Olivia
Online
Carlos Jumbo G.
@cjumbo
Lojano. CEO/Founder de INFORC ECUADOR, trabajando en Ciberseguridad desde 2005. CISM | CCSK | ISO 27001 LA | Abogado.
Quito, Pichincha, Ecuador
Joined March 2007
1.5K Following
1.5K Followers
36K Posts
This brother called Pacho has ended the season with zero yellow cards in the league and champions league, it’s unbelievable.
He made his professional debut barely 7 years ago, but he plays like a veteran of the game. So composed at only age 24😭
You don’t have to spend billions to sign quality players, he cost PSG €40m, but Brainthwaite and the likes are valued at £80m. Sporting directors and scouts should do some work and stop being lazy, there are players out there waiting to be seen.
You see that club in Ecuador called Independiente del Valle, they produce solid players. From Caicedo to Hincapie, to Pacho, I’m sure scouts specifically go there to sign players.
These are the kind of leagues Tony Bloom and his Jamestown Analytics focus on.
Funny part is that there’s a story where Pacho didn’t want to go to Independiente, he had turned down a team before them because he’s a mummy’s boy, he said he can’t do without his mum😅. Independiente had to present a plan that could accommodate his family before he moved there.
This guy was scouted by Belgian club Royal Antwerp, and later to Frankfurt. Do you know the common thing amongst both clubs, he spent just one full season at both clubs before PSG, such smaller clubs can’t keep stars for long.
Bro has two champions league at 24, zero hype but he’s up there with the best. I can’t wait to see him for Ecuador at the World Cup. He’s a monster, a clean monster, not a typical South American defender😅
Ladies and Gentlemen, Willian Pacho.
21 years ago today... The Miracle of Istanbul 🏆✨
John Terry on Instagram!
Nice touch
Purple perfection for Jhonatan Narvaez 💜👾🍇🟪
The Ecuadorian’s stellar Giro thus far has seen him claim the Maglia Ciclamino.
Así se despiden los ídolos. @MoSalah figura enorme del Liverpool que dijo adiós dejando 9 temporadas, 257 goles en 439 partidos y 121 asistencias, 9 títulos y una estela brillante de calidad y condiciones.
Makka y Kayan, sus hijos: “Nunca caminaremos solos”
🇪🇨 𝐍𝐀𝐑𝐕𝐀𝟑𝐙
📸 LaPresse
#GirodItalia
CONFIRMO: la información expuesta en esta "nueva" alerta de VECERT corresponde en realidad al data leak de Facebook filtrado originalmente en 2021 y asociado a una vulnerabilidad que posteriormente fue corregida por la plataforma.
No se trataría de una filtración reciente ni de un nuevo compromiso activo.
- Imagen 1: datos publicados hoy.
- Imagen 2: mismos datos ya difundidos en 2021.
REF: https://t.co/qoGXBS9opz.
Hasta que sucedió, ya decía yo que estas app de pago para bencina con wallet o cc asociada iba a tener noticias algún día. 📲
🚨 Threat Insight: Emerging LLM-Generated Infostealer 🤖🛑
A Python-based infostealer 🐍 has surfaced under the label “HackerAI Stealer Pipeline,” presented as an “authorized pentesting tool.” Despite the branding, the workflow clearly aligns with credential-theft operations: Chrome password extraction 🔐 → data staging 📦 → Telegram exfiltration 📤 → self-deletion 🧹.
Attribution to a specific platform remains unverified ⚠️. However, the structured pipeline, consistent formatting, and descriptive comments strongly suggest LLM-assisted development 🧠💻.
This reflects a broader shift 📈: adversaries are leveraging AI to rapidly generate and refine commodity malware, reducing development effort while increasing scalability.
https://t.co/Y5DVV5fBzP
#ThreatIntel #CyberSecurity #Malware #LLM
🚨 SON DAKİKA: Hackerlar, ele geçirdikleri web sitelerine "Sorry" fidye yazılımını yaymak için cPanel kimlik doğrulama atlatma açığını (CVE-2026-41940) kullanıyor.
Çok sayıda kaynak, saldırıların Perşembe günü başladığını ve tehdit aktörlerinin sunuculara sızarak dosyalara ".sorry" uzantısını ekleyen Go tabanlı bir Linux şifreleyiciyi yaydığını söylüyor.
Fidye yazılımının yaptığı:
🔴 Dosyaları şifreler ve ".sorry" uzantısını ekler.
🔴 Şifreleme anahtarını gömülü bir RSA-2048 genel anahtarıyla korur.
🔴 Her klasöre bir README.md fidye notu bırakır.
🔴 Fidye görüşmeleri için sabit bir Tox ID kullanır.
Kurbanlara, şifre çözme ücretini ödemek için Tox aracılığıyla saldırganla iletişime geçmeleri talimatı veriliyor.
Bu, 2018'deki eski HiddenTear ".sorry" fidye yazılımıyla ilgili değildir. Bu, aktif cPanel istismarıyla doğrudan bağlantılı, Linux'u hedefleyen yeni bir şifreleme aracıdır.
cPanel veya WHM kullanıyorsanız, hemen yamayı yükleyin.
🥳🤭🫠🤣
10/10
🔥
🚨 BREAKING: cPanel and WHM, the control panels behind an estimated 70+ million websites, have a critical security flaw that lets anyone become root admin without a password. CVE-2026-41940 affects every supported version. It’s already being exploited in the wild.
watchTowr Labs published the full attack today, after the hosting company KnownHost confirmed the bug was already being used to break into a significant chunk of the internet.
If you've never heard of cPanel: it's the dashboard that hosting providers and millions of website owners use to manage their servers, domains, email accounts, databases, and SSL certificates. WHM is the admin version that controls the entire server. If someone gets root access to WHM, they get the keys to the kingdom and to every apartment inside it.
How the attack works, in plain English:
🔴 Step 1: The attacker sends a deliberately wrong login. cPanel still creates a temporary "you tried to log in" record on disk and gives the attacker a cookie tied to it.
🔴 Step 2: The attacker tweaks the cookie to disable cPanel's password encryption. Normally cPanel encrypts the password field on disk. With one small change to the cookie, cPanel just stores it as plain text instead.
🔴 Step 3: The attacker sends a fake login attempt where the password field secretly contains hidden line breaks. cPanel does not strip these line breaks out, so they get written straight to the session file. Each line break creates a brand new fake record. The attacker uses this to inject lines that say "this user is root" and "this user already authenticated successfully."
🔴 Step 4: The attacker visits one more random page on the site to nudge cPanel into re-reading the file. cPanel then promotes the injected fake lines into its main session memory.
🔴 Step 5: On the next request, cPanel sees a flag that says "this user already passed the password check." cPanel trusts that flag, skips checking the actual password, and lets the attacker in as root.
From start to finish, the attack takes a handful of HTTP requests.
If you run cPanel or WHM, the patched versions are:
🔴 cPanel/WHM 110.0.x → 11.110.0.97
🔴 cPanel/WHM 118.0.x → 11.118.0.63
🔴 cPanel/WHM 126.0.x → 11.126.0.54
🔴 cPanel/WHM 132.0.x → 11.132.0.29
🔴 cPanel/WHM 134.0.x → 11.134.0.20
🔴 cPanel/WHM 136.0.x → 11.136.0.5
If your version is older than these, assume someone has already broken in and act accordingly. Patch right now, then rotate every password and key the server touched: root passwords, API tokens, SSL private keys, SSH keys, mail passwords, and database passwords.
La Universidad Agraria del Ecuador reportó un ciberataque que afectó su página web institucional y el desarrollo de un concurso docente. La alerta fue difundida la noche de este martes 28 de abril.
Todos los detalles 👉 https://t.co/R1lqwiOXid
🚨 Hackers están atacando Microsoft Teams haciéndose pasar por soporte técnico de TI.
Y México es uno de los países más atacados de LATAM.
Si usas Teams en tu empresa, lee esto 🧵
Clásico esquema de #phishing con ingeniería social: grupos no solicitados + promesa de dinero fácil + enlaces a sitios falsos = robo de credenciales bancarias.
Regla simple: si lo agregaron a un grupo sin pedirlo y le ofrecen USD 300/día por dar 'likes', es estafa. Salga, reporte y bloquee.
#Ciberseguridad #Phishing
Lea cómo opera esta modalidad de phishing, una estafa que promete ingresos extras dando like en apps como YouTube o Mercado Libre, pero que podría terminar en el robo de sus datos bancarios.
https://t.co/SoqWM5R9LM
Open source vulnerability management and visualization platform
https://t.co/W2VQ7DgzgB
@pencaladah https://t.co/Zzm4erz0x2
Un video registra la curiosa y ejemplar reacción de dos mujeres tras protagonizar un choque en Loja.
Most Popular Users
Elon Musk 
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers