Olivia
Online
Ankit Pandey
@r4ankit
CyberSec Blue Teamer | SIEM | SOC | SecOps| Here For InfoSec. AND FUN | Cloud Security | Sports | Life | Follow for security and fun content
Austria
Joined May 2009
432 Following
182 Followers
4.3K Posts
Pinned Tweet
Getting started in Infosec in a defensive role ? I wanted to write a thread collating pieces for that missing puzzle on where to find the best content as a blue teamer. For everything, I'd list some resources that
🚨 New Windows 0-Click Vulnerability Exploited to Bypass Defender SmartScreen
Source: https://t.co/uBwWAxBYvJ
A critical zero-click authentication coercion vulnerability, tracked as CVE-2026-32202, stemming from an incomplete patch for a Windows Shell security feature bypass actively weaponized by the Russian APT28 threat group.
Microsoft confirmed active exploitation of the flaw and released a fix as part of its April 2026 Patch Tuesday update.
The attack's primary mechanism abuses the Windows Shell namespace parsing pipeline. APT28 embedded a malicious LinkTargetIDList structure inside the LNK file, a binary IDList that Windows Explorer parses and renders, similar to how Control Panel items are displayed.
#cybersecuritynews #vulnerability #microsoft
🚨 Supply chain issue in axios on npm.
The malicious versions 1.14.1 and 0.30.4 pulled in [email protected], a dependency that existed only to execute a postinstall dropper and fetch platform-specific payloads.
From our side, this was not just an IOC match.
- for the setup.js dropper, we published the new signature-base rule SUSP_JS_Dropper_Mar26
- Windows stage artifacts were already covered by existing THOR detections
- the Linux Python RAT (https://t.co/w2FYJVXjBH) was also detected by THOR
- even some of the file names and execution patterns were caught by our more generic detection logic
Interesting detail from the early VirusTotal hits: detection was very limited at first. The Linux payload https://t.co/w2FYJVXjBH was initially detected only by us on VirusTotal, later by @kaspersky, and only after that by additional vendors. The same pattern showed up on the Windows side as well - in one early case only @ESET flagged the sample, while our VT comment already pointed to a matching generic THOR rule. A bit later detections started to climb 📈
We also published detection content for the community, not just for our customers.
If you pulled either affected axios version into dev or CI systems, treat it as potential code execution - not just a bad package update. Check lockfiles, scan build hosts, rotate credentials.
#YARA Rules / PR
https://t.co/jGPV0Gh04m
Technical analyses / blogs
@step_security
https://t.co/Bmb3egv8jL
@wiz_io
https://t.co/YhC6UkNrrk
@CyberRaiju
https://t.co/J4em4c5Qe1
Cisco source code stolen in Trivy-linked dev environment breach
https://t.co/4TKvWC9Ygv
https://t.co/4TKvWC9Ygv
Who to follow
Amisha Gokhale 
@Amisha_Go
Atheist
ராஜராஜவர்மன் பூவை கருத்தாழன் "கழக / கலகக்காரன்"
@Rajarajavarman4
கண்முன்னே மனிதருள் நிகழும் பாகுபாட்டை, சாக்கடை சாதி மத ஏற்ற தாழ்வை பாலின அடக்குமுறையை கண்டவுடன் எழும் அற சீற்றமே பெரியாரியம்.
Belong to the Dravidian Stock
StuartCFC ⭐⭐
@chelsea43ver
Die Hard Chelsea Fan #KTBFFH
One of our very smart Active Directory experts has been putting together a series of blog posts about hardening AD. Already into its 7th installment, it covers SMB hardening, disabling NTLMv1, least privilege and more. Check the series out - https://t.co/KkKfarAX9a
A few weeks ago, there was a community organized conference #KustoCon run by experts in KQL, covering threat hunting & detection engineering, incident response and graph semantics. If you couldn't make it, the sessions are now available to stream - https://t.co/g7uB7gtEZy
Over 2,000 Palo Alto firewalls hacked using recently patched bugs - @serghei
https://t.co/3PQgexor6E
https://t.co/3PQgexor6E
MITRE shares 2024's top 25 most dangerous software weaknesses - @serghei
https://t.co/5ljYknFHT2
https://t.co/5ljYknFHT2
How HACKERS Send Malware
Analyzing some DNS Spoofing in Wireshark!
https://t.co/xtRZnLVQT8
Enterprise Password Vaulting coming to the Microsoft Edge Web Browser
"IT admins will deploy an encrypted shared password to a specific set of users, allowing them to sign in to websites seamlessly without ever seeing or having access to the actual passwords. This will eliminate the significant risk associated with passwords to shared accounts being passed among multiple people through email, chats or paper. It will help ensure that only the users designated by IT admins will have access to the common website or resource. Secure password deployment will be available in preview in the coming months to customers with Microsoft 365 Business Premium, E3 and E5 licenses"
You can manage it through the Admin Center OR Intune
https://t.co/KH7Y94nLlk
➡️ Penetration Testing Tools
More than 200 million people use a Mac on a daily basis.
Yet, almost everyone is still stuck in beginner mode.
Here are 11 amazing things your Mac can do:
@Cyb3rMik3 *For more visibility
@Cyb3rMik3 I am just curious to have both compliment each other in terms of increasing the value out of both products and make them work in conjunction. Would you mind pointing me to some KQL repos more visibility as you mention ? I’d appreciate that.
🚨EDR Telemetry website is live! 🥳
I hope this makes it even easier for folks to compare the telemetry of EDR vendors and visualize their visibility gaps 🙂
‣ Website🔗https://t.co/gc5UXmr8ih
‣ GitHub 🔗https://t.co/NNAI4K539x
**Telemetry results reflect the most recent updates from the EDR Telemetry project.
This is How To Remove Your Gmail Address from unwanted websites 📌
NEW BLOG: Configure File Integrity Monitoring (FIM) using Defender for Endpoint
Blog: Configure File Integrity Monitoring (FIM) using Defender for Endpoint (https://t.co/qaBnCE8eYm)|
#MDE #MicrosoftDefender
With Microsoft Graph telemetry recently out of preview, now is the time to learn how to hunt across them! From talking with customers, this has quickly become one of the most valuable datasets available when hunting in the Microsoft cloud - https://t.co/SXMuvMNMtj
@DebugPrivilege Password vault
Last Seen Users on Sotwe
筱筱(真人版)
koleksi mantan
Seen from Indonesia
Cd Melda Adapazarı
Seen from Turkey
KEN
Seen from Indonesia
ชอบแอบเย็ดเมียคนอื่น
Seen from Thailand
🔞🔕 Pakistani mall
Seen from Pakistan
Demirov
Seen from Turkey
جاوید او شازیه کپل کوهات نه
Seen from Pakistan
sukir
Seen from Malaysia
Pembantuku = pemuasku
Seen from Indonesia
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.2M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
61.9M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers