Today following the CSS injection discovered by cloud11665, security researcher vmfunc discovered you can also create ReadMe files which force log people out of their GitHub profiles. Oh, and you can make IP grabbers!
GitHub has now become the wild west
GitHub has now become the wild west
π€©69π₯10β€5π«‘4π4π₯°1π’1
This media is not supported in your browser
VIEW IN TELEGRAM
GitHub employees chasing down the nerds who turned their website into nothing but anime, IP grabbers, thread hijacks, and goatse spam... on a Friday night πππ
π€£148π₯°5β€4β€βπ₯2π’2
The GitHub CSS Injection which was patched a few hours ago has already been bypassed.
Internet nerds are returning with wrath as they resume anime backgrounds and anime banners
We were asked not to show the bypass code to 340,000 people so it's not patched instantly Β―\_(γ)_/Β―
Internet nerds are returning with wrath as they resume anime backgrounds and anime banners
We were asked not to show the bypass code to 340,000 people so it's not patched instantly Β―\_(γ)_/Β―
β€βπ₯73π€£31β€12π5π’3π€1
This media is not supported in your browser
VIEW IN TELEGRAM
Leaked footage of Internet Degenerates and GitHub employees at the Battle of Anime Backgrounds (2024, colorized)
π€£152π«‘8π6π₯°3π2π±2π’2β€βπ₯1
After over 5 years of work, we believe vx-underground is now approaching "maintenance mode" β our work will primarily be keeping content up to date.
tl;dr 1,825 days of work
tl;dr 1,825 days of work
β€117π’31π«‘30π€―4π±4π3π₯2π€2π1
Hello, we hope all of you had a good week and weekend
Today is the day of rest. We'll see you Monday
Also, to clear up some confusion, we are still going to work on vx-underground, the post about 5 years of work was regarding older material
tl;dr got lots of stuff, feels good
Today is the day of rest. We'll see you Monday
Also, to clear up some confusion, we are still going to work on vx-underground, the post about 5 years of work was regarding older material
tl;dr got lots of stuff, feels good
β€72π«‘15π5π₯4π±1π’1
We've received a lot of messages today regarding Lockbit ransomware groups Telegram.
We've been in contact with Lockbit ransomware group and several of their affiliates and subgroups since 2019. Lockbit ransomware group does not have a Telegram.
Lockbit is so paranoid he uses his own onion-based file sharing service. He thinks Telegram, Twitter, virtually all social media, is controlled by governments and refuses to use them.
Also, the account some of you send us named FbiSupp is not the real FBI. We have no idea what or who this account is β but the real FBI Telegram accounts are listed on the United States Department of Justice and Justice for Rewards (operated by the United States Department of State) website. These are imposters.
tl;dr being scammed by fake FBI because ??? and scammed by fake Lockbit because ???
We've been in contact with Lockbit ransomware group and several of their affiliates and subgroups since 2019. Lockbit ransomware group does not have a Telegram.
Lockbit is so paranoid he uses his own onion-based file sharing service. He thinks Telegram, Twitter, virtually all social media, is controlled by governments and refuses to use them.
Also, the account some of you send us named FbiSupp is not the real FBI. We have no idea what or who this account is β but the real FBI Telegram accounts are listed on the United States Department of Justice and Justice for Rewards (operated by the United States Department of State) website. These are imposters.
tl;dr being scammed by fake FBI because ??? and scammed by fake Lockbit because ???
