Olivia
Online
Carlos Avila
@badboy_nt
#infosec for a living
Joined March 2011
480 Following
862 Followers
10.9K Posts
Claude Code Skill Bundle for Bug Bounty Hunting & External Red Team Operations 🤖💀
• 51 offensive security skills + 15 slash commands • Trained on 574+ disclosed HackerOne-style report patterns • Covers XSS, SSRF, SQLi, OAuth, JWT, GraphQL, RCE, IDOR & API abuse • Enterprise attack chains for M365, Okta, VPNs, SharePoint & vCenter • Built-in recon, exploit chaining, triage, evidence hygiene & reporting
https://t.co/89R7Cx20oz
#BugBounty #RedTeam #CyberSecurity #Pentesting #AppSec
SECURITY ADVISORY — TanStack npm packages
A supply-chain compromise affecting 42 @tanstack/* packages (84 versions total) was published to npm earlier today at approximately 19:20 and 19:26 UTC. Two malicious versions per package.
Status: ACTIVE — packages are deprecated, npm security engaged, publish path being shut down.
Severity: HIGH — payload exfiltrates AWS, GCP, Kubernetes, and Vault credentials, GitHub tokens, .npmrc contents, and SSH keys.
If you installed any @tanstack/* package between 19:20 and 19:30 UTC today, treat the host as potentially compromised:
• Rotate cloud, GitHub, and SSH credentials immediately
• Audit cloud audit logs for the last several hours
• Pin to a prior known-good version and reinstall from a clean lockfile
Detection — the malicious manifest contains:
"optionalDependencies": {
"@tanstack/setup": "github:tanstack/router#79ac49ee..."
}
Any version with this entry is compromised. The payload is delivered via a git-resolved optionalDependency whose prepare script runs router_init.js (~2.3 MB, smuggled into each tarball at the package root).
Unpublish is blocked by npm policy for most affected packages due to existing third-party dependents. All 84 versions are being deprecated with a SECURITY warning, and npm security has been engaged to pull tarballs at the registry level.
Full technical breakdown, complete package and version list, and rolling status updates:
https://t.co/Zy8qG7PA9f
Credit to the security researcher for responsible disclosure.
Digital identity is fragmented.
That’s already a business problem.
Disconnected logins, transactions, validations = gaps.
That’s where fraud wins.
VU ONE changes the model:
one layer, one flow, full control.
Less friction. Fewer gaps.
More trust.
https://t.co/NbCpS6Yi4Z
La fiabilidad de este exploit es increíble. Y ni siquiera toca disco. Sin condiciones de carrera o desbordamiento. Problemas de lógica (introducidos por partes de 2011 a 2017) en el kernel permiten elevar privilegios. Ninguna distro está a salvo. Ni el kernel de Windows en WSL.
Who to follow
Diego Samuel
@dsespitia
Ingeniero electrónico de profesión, Hacker por pasión.
Security Research
8.8 2025 
@8dot8
8.8 Computer Security Conference. 1st Hacker conference in Chile & Bolivia. This year we hope to see you at #8punto8Unreal #hackers #cybersecurity
Puky Sorondo
@iampuky
CTO @ Cinta Infinita - Ethical Hacker - Infosec Enthusiast - Music Lover
Digital identity is becoming the core of cybersecurity strategy.
At Fintech Americas, @sstranieri highlighted the shift from protecting the perimeter to understanding who is behind each interaction, in real time.
#FintechAmericas #Cybersecurity #DigitalIdentity
Digital identity is already a business challenge.
Let’s talk about VU ONE → Booth 210
Tomorrow, @sstranieri will be speaking:
“Who acts on your behalf? The dilemma of delegated identity”
3:30 PM · Ethereal Stage
See you in Miami.
Digital identity is fragmented… and that's already a business problem.
VU ONE solves it: onboarding, authentication, and fraud prevention in a single flow.
Find us at Booth 210 at Fintech Americas 2026 and see it applied to your case.
Someone is acting on your behalf.
Do you know who?
Are you sure it's you?
See you in Miami.
A new way to understand digital identity.
Meet VU’s new website.
Explore how to unify verification, authentication, and fraud prevention in one platform, reduce friction, and make real-time decisions.
Digital identity is fragmented. VU is the solution.
https://t.co/YsiJZZLmkH
Atacantes explotan Kubernetes y Cloud SQL en un sofisticado robo de criptomonedas
https://t.co/YK14f5Xqum
Fintech Americas 2026. Meet part of our team.
We’ll be in Miami (March 24–26) presenting VU ONE, our unified platform for digital identity, biometrics, and fraud prevention.
See you at Booth 210 – Fontainebleau Miami Beach.
#FintechAmericas #DigitalIdentity #FraudPrevention
pyGhidra - universal-flutter-ssl-pinning https://t.co/2gMSi8jJaL
Plataformas del CCI: Recursos para la Ciberseguridad Industrial
Tres herramientas clave para la gestión técnica y estratégica:
✅ RECIN: Requisitos de seguridad en el diseño de arquitecturas OT.
✅ ESCIM: Simulación de incidentes de alto impacto y medidas de protección.
✅ MACIN: Evaluación de madurez basada en C2M2.
🔗 Más información: https://t.co/zh3YIGWa11
#Ciberseguridad #Industrial #OT #CCI
SSLPinDetect is a tool for analyzing Android APKs to detect SSL pinning implementations https://t.co/RGfZLYhakL
Automated DLL Hijacking Detection Tool with Zero False Positives — Discovers, filters, and canary-confirms exploitable DLL hijacks on Windows with tiered confidence scoring https://t.co/k3GwjZsftg
See you at @Identiverse 2026.
Sebastián Fernández Quezada (CTPO) will be there.
Let’s talk identity & trust.
#Identiverse #VU
Better onboarding, less friction.
VU ONE unifies identity, biometrics & fraud prevention.
Secure. Fast. Seamless.
https://t.co/T1IGBaODsk
Intercepts traffic and replays requests via Electron
https://t.co/grYmisq1Bq
Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems https://t.co/s35HYeVfKw
https://t.co/9GtaBXYgkc is a #collection of utilities and property-oriented programming "gadget chains" discovered in common .NET libraries that can, under the right conditions, exploit .#NET #applications performing unsafe deserialization of objects. #infosec #tools #binaries
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers