Tomesh Sahu 🇮🇳

🚨 Hackers Exploit Microsoft Teams' Collaboration Features to Impersonate IT Helpdesk Staff Source: https://t.co/YZ2Iaruf2b A growing wave of vishing (voice phishing) campaigns in which threat actors abuse Microsoft Teams’ external collaboration features to impersonate IT helpdesk personnel and investigators is now turning to the Microsoft 365 Unified Audit Log (UAL) as a critical forensic data source to reconstruct attack timelines. The attack chain begins when a threat actor operating from an external or cross-tenant Teams account initiates an unsolicited call or message to a targeted employee, presenting as internal IT support. #cybersecuritynews

How I use AI to Track Images Most people try to geolocate images by scrolling Google Maps for hours or zooming in on random places hoping to get lucky AI has changed that a lot ⚡ When I work on OSINT cases, one of the most useful skills is figuring out where a photo was taken 📸 even when there is no context or metadata One tool I use for this is PlaceSpotter It uses AI to read visual clues from images and help identify locations much faster than manual searching With it you can: 🌍 Find possible locations from a single image 📍 Get GPS coordinates in seconds 🔍 Recognize buildings, landmarks, and terrain patterns ⚡ Still work even when metadata is stripped out I had one case where I only had a social media image with no location info at all there was nothing obvious at first glance but after running it through the tool and comparing architectural patterns and coastline features it narrowed it down to a specific coastal region that small clue became the turning point for the rest of the investigation 🚀 This kind of geolocation work is very useful for: 🕵️ OSINT investigations 📡 geolocation challenges and verification 🌐 checking if online content is real or manipulated In OSINT speed matters but accuracy matters more and tools like this help you get both 🧠 �� https://t.co/bDM0pMQgQO

🚨 Introducing the DarkWeb Intelligence Subscription System We are launching 3 different access levels for the DDW community: 🟢 Open Feed (Free) • Public DarkWeb intelligence • Threat updates • High-risk alerts • Community intelligence 🟣 Insider Access ($5/month) • Source links • Unfiltered screenshots • Exclusive subscriber intelligence • Free DarkWeb training • Future subscriber deals & perks 🔵 Nexus API (Coming Soon) • Real-time intelligence API • DarkWeb monitoring • Professional intelligence services • Enterprise solutions For Nexus API & enterprise intelligence services: 📩 Contact us: [email protected] Intelligence should be accessible to everyone. 🌐 #DDW #Intelligence #CyberSecurity #DarkWeb #ThreatIntelligence

🦠 Assemblyline 4 — Open Source Malware Analysis Framework Scalable malware analysis & file triage platform built for SOCs, DFIR teams & large-scale security operations. • Automated malware analysis using Docker & Kubernetes • REST API + web UI for enterprise integrations • Supports AV engines, sandboxes & threat intel feeds • Analyze millions of files daily with scalable architecture • Extend functionality with custom Python services Built by the Canadian Centre for Cyber Security. https://t.co/XHMcabXmIP #MalwareAnalysis #DFIR #ThreatIntel #SOC #CyberSecurity

🧩 Mephisto — a scanner and exploitation framework for WordPress vulnerabilities A tool for automated detection and exploitation of known (CVE) vulnerabilities in WordPress. Features: 📍 Support for typical modules targeting plugin and theme exploits. 📍 Generation of reports on detected and exploited vulnerabilities. 📍 CLI interface with options for test configuration and customization. Unlike "WPScan" and "CMSmap", it focuses not only on information gathering but also on practical CVE exploitation. 📎 Tool: https://t.co/NTpCao16pJ #dbugs_tools

⚠️Hackers Actively Exploiting Critical NGINX RCE Vulnerability in the Wild Source: https://t.co/7FVnJNpPPW Hackers are wasting no time exploiting a newly disclosed critical vulnerability in NGINX, with security researchers already observing real-world attacks just days after its public release. Threat actors are actively targeting CVE-2026-42945, a heap buffer overflow flaw affecting both NGINX Open Source and NGINX Plus. According to Censys data, around 5.7 million internet-facing NGINX servers could be running vulnerable versions. #cybersecuritynews

做渗透测试，最耗时间的从来不是“找不到漏洞”，而是扫描器误报满屏，你还得一条条手动复核，真正的高危点反而被噪音淹没。 最近看到一个开源安全扫描器 Lonkero，主打“把误报压下去”。它用贝叶斯假设引擎 + 智能过滤，把误报率做到约 5%，比行业常见水平低出一截，结果更干净，验证更省事。 Lonkero 基于 Rust 构建，内置 125+ 专业扫描器，覆盖注入、认证、API 安全、现代框架等场景；还能自动识别技术栈并������调整测试策略，不用你反复手动配置。 GitHub：https://t.co/7tQ6QI7rR6 它还带机器学习引擎：每次扫描后都会学习响应模式，越跑越准；同时支持联邦学习，只共享模型权重、不上传原始数据，让社区一起把模型越训越好。 如果你想要一个低误报、高效率、适配主流技术栈的渗透测试工具，或者已经受够了传统扫描器的“误报海”，Lonkero 值得试一试。

Mr_Rot13’s Filemanager backdoor changes root password to 123Qwe123C, adds a custom SSH key, drops a PHP webshell, and injects ROT13-obfuscated JS that serves a fake cPanel login — stealing creds and sending them to wrned[.]com. Also exfils bash history, DB passwords & valiases to Telegram group 0xWR. Act now: 🔸 Patch cPanel/WHM 🔸 Block cp.dene[.]de[.]com, wpsock[.]com, wrned[.]com

🛡️ Mozilla Patches 423 Firefox Flaws with Claude Mythos and Other AI Models Source: https://t.co/c1jpIn0Gy0 Mozilla has fixed a total of 423 Firefox security bugs in April 2026 alone, a figure nearly 20 times higher than its monthly average of about 21 bugs throughout 2025, driven by a groundbreaking agentic AI pipeline built around Anthropic's Claude Mythos Preview and other large language models. Beyond the 271 AI-identified bugs, the remaining 152 fixes included 41 externally reported bugs and 111 discovered through internal techniques, split roughly equally between Claude Mythos fixes shipped in other releases, bugs found with other AI models, and conventional fuzzing. #cybersecuritynews

𝐌𝐨𝐬𝐭 𝐩𝐞𝐨𝐩𝐥𝐞 𝐢𝐧𝐯𝐞𝐬𝐭𝐢𝐠𝐚𝐭𝐞 𝐚𝐧 𝐞𝐦𝐚��𝐥 𝐮𝐬𝐢𝐧𝐠 𝐭𝐡𝐞 𝐬𝐚𝐦𝐞 𝐰𝐞𝐥𝐥-𝐤𝐧𝐨𝐰𝐧 𝐎𝐒𝐈𝐍𝐓 𝐭𝐨𝐨𝐥𝐬… 𝐛𝐮𝐭 𝐭𝐡𝐞𝐲 𝐦𝐢𝐬𝐬 𝐧𝐞𝐰𝐞𝐫 𝐩𝐥𝐚𝐭𝐟𝐨𝐫𝐦𝐬 𝐭𝐡𝐚𝐭 𝐠𝐨 𝐝𝐞𝐞𝐩𝐞𝐫 👀📧 Email addresses are one of the best pivot points in OSINT investigations 📧 People reuse the same email across many websites, services, and accounts which means one lookup can expose a large part of someone’s online footprint 🌐 One of my favorite tools for this is Minerva OSINT 😏 It builds a detailed intelligence profile starting from just a single email It can help you discover: 📱 Accounts linked to the email 🧩 Usernames and digital footprints 🌍 Platform associations across different services 🔎 New pivot points to continue your investigation What I like about it is how it 𝐨𝐫𝐠𝐚𝐧𝐢𝐳𝐞𝐬 𝐫𝐞𝐬𝐮𝐥𝐭𝐬 𝐜𝐥𝐞𝐚𝐫𝐥𝐲, making it easy to move from one lead to another For example, during an OSINT investigation I started with only an email address… The results revealed usernames and linked platforms that helped me pivot into social media accounts 🔍 From there, the investigation became much easier to expand Of course, no single tool is perfect But this one is definitely a strong addition to any OSINT toolkit 🧰 My tip: always combine multiple email lookup tools to maximize coverage 🔗 Website link: https://t.co/ePwq0aJGO5 There is another method you can use to uncover hidden accounts from emails which I will share in a future post 🚀 but sometimes less popular platforms reveal even more data 👀

🎉 GIVEAWAY TIME! 🎉 2 lucky people get the 900 Endless Bundle — ALL cybersecurity courses, certs & future ones — for FREE! 🐀🔥 ✅ Every current course ✅ Every future course ✅ All certs (CNWPP, CAPIE, CxWAP) ✅ Discord access ✅ Lifetime updates Use code RATPACK100 at checkout — only 2 spots, first come first served! 🚀 👉 https://t.co/SJCVm5c7Xm After the 2 spots are gone, coupon drops to 95% off — still a massive deal! 💥