![cyb3rops's tweet photo. Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs
- update.exe downloaded from 95.179.213[.]0 after notepad++.exe -> GUP.exe
- file hashes for update.exe / log.dll / BluetoothService.exe / conf.c / libtcc.dll
- network IOCs incl. api[.]skycloudcenter[.]com (-> 61.4.102[.]97), api[.]wiresguard[.]com, 59.110.7[.]32, 124.222.137[.]114
by @rapid7
https://t.co/rrespJ9Ju0](https://pbs.twimg.com/media/HAKoUZyWsAAUNoZ.jpg)
![cyb3rops's tweet photo. Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs
- update.exe downloaded from 95.179.213[.]0 after notepad++.exe -> GUP.exe
- file hashes for update.exe / log.dll / BluetoothService.exe / conf.c / libtcc.dll
- network IOCs incl. api[.]skycloudcenter[.]com (-> 61.4.102[.]97), api[.]wiresguard[.]com, 59.110.7[.]32, 124.222.137[.]114
by @rapid7
https://t.co/rrespJ9Ju0](https://pbs.twimg.com/media/HAKoUZwXMAIGkD3.jpg)
Olivia
Online
Ian Peter
@IanPeterL
CTF Player| VAPT | eJPT | Cloud Security | Gamer
Nairobi, Kenya
Joined January 2020
543 Following
1K Followers
864 Posts
Pinned Tweet
I felt it was just an honor to have attended @BSidesNairobi last year. The drive and innovation behind the creators of the event made me feel like I was attending Defcon.
Cloud Security as a Ransomware Shield: Mitigating Data Breaches in Kenya
by Ian Peter (@IanPeterL)
https://t.co/FMFG5DqNYw
Its about time..
Sign up already!!!
@officialctfzone
There's finally a model that actually understands security 🤯
VulnLLM-R-7B is a specialized AI that spots vulnerabilities by reasoning like a security expert. It's trained to spot vulnerabilities before they become breaches.
100% Open Source.
Verify email addresses without sending a single email.
Who to follow
Chalie
@pwnipc
Offensive Android Security Researcher, ARM assembly addict, Exploit Dev? and a part time CTF player @fr334aks.
muchilwa
@muchilwa
Biker | Infosec | Leading and Building CyberSec Communities | Educator | Founder BSides NBO | Podcast host at Truepositives_
Kores
@joelkores_
Nomadic pastoralist
🦔 Moltbook, the "social media for AI agents" that went viral this week, left its entire database exposed. Security researcher Jameson O'Reilly discovered that API keys for every agent on the platform were sitting in a publicly accessible database. Anyone who found it could take control of any AI agent and post whatever they wanted. OpenAI cofounder Andrej Karpathy has an agent on the platform. His API key was exposed like everyone else's.
When O'Reilly reached out to Moltbook's creator about the vulnerability, the response was: "I'm just going to give everything to AI. So send me whatever you have."
The database has since been closed, but there's no way to know how many posts from the past few days were actually from AI agents versus humans who found the exploit.
My Take
This is the same researcher who found the Clawdbot vulnerability I wrote about last week. Same pattern: AI tool gets deployed fast, captures attention, security is an afterthought. "Ship fast, capture attention, figure out security later. Except later sometimes means after 1.49 million records are already exposed."
The New York Post worried about AI agents plotting humanity's downfall. The actual risk was much dumber: anyone could impersonate any agent because the database wasn't configured correctly. Two SQL statements would have fixed it. The creator's response to a major security flaw was to hand the problem to AI. That tells you everything about how this stuff is being built. Vibe coding plus hype plus zero security review. The agents weren't autonomously evolving. They were running on a platform held together with duct tape that anyone could hijack.
Hedgie🤗
Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs
- update.exe downloaded from 95.179.213[.]0 after notepad++.exe -> GUP.exe
- file hashes for update.exe / log.dll / BluetoothService.exe / conf.c / libtcc.dll
- network IOCs incl. api[.]skycloudcenter[.]com (-> 61.4.102[.]97), api[.]wiresguard[.]com, 59.110.7[.]32, 124.222.137[.]114
by @rapid7
https://t.co/rrespJ9Ju0
![cyb3rops's tweet photo. Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs
- update.exe downloaded from 95.179.213[.]0 after notepad++.exe -> GUP.exe
- file hashes for update.exe / log.dll / BluetoothService.exe / conf.c / libtcc.dll
- network IOCs incl. api[.]skycloudcenter[.]com (-> 61.4.102[.]97), api[.]wiresguard[.]com, 59.110.7[.]32, 124.222.137[.]114
by @rapid7
https://t.co/rrespJ9Ju0](https://pbs.twimg.com/media/HAKoUZzXMAQFKph.jpg)
🚀 Kenya's first Claude Code Meetup is HERE!
📅 Sat, 24th Jan | 3-5 PM
📍 iHiT Events Space, Nairobi
→ Demos & tips
→ Hands-on hacking
→ Meet AI builders in Nairobi
Space is limited - register now 👇
https://t.co/B5LlG6nMeG
#ClaudeAI #NairobiTech #AIKenya 🇰🇪
@trevorsaudi Nice. Looking to get in on it this year
@ireteeh The first thing to do is to train the employees to identify phishing emails. Employees should be given a conducive work environment that makes them relaxed to appreciate working for the organisation and helping to keep it safe. The report channel should be easy to access and use.
#AWS outage - it's always DNS
#BSidesNairobi2025 Call for Speakers is officially OPEN! Share your expertise, stories, and solutions shaping Africa’s cyber resilience. Let your voice spark change. Submit your talk today
https://t.co/kBOFpqkXIz
#BSidesNairobi2025 #CyberResilience #KenyaTech
Ready to test your understanding of encryption? Join us for the ISOC Kenya CTF on 24th Sept – 12 hours of hacking, learning & fun!
Register now via CTFROOM! https://t.co/SY1iIkv9fN
#GlobalEncryptionDay #CTF #Cybersecurity #ISOCKenya @ISOC_Kenya
@trevorsaudi Congrats man. The days are paying off💯
Today I've placed a forensic report prepared by @citizenlab @munkschool before @Kenyajudiciary showing proof of spyware known as @flexispy being installed in gadgets belonging to Kenyans by @DCI_Kenya & released to them. The same report has been served upon @ODPP_KE. See below:
We’ve spent countless hours behind screens hunting bugs—now it’s time to step out, connect, and have some fun together. 🚗✨ Join us for a Bug Bounty Ke meetup where the community goes offline.
Location: TotalEnergies Survey Service Station
https://t.co/BNG9XvEEkC
@ke_bug_bounty Nice💯
Let me find out more and follow up
In the past week, the name of cybersecurity professional Seth Mwabe has been mentioned widely in the media and on social platforms, mostly linked to negative claims. I wish to set the record straight on a few key points. 1/
@trevorsaudi Nitakuwa social media detox hadi 12th😂
@trevorsaudi Itabidi tu😂
Last Seen Users on Sotwe
sabrena •⩊• 
Very Big Dick Yarrak
Seen from Germany
ens ap
Seen from Turkey
กรุงเทพ สาทร ถนนจันทน์ บางรัก สาวสอง
Seen from Thailand
Kayseri tek burak
Seen from Turkey
네모
Seen from Korea
تليمتةلعببي
Seen from Algeria
𝕸𝖘𝖕𝖊𝖆𝖈𝖍𝖊𝖘𝖑𝖔𝖛𝖊𝖘𝖀💕𝕮𝖚𝖒 𝖗𝖊𝖆𝖉𝖞
Seen from Jordan
FARIAKIO
Seen from United Arab Emirates
🤤 அசுரன் 🤤
Seen from India
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers