assisted fuzzing pipeline reaching maturity. Update immediately. Source: SecurityWeek Full analysis → https://t.co/Slr9YmI7KM Follow @VulnerabilityNw

0

1

0

31

3 days ago

SolarWinds Serv-U (CISA KEV) CISA added SolarWinds Serv-U (CVE-2026-28318) to the KEV catalog active exploitation confirmed. The high-severity resource consumption flaw lets unauthenticated attackers crash servers remotely. Federal agencies have a binding patch deadline. Source: BleepingComputer / CISA Full analysis → https://t.co/Slr9YmI7KM Follow @VulnerabilityNw

1

0

100