Olivia
Online
Paulo Colomés
@pcolomes
Network Engineer.
Temuco, Chile
Joined November 2007
5.1K Following
5.2K Followers
11.8K Posts
Pinned Tweet
Les dejo disponible a todos un curso de redes nivel #CCNA gratuito en español de casi 100 horas que acabo de publicar.
Este curso estuvo mucho tiempo en otra plataforma y por fin pude recuperar el material y subirlo a YouTube.
Espero que lo disfruten: https://t.co/uPpPiXUAGc
Puedes literalmente buscar OPENAI_API_KEY en GitHub y encontrar miles de claves API expuestas.
Gracias vibe coders 🙏
‼️ Nuclei template for fingerprinting the PAN-OS CVE-2026-0300 zero-day:
https://t.co/rqQGxeDcFG
Credit: @rxerium
🚨LAPSUS$ Revives Insider Recruitment Campaign Targeting Telecom, Tech, and AI Firms 🚨
The threat actor group LAPSUS$ has resurfaced with a renewed insider recruitment campaign, actively seeking employees from major telecom, technology, and AI organizations. The group is offering financial incentives in exchange for internal access, specifically targeting VPN/VDI credentials, Citrix sessions, remote access tools such as AnyDesk, or any foothold into corporate networks. Unlike traditional data breach operations, the campaign explicitly emphasizes gaining initial access through insiders rather than purchasing datasets. Targeted sectors reportedly include telecom providers, large software and gaming companies, AI firms, and call center/BPO environments.
#LAPSUS #InsiderThreat #CyberSecurity #ThreatIntelligence
Who to follow
Agencia Nacional de Ciberseguridad (ANCI)
@ANCIChile
Somos ANCI, un organismo público descentralizado y técnico, que tiene la facultad de fiscalizar, regular y sancionar en materias de ciberseguridad.
Katherina Canales M
@KatheCanales
Especialista en Ciberseguridad Ex Directora Ejecutiva de la Corporación de Ciberseguridad Minera, Ex Directora Operacional CSIRT de Gobierno 🇨🇱.
CronUp Ciberseguridad 
@Cronup_CyberSec
Empresa 🇨🇱 de Ciberseguridad | 🚨 Alerta Temprana de Riesgos | 📡 Monitoreo Continuo de Ciberamenazas | 🎯 Ethical Hacking Profesional | 🛡 Ciberinteligencia
Over the past 48 hours there have been some very interesting developments...
The "@chartercomms" announcements for 47.1.0.0/16 and 47.2.0.0/16 have disappeared, implicitly confirming that they were hijacked.
The "@Orange" announcement for AS41128 has changed - the path is now:
90.98.0.0/15 AS41128 AS22541 AS29802
AS41128: @orange 🇫🇷
AS22541: MEGALINK S.R.L.🇧🇴
AS29802: @HIVELOCITY 🇺🇸
The entire network has relocated from Chicago to Dallas (likely to the Prime Dallas Campus DFW01 datacenter). Once more the inclusion of a South-American ISP appears completely unrealistic, with the traffic between the AS29802 router (de-cix[.]dfw[.]hivelocity[.]net) and the final destination seemingly within the Dallas datacenter.
But there's more....⬇️
@precisox Jamás jugaría a esto en mi tiempo libre. Suficiente estar todo el día lidiando con problemas de datacenters y conectividad reales. Prefiero ir a andar en bicicleta o hacer un asado
@Vincentt1987 Nos pasó una vez con un colega. Optamos por ponerle como sobrenombre "Pijama" (de León).
🚨 New Fortinet vulnerability being exploited as an 0-day
CVE-2026-35616 - FortiClient EMS pre-authentication API access bypass - CVSS 9.1 Critical
After observing in-the-wild exploitation of this vulnerability earlier this week, Defused reported it to Fortinet under responsible disclosure.
Fortinet has released an emergency hotfix - plus a scheduled patch - for FortiClient EMS 7.4.5 and 7.4.6.
The vulnerability allows an unauthenticated attacker to bypass API authentication and authorization entirely, unauthorized code or commands via crafted requests.
This discovery was made through our upcoming Radar feature launching next week 😇
Advisory: https://t.co/Jr2fUbq8JV
Track exploitation of this and other Fortinet vulns in real time and get updates on the new Defused Radar 👉 https://t.co/iRDhHlDkep
Credit also to @heckintosh_ for independently discovering this vulnerability 💪
🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages.
The latest [email protected] now pulls in [email protected], a package that did not exist before today. This is a live compromise.
This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now.
Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that:
• Deobfuscates embedded payloads and operational strings at runtime
• Dynamically loads fs, os, and execSync to evade static analysis
• Executes decoded shell commands
• Stages and copies payload files into OS temp and Windows ProgramData directories
• Deletes and renames artifacts post-execution to destroy forensic evidence
If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.
Es que no hay comparación.
Yesterday a light aircraft crashed in Aysen, Chile. The 2 aboard survived with minor injuries. Aircraft was identified as Cessna 172N Skyhawk [Registration “CC-SCE”] operated by Club Aéreo de Concepción. CCTV shows aircraft going down while attempting to take-off.
ℹ️ASN
Países que ELIMINARON la Lepra 🦠🇨🇱
@uBF2fV1cVQxRjQo I am pretty sure that planet still uses CRT vacuum technology. Soon they will discover LED and create more optimized space portals.
Ganadores del Mundial de Programación 2026 (TCS CodeVita) 🏆💻
Mejores Programadores del Mundo
🇨🇳 Zhou Jingkai 🥇
🇨🇱 Vicente Opazo 🥈
🇵🇪 Jorge Valdivia 🥉
Mejor Programador Emergente
🇮🇳 Balashiva S 🥇
🇪🇨 Jose Nunez 🥈
🇪🇨 Gabriella Padilla 🥉
Mejor Programador en IA
🇨🇳 Zhou Jingkai 🥇
🇺🇸 Benjamin Orellana 🥈
🇵🇪 Jorge Valdivia 🥉
The impact of power issues in the AWS ME-CENTRAL-1 region is visible in the @CloudflareRadar Cloud Observatory. Starting ~1200 UTC, key metrics including error rates, connection failures, and response header receive times all increased. See more at https://t.co/pnw8omQWto
#Volcanvillarrica La superficie de calor (hotspot) detectada por Sentinel-2/Landsat 8/9 los días 21 y 24 de febrero, equivale a unos 1.600 m2, la mayor desde abril de 2025. Noticia en desarrollo. Fuente: https://t.co/acaUhHYztV @SmithsonianGVP
Internet connectivity in Iran is now in a near-complete shutdown, down about 98% vs the previous week. The disruption began around 07:00 UTC, following reports of military strikes — and in past incidents the government has responded with nationwide Internet shutdowns.
🚨 BGP Route Leak at 2026-02-27 21:14 UTC
🇨🇱AS266878 (Besthost) leaked 15918 prefixes learned from 🇨🇱AS64139 (GRUPO) towards 🇨🇱AS7195 (EDGEUNO), creating conflicts with 1549 ASNs in 96 countries.
🌐 Max propagation: 95% ⏳ Duration: >15m, ongoing
El SII informa que los contribuyentes podrán presentar su declaración de IVA hasta el 23 de febrero sin multas ni intereses, debido a dificultades técnicas que afectaron en forma intermitente la disponibilidad de este sistema en https://t.co/bGtWXJI04e. ¡Comparte la información!
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers