Packet Ninjas

@packetninjas

We break into things. Legally. Penetration testing, continuous security validation, and the hard truths your risk register isn't telling you.

Joined June 2009

372 Following

822 Followers

2K Posts

Packet Ninjas @packetninjas

3 days ago

Attackers are routing malware through Google's DoubleClick domain because they know tools won't flag it. Not a breach, just an attacker who understands your defenses better than you'd like. That's the gap offensive security testing exists to close. 🥷#PacketNinjas #Cybersecurity

packetninjas's tweet photo. Attackers are routing malware through Google's DoubleClick domain because they know tools won't flag it. Not a breach, just an attacker who understands your defenses better than you'd like. That's the gap offensive security testing exists to close.
🥷#PacketNinjas #Cybersecurity https://t.co/RP08oJxsgf

0

0

1

0

58

Packet Ninjas @packetninjas

5 days ago

Red Hat confirmed it. Supply chain compromise across multiple npm packages under the redhat-cloud-services namespace. If those packages are in your dependencies, assume they're compromised until proven otherwise. RHSB-2026-006. 🥷 #PacketNinjas #Cybersecurity #Infosec

International Cyber Digest

@IntCyberDigest

5 days ago

🚨 UPDATE: Red Hat has now published RHSB-2026-006 confirming the supply chain compromise affecting multiple npm packages under the redhat-cloud-services namespace.

IntCyberDigest's tweet photo. 🚨 UPDATE: Red Hat has now published RHSB-2026-006 confirming the supply chain compromise affecting multiple npm packages under the redhat-cloud-services namespace. https://t.co/OjXPKagxV6

5

376

66

94

54K

0

0

2

0

205

Packet Ninjas @packetninjas

5 days ago

Having security and having confidence in your security program are two different things. 79% of frontline managers say they were breached last year. Only 65% of C-suite leaders agree. That gap is where the real problem lives. 🥷 #PacketNinjas #Cybersecurity #Infosec

packetninjas's tweet photo. Having security and having confidence in your security program are two different things.

79% of frontline managers say they were breached last year. Only 65% of C-suite leaders agree. That gap is where the real problem lives. 🥷

#PacketNinjas #Cybersecurity #Infosec https://t.co/5y7z4mwKrV

0

0

0

0

28

Packet Ninjas @packetninjas

7 days ago

Silent Ransom Group doesn't hack through your firewall. They walk through your front door. FBI FLASH alert confirms operatives are physically entering law firms posing as IT support to exfiltrate data. 100+ attacks. 38 firms leaked. 🥷 #PacketNinjas #Cybersecurity

0

0

0

0

82

Who to follow

The global leader in research-fueled cybersecurity services

Waging algorithmic warfare since 2003. Engineer, Researcher. MTS @ Anthropic, Non-Resident Research Fellow @CSETGeorgetown CyberAI

Darkoperator | 🇺🇦

Information Security Professional, Open Source Tool Dev, Microsoft MVP, and all-around techie. Opinions are my own.

Packet Ninjas @packetninjas

10 days ago

Charter's 42 million record breach started with a phone call. A phone call that compromised one Microsoft Entra account and opened the door to the entire Salesforce database. A pentest that thinks like an attacker looks for exactly this. 🥷 #PacketNinjas #Cybersecurity #Infosec

packetninjas's tweet photo. Charter's 42 million record breach started with a phone call. A phone call that compromised one Microsoft Entra account and opened the door to the entire Salesforce database.
A pentest that thinks like an attacker looks for exactly this. 🥷
#PacketNinjas #Cybersecurity #Infosec https://t.co/OEMkeeqn0x

0

0

0

0

34

Packet Ninjas @packetninjas

11 days ago

@USATGroup Worth adding, each of these comes with a cyber tail. Conflict escalation, shipping issues, & public health emergencies all spike state-sponsored & opportunistic TA activity. If your physical security posture is being tested this week, your digital attack surface probably is too.

