Henry Flower

Official statement: Wild Hornets has no affiliation with General Trajectory or Joshua Belofsky The Twitter accounts @gentrajectory and @joshuabelofsky, as well as their website, are using Wild Hornets’ copyrighted videos and images without permission. Joshua Belofsky, the company’s owner, ignored our removal requests, falsely claiming “fair use” despite using our content for commercial purposes. We officially state that Wild Hornets has no affiliation with this company. As a result, we are blocking both accounts on Twitter. We will continue to take all necessary measures to protect our work and intellectual property. You can report these accounts. We would appreciate it 🐝🇺🇦

日吉はなさん @hiyoshi_desu

Russian General Staff Main Intelligence Directorate (GRU) cyber actors are exploiting vulnerable routers worldwide to intercept and steal sensitive military, government, and critical infrastructure information. The U.S. Department of Justice and the FBI recently disrupted a GRU network of compromised small-office home-office (SOHO) routers used to facilitate malicious DNS hijacking operations. The FBI and the following partners are releasing this announcement to warn the public and encourage network defenders and device owners to take actions to remediate and reduce the attack surface of similar edge devices: U.S. National Security Agency (NSA) and international partners from Canada, Czech Republic, Denmark, Estonia, Finland, Germany, Italy, Latvia, Lithuania, Norway, Poland, Portugal, Romania, Slovakia, and Ukraine. Understanding the DNS Hijacking Operations Since at least 2024, Russian GRU 85th Main Special Service Center (85th GTsSS) cyber actors — also known as APT28, Fancy Bear, and Forest Blizzard — have been collecting credentials and exploiting vulnerable routers worldwide, including compromising TP-Link routers using CVE-2023-50224. The GRU actors changed the devices' dynamic host configuration protocol (DHCP) / domain name system (DNS) settings to introduce actor-controlled DNS resolvers. Connected devices, including laptops and phones, inherit these modified settings. The actor-controlled infrastructure resolves and captures lookups for all domain names. The GRU provides fraudulent DNS answers for specific domains and services — including Microsoft Outlook Web Access — enabling adversary-in-the-middle (AitM) attacks against encrypted traffic if users navigate through a certificate error warning. These AitM attacks would allow the actors to see the traffic unencrypted. The GRU has harvested passwords, authentication tokens, and sensitive information including emails and web browsing information normally protected by secure socket layer (SSL) and transport layer security (TLS) encryption. The GRU has indiscriminately compromised a wide pool of U.S. and global victims and then filtered down impacted users, especially targeting information related to military, government, and critical infrastructure. Tips to Protect Yourself The FBI and partners have released relevant guidance and technical indicators, including NCSC-UK cybersecurity advisory "APT28 exploit routers to enable DNS hijacking operations" on 7 April 2026 and CISA's Edge Device Security webpage. Users of SOHO routers are encouraged to upgrade end-of-support devices, update to latest firmware versions, change default usernames and passwords, and disable remote management interfaces from the Internet. All users should carefully consider certificate warnings in web browsers and email clients. Organizations that allow remote work should review relevant policies regarding how employees access sensitive data, such as using VPNs and hardened application configurations. Additionally, organizations may consider incentivizing employees to upgrade outdated personal devices involved in remote access. Report It If you suspect you have been targeted or compromised by a Russian GRU cyber intrusion, report the activity to your local FBI field office or file a complaint with the IC3. Be sure to provide details about your router, including device type and DHCP configurations. Visit IC3.gov for additional details.

@DruzheKarlik просто будь-який мудило після будь-якої хуйні зараз може себе назвати соціяльно незграбним аутистом та жертвою обставин дуже за це дякую всій лівій пиздоті, яка ув сілу своєй тупості, була (є) неспроможна здогадатися, шо їх деструктивні ігри будуть потім використовувати геть усі

Former Trenchant exec who stole exploits from his employer and sold them to Russian broker says he was suffering depression & money troubles when he decided to sell exploits. New info also reveals work he did for Australian intel agency prior to Trenchant zetter-zeroday.com/trenchant-exec…