❗️X account "Breaking911" with 1.6 million followers just got compromised by a threat actor.
The channel advertises itself as "America's #1 Alternative News Source."
The channel advertises itself as "America's #1 Alternative News Source."
💩1
❗️Meet Hellcat ransomware group operator 'Pryx' — responsible for high-profile hacks like Jaguar Land Rover, Telefonica, Schneider Electric and many more.
He started doing cybercrime as a kid.
He got 4 people killed and 27 injured after starting a fire by hacking into the SCADA network of Telecom Egypt.
An OSINT researcher just revealed who he is and how he tracked him down.
Link: https://justpaste.it/whoispryx
He started doing cybercrime as a kid.
He got 4 people killed and 27 injured after starting a fire by hacking into the SCADA network of Telecom Egypt.
An OSINT researcher just revealed who he is and how he tracked him down.
Link: https://justpaste.it/whoispryx
💩2
❗️Cybersecurity company Aura suffered a data breach after a phone phishing attack by ShinyHunters.
The attackers gained access to an employee account. Most of the stolen data came from a company Aura acquired in 2021: over 900,000 names and email addresses stored in Salesforce.
Additionally, data of fewer than 20,000 current and 15,000 former Aura customers was stolen, including names, emails, addresses, and phone numbers.
The attackers gained access to an employee account. Most of the stolen data came from a company Aura acquired in 2021: over 900,000 names and email addresses stored in Salesforce.
Additionally, data of fewer than 20,000 current and 15,000 former Aura customers was stolen, including names, emails, addresses, and phone numbers.
💩1
❗️GTIG has identified an exploit chain targeting Apple iOS users called DarkSword.
Victims get compromised by visiting a website.
It's capabilities include stealing and performing the following:
▪️ Messages, contacts, call logs
▪️ Location, browser data
▪️ Crypto wallets, WiFi pass, keychains
▪️ Take screenshots, record audio
❗️Targets iOS 18.4–18.7. Used by commercial surveillance vendors and a suspected Russian espionage group against targets in four countries.
How it works:
- Victim visits a compromised or fake website
- Six vulnerabilities are chained, from browser RCE to kernel-level privilege escalation
- Three malware families are deployed: GHOSTBLADE, GHOSTKNIFE, and GHOSTSABER
Read the GTIG article:
https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
Victims get compromised by visiting a website.
It's capabilities include stealing and performing the following:
▪️ Messages, contacts, call logs
▪️ Location, browser data
▪️ Crypto wallets, WiFi pass, keychains
▪️ Take screenshots, record audio
❗️Targets iOS 18.4–18.7. Used by commercial surveillance vendors and a suspected Russian espionage group against targets in four countries.
How it works:
- Victim visits a compromised or fake website
- Six vulnerabilities are chained, from browser RCE to kernel-level privilege escalation
- Three malware families are deployed: GHOSTBLADE, GHOSTKNIFE, and GHOSTSABER
Read the GTIG article:
https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain
💩2
🚨‼️ CRITICAL: Ubiquiti UniFi Network Application vulnerabilities were just disclosed
CVE-2026-22557 CVSS 10.0
Remote path traversal vulnerability allowing an attacker to access and manipulate files, leading to account takeover. No authentication required.
CVE-2026-22558 — CVSS 7.7
Authenticated NoSQL Injection allowing privilege escalation.
Patch now!
https://community.ui.com/releases/Security-Advisory-Bulletin-062-062/c29719c0-405e-4d4a-8f26-e343e99f931b
CVE-2026-22557 CVSS 10.0
Remote path traversal vulnerability allowing an attacker to access and manipulate files, leading to account takeover. No authentication required.
CVE-2026-22558 — CVSS 7.7
Authenticated NoSQL Injection allowing privilege escalation.
Patch now!
https://community.ui.com/releases/Security-Advisory-Bulletin-062-062/c29719c0-405e-4d4a-8f26-e343e99f931b
👍1💩1
❗️Just in: An internal government report reveals federal cyber experts reviewed Microsoft's cloud.
They called it "a pile of shit."
Then approved it anyway. 🙃
Microsoft's lack of proper security documentation left reviewers with a "lack of confidence in assessing the system's overall security posture," according to an internal government report reviewed by ProPublica.
https://www.propublica.org/article/microsoft-cloud-fedramp-cybersecurity-government
They called it "a pile of shit."
Then approved it anyway. 🙃
Microsoft's lack of proper security documentation left reviewers with a "lack of confidence in assessing the system's overall security posture," according to an internal government report reviewed by ProPublica.
https://www.propublica.org/article/microsoft-cloud-fedramp-cybersecurity-government
💩3❤1
‼️🇨🇳 Massive breach: Confidential data from China's National Supercomputing Center in Tianjin has been put up for sale.
We've looked at the samples — the data includes aerospace engineering, military technology, bioinformatics, and nuclear fusion simulations.
There are multiple simulations showing explosions and the integrity of buildings/vehicles and more.
The National Supercomputing Center in Tianjin is a government-owned datacenter where SOEs and universities run complex data simulations, virtual test systems, and scientific computation models.
Many documents are proprietary scientific software binaries containing test results and simulation setups.
We've looked at the samples — the data includes aerospace engineering, military technology, bioinformatics, and nuclear fusion simulations.
There are multiple simulations showing explosions and the integrity of buildings/vehicles and more.
The National Supercomputing Center in Tianjin is a government-owned datacenter where SOEs and universities run complex data simulations, virtual test systems, and scientific computation models.
Many documents are proprietary scientific software binaries containing test results and simulation setups.
💩1
‼️🇨🇳 Massive breach: Confidential data from China's National Supercomputing Center in Tianjin has been put up for sale.
We've looked at the samples — the data includes aerospace engineering, military technology, bioinformatics, and nuclear fusion simulations.
There are multiple simulations showing explosions and the integrity of buildings/vehicles and more.
The National Supercomputing Center in Tianjin is a government-owned datacenter where SOEs and universities run complex data simulations, virtual test systems, and scientific computation models.
Many documents are proprietary scientific software binaries containing test results and simulation setups.
We've looked at the samples — the data includes aerospace engineering, military technology, bioinformatics, and nuclear fusion simulations.
There are multiple simulations showing explosions and the integrity of buildings/vehicles and more.
The National Supercomputing Center in Tianjin is a government-owned datacenter where SOEs and universities run complex data simulations, virtual test systems, and scientific computation models.
Many documents are proprietary scientific software binaries containing test results and simulation setups.
😨1