1

0

0

0

53

Packet Ninjas @packetninjas

12 days ago

48,185 CVEs published in 2025 and only 54% of critical vulnerabilities actually got fixed. Detection isn't the hard part anymore. Proving the risk and validating the fix is. Most programs are optimized for the wrong objective. 🥷 #PacketNinjas #Cybersecurity #Infosec

packetninjas's tweet photo. 48,185 CVEs published in 2025 and only 54% of critical vulnerabilities actually got fixed.

Detection isn't the hard part anymore. Proving the risk and validating the fix is. Most programs are optimized for the wrong objective. 🥷

#PacketNinjas #Cybersecurity #Infosec https://t.co/Fp8yRWi2w9

0

0

0

0

39

Packet Ninjas @packetninjas

13 days ago

Today we remember the men and women who gave everything in service to this country. Thank you to those who sacrificed and to their loved ones who supported them. No more words needed. 🇺🇸 #MemorialDay #PacketNinjas

0

0

0

0

19

Packet Ninjas @packetninjas

13 days ago

58 seconds after publication. That's how fast malicious packages are live and in the wild before anyone knows. 34 packages. 384 versions. Your dependencies are part of your attack surface. 🥷 #PacketNinjas #Cybersecurity #Infosec

Socket @SocketSecurity

14 days ago

🚨 BREAKING: Active supply chain attack across npm, PyPI, and Crates.io. Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems. TrapDoor targets #crypto, #DeFi, AI, and security developers, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, env vars, and API keys. Socket detected releases with a median detection time of 5 minutes, 27 seconds. The fastest detection occurred 58 seconds after publication.

SocketSecurity's tweet photo. 🚨 BREAKING: Active supply chain attack across npm, PyPI, and Crates.io.

Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems.

TrapDoor targets #crypto, #DeFi, AI, and security developers, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, env vars, and API keys.

Socket detected releases with a median detection time of 5 minutes, 27 seconds. The fastest detection occurred 58 seconds after publication.

133

2K

424

736

771K

0

0

0

0

55

Packet Ninjas @packetninjas

17 days ago

The 2026 Verizon DBIR is out. Vulnerability exploitation just overtook credential theft as the top breach vector. AI is accelerating the window from disclosure to active attack. The point-in-time testing model wasn't built for this. 🥷 #PacketNinjas #DBIR2026 #Cybersecurity

packetninjas's tweet photo. The 2026 Verizon DBIR is out. Vulnerability exploitation just overtook credential theft as the top breach vector.

AI is accelerating the window from disclosure to active attack. The point-in-time testing model wasn't built for this. 🥷

#PacketNinjas #DBIR2026 #Cybersecurity https://t.co/edwelWEho5

0

0

0

0

45

Packet Ninjas @packetninjas

19 days ago

Attackers don't exploit vulnerabilities, they exploit paths. A phishing email. An over-permissioned account. A misconfig that connects to something it shouldn't. None of it critical on its own. All of it a breach when chained together.🥷 #PacketNinjas #Cybersecurity #Infosec

packetninjas's tweet photo. Attackers don't exploit vulnerabilities, they exploit paths.
A phishing email. An over-permissioned account. A misconfig that connects to something it shouldn't.

None of it critical on its own. All of it a breach when chained together.🥷

#PacketNinjas #Cybersecurity #Infosec https://t.co/R3pzwT19Mu

0

0

0

0

39

Packet Ninjas @packetninjas

19 days ago

No malware. No exploits. Just one compromised cloud identity and legitimate admin tools. Storm-2949 walked straight through. This is the attack your scanner won't catch. 🥷 #PacketNinjas #Cybersecurity #Infosec

Microsoft Threat Intelligence

19 days ago

A sophisticated and multi-layered attack by the threat actor tracked by Microsoft as Storm-2949 demonstrates how a single compromised cloud identity could lead to a full-scale organizational breach. https://t.co/s1MMx0fI4L Relying on social engineering and abusing legitimate administrative tools, Storm-2949 moved laterally across cloud resources and endpoints without using traditional malware, quietly exfiltrating large volumes of sensitive data. This stealthy attack underscores the importance of strong identity protections, least-privilege access, and unified visibility across environments. Read the latest Microsoft Defender Research blog for guidance on detecting and containing multi-stage attacks before they escalate.

10

288

80

222

60K

0

1

0

0

83

Packet Ninjas @packetninjas

23 days ago

@USATGroup Those same soft targets believe they won't be victim to a cyber-attack as well...

0

1

0

0

15

Packet Ninjas @packetninjas

24 days ago

Most scanners give you a list. FumaScan gives you the path an attacker would actually take. Continuous testing, attack chain mapping, and remediation verification between your annual engagements, not instead of them. https://t.co/qWdaOueP9p 🥷 #FumaScan #PacketNinjas

packetninjas's tweet photo. Most scanners give you a list. FumaScan gives you the path an attacker would actually take.

Continuous testing, attack chain mapping, and remediation verification between your annual engagements, not instead of them.

https://t.co/qWdaOueP9p 🥷

#FumaScan #PacketNinjas https://t.co/uFrDC7jCmC

0

0

0

0

29

Packet Ninjas @packetninjas

26 days ago

A compromised PyPI package with a 1-in-6 chance of running rm -rf / on Israeli and Iranian systems. Country-aware logic. Geo-fenced destruction. And yes, it skips Russian language environments. Install the language pack. We're not joking. 🥷 #PacketNinjas #Cybersecurity

26 days ago

the most low-effort / high reward thing you can do for security is installing the Russian language pack (not even joking, it's ridiculous how often that prevents execution)

lauriewired's tweet photo. the most low-effort / high reward thing you can do for security is installing the Russian language pack

(not even joking, it's ridiculous how often that prevents execution) https://t.co/wQ4res5DCA

146

14K

971

5K

2M

0

1

1

0

89

Packet Ninjas @packetninjas

26 days ago

Your pentest passed. That was 364 days ago. The average breach in 2024 went undetected for 258 days. The annual test tells you where you stood. Not where you stand. #PacketNinjas #Cybersecurity 🥷

packetninjas's tweet photo. Your pentest passed. That was 364 days ago.

The average breach in 2024 went undetected for 258 days.

The annual test tells you where you stood. Not where you stand.

#PacketNinjas #Cybersecurity 🥷 https://t.co/bUqzqGXqEa

0

0

0

0

15

Packet Ninjas @packetninjas

about 1 month ago

CVE-2026-31431 dropped yesterday. Root on every Linux distro since 2017. No disk writes. Reboots wipe the evidence. One of the most significant Linux kernel exploits we've seen in years. 🥷 #PacketNinjas #Cybersecurity #Infosec

0

0

0

0

22

Packet Ninjas @packetninjas

about 1 month ago

Compliance ≠ security. Severity ≠ exploitability. Point-in-time testing is obsolete. Unpopular opinions? Maybe. But they're worth a read. Check out our LI for more.

packetninjas's tweet photo. Compliance ≠ security.
Severity ≠ exploitability.
Point-in-time testing is obsolete.

Unpopular opinions? Maybe. But they're worth a read. Check out our LI for more. https://t.co/fitrVCf6dc

0

0

0

0

22

Packet Ninjas @packetninjas

about 1 month ago

We've been busy breaking into things. Legally. Packet Ninjas is back on X so expect threat intel, hard truths about your attack surface, & the occasional reminder your annual pentest isn't enough. Feel free to follow & if you're not sure your defenses hold up - reach out.🥷

0

1

0

0

45

Packet Ninjas @packetninjas

about 4 years ago

We uncovered a vulnerability in a recent network assessment that may sound innocuous enough. That poses the question: to #debug or not to debug when in production? https://t.co/h7V20m5zZU

packetninjas's tweet photo. We uncovered a vulnerability in a recent network assessment that may sound innocuous enough. That poses the question: to #debug or not to debug when in production?
https://t.co/h7V20m5zZU https://t.co/8uJguJ8HrS

0

0

0

0

0

Last Seen Users on Sotwe

Trends for you

Most Popular Users