π€£103β€7π₯5π4π2π2π’1
ShinyHunters, the group (person?) responsible for administrating Breached has disappeared. Breached is offline on both clearnet and Tor
Additionally, Shiny's Telegram and Telegram Channel have been deleted
People are speculating they've been arrested
Β―\_(γ)_/Β―
Additionally, Shiny's Telegram and Telegram Channel have been deleted
People are speculating they've been arrested
Β―\_(γ)_/Β―
π’63π₯10π€10π€£5β€3π2π2
vx-underground
ShinyHunters, the group (person?) responsible for administrating Breached has disappeared. Breached is offline on both clearnet and Tor Additionally, Shiny's Telegram and Telegram Channel have been deleted People are speculating they've been arrested Β―\_(γ)_/Β―
The only thing we know for sure is that it's Sunday. We dislike when things happen on Sunday
>:(
>:(
β€57π€£13π9π₯6π’2π1
This media is not supported in your browser
VIEW IN TELEGRAM
David Fincher's 1999 cult-classic 'Fight Club', based on the novel written by Charles Palahniuk, has a scene which philosophically reminds us of what we witness every single day in the cyber-ecosystem
β€56π€£6π4π’3
Updates to vx-underground:
Samples:
VirusSign.2024.06.02
VirusSign.2024.06.03
VirusSign.2024.06.04
VirusSign.2024.06.05
VirusSign.2024.06.06
VirusSign.2024.06.07
VirusSign.2024.06.08
VirusSign.2024.06.09
Papers:
- 2024-05-10 - Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
- 2024-05-14 - Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
- 2024-05-14 - QakBot attacks with Windows zero-day (CVE-2024-30051)
- 2024-05-15 - Revealing Spammer Infrastructure With Passive DNS - 226 Toll-Themed Domains Targeting Australia
- 2024-05-15 - Black Basta overview and detection rules
- 2024-05-15 - Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
- 2024-05-15 - To the Moon and back(doors)- Lunar landing in diplomatic missions
- 2024-05-16 - Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID
- 2024-05-16 - Springtail: New Linux Backdoor Added to Toolkit
- 2024-05-20 - Tiny BackDoor Goes Undetected: Suspected Turla leveraging MSBuild to Evade detection
- 2024-05-21 - Master of Puppets: Uncovering the DoppelGΓ€nger pro-Russian influence campaign
Samples:
VirusSign.2024.06.02
VirusSign.2024.06.03
VirusSign.2024.06.04
VirusSign.2024.06.05
VirusSign.2024.06.06
VirusSign.2024.06.07
VirusSign.2024.06.08
VirusSign.2024.06.09
Papers:
- 2024-05-10 - Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators
- 2024-05-14 - Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain
- 2024-05-14 - QakBot attacks with Windows zero-day (CVE-2024-30051)
- 2024-05-15 - Revealing Spammer Infrastructure With Passive DNS - 226 Toll-Themed Domains Targeting Australia
- 2024-05-15 - Black Basta overview and detection rules
- 2024-05-15 - Threat actors misusing Quick Assist in social engineering attacks leading to ransomware
- 2024-05-15 - To the Moon and back(doors)- Lunar landing in diplomatic missions
- 2024-05-16 - Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID
- 2024-05-16 - Springtail: New Linux Backdoor Added to Toolkit
- 2024-05-20 - Tiny BackDoor Goes Undetected: Suspected Turla leveraging MSBuild to Evade detection
- 2024-05-21 - Master of Puppets: Uncovering the DoppelGΓ€nger pro-Russian influence campaign
β€25β€βπ₯9π―5π3π€―3π€1
vx-underground
Cybersecurity Among Us sponsored by keepitcloaked this Wednesday, 7 PM EST with h313n_0f_t0r repping vx-underground! We will be unable to stream it ourselves that day, so please enjoy by tuning in to your favorite participating streamer.
I was told to tweet this.
I forgot it was a thing because I've been busy downloading malware and staring into the void (Telegram).
Everyone is cool though. Watch it. If you don't you'll be bonked.
- smelly smellington
I forgot it was a thing because I've been busy downloading malware and staring into the void (Telegram).
Everyone is cool though. Watch it. If you don't you'll be bonked.
- smelly smellington
β€49π€£8π€5π2π₯2π’1π€1
Yesterday Apple announced they plan on introducing ChatGPT into Siri, iOS, and MacOS
https://arstechnica.com/gadgets/2024/06/apple-integrates-chatgpt-into-siri-ios-and-mac-os/
https://arstechnica.com/gadgets/2024/06/apple-integrates-chatgpt-into-siri-ios-and-mac-os/
Ars Technica
Apple integrates ChatGPT into Siri, iOS, and macOS
ChatGPT is treated like a search engine for Siri, and generates text and images for apps.
π€£98π«‘12π4π’2π―1