Meridian Group

560 posts

Meridian Group banner
Meridian Group

Meridian Group

@MeridianEU

Beyond Cyber Security | Defensive, Offensive, and Investigative core of Cyber Digital Intelligence.

Roma Katılım Kasım 2016
11 Takip Edilen59 Takipçiler
Sabitlenmiş Tweet
Meridian Group
Meridian Group@MeridianEU·
Aggiornamento settimanale sul conflitto Israele-Iran. 17-24 aprile: il dominio cyber non segna un'escalation infrastrutturale ma una diversificazione del repertorio. Analisi completa: linkedin.com/posts/scenario…
Meridian Group tweet media
Italiano
0
0
0
20
Meridian Group
Meridian Group@MeridianEU·
CVE-2026-31431 "Copy Fail" in Linux kernel allows local root escalation via controlled write into page cache through AF_ALG, splice(), and page cache interaction. No disk artifacts; only real-time memory analysis detects it. Affects standard configs across distros since 2017.
Meridian Group tweet media
English
0
0
0
135
Meridian Group
Meridian Group@MeridianEU·
VECT 2.0 RaaS targets Windows, Linux, and VMware ESXi. Flawed ChaCha20-IETF implementation permanently destroys the first three-quarters of files over 128 KB, making recovery impossible even after ransom payment. Credentials sourced from supply chain attacks on developer tools.
Meridian Group tweet media
English
0
0
0
29
Meridian Group
Meridian Group@MeridianEU·
#Handala Hack, Iran MOIS-linked group, sent threatening WhatsApp messages to US troops and Israeli citizens warning of drone and missile targeting. Group subsequently published PII of 2,379 US Marines deployed in the Persian Gulf.
Meridian Group tweet media
English
0
0
0
68
Meridian Group
Meridian Group@MeridianEU·
CVE-2026-6770 in #Firefox allowed cross-site fingerprinting in Private Browsing, enabling unrelated domains to detect a shared unique identifier and link user activity. Patched April 21, 2026 in Firefox 150, ESR 140.10, and Thunderbird.
Meridian Group tweet media
English
0
0
0
41
Meridian Group
Meridian Group@MeridianEU·
CVE-2026-21510 and CVE-2026-21513, Windows Shell zero-days exploited via malicious LNK files for RCE against Ukraine and EU orgs. Incomplete patch introduced CVE-2026-32202, enabling Net-NTLMv2 theft via SMB for NTLM relay and offline cracking. All three actively exploited.
Meridian Group tweet media
English
0
0
0
57
Meridian Group
Meridian Group@MeridianEU·
Mustang Panda deploys updated LOTUSLITE backdoor via spear-phishing emails delivering CHM files. Infection chain uses JS payload and DLL sideloading; C2 over HTTPS with dynamic DNS enables remote access and data exfiltration.
Meridian Group tweet media
English
0
0
0
74
Meridian Group
Meridian Group@MeridianEU·
Unauthorized access to Anthropic’s Claude #Mythos model achieved via compromised contractor credentials in a third-party environment. Access leveraged prior breach data and recon; activity limited to exploration, no offensive use observed.
Meridian Group tweet media
English
0
0
0
52
Meridian Group
Meridian Group@MeridianEU·
“The Gentlemen” ransomware operation expands via affiliate model. Attackers deploy Cobalt Strike and SystemBC for persistence and lateral movement, using GPOs to distribute multi-platform ransomware across enterprise environments.
Meridian Group tweet media
English
0
0
0
30
Meridian Group
Meridian Group@MeridianEU·
EU sanctions target Russia-linked entities #Euromore and #Pravfond for coordinated disinformation campaigns. Activity includes amplification of fabricated narratives and redistribution of state-backed media content via #Euroview platform.
Meridian Group tweet media
English
0
0
0
13
Meridian Group
Meridian Group@MeridianEU·
#NGate malware targets #Android users in #Brazil via trojanized HandyPay apps. Victims are tricked into setting it as default payment, capturing NFC card data and PIN, then exfiltrated via HTTP to attacker-controlled servers.
Meridian Group tweet media
English
0
0
0
15
Meridian Group
Meridian Group@MeridianEU·
#CISA adds CVE-2026-20133 (#Cisco SD-WAN Manager) to KEV amid active exploitation. Flaw enables sensitive data access via API; additional SD-WAN CVEs (20128, 20122, 20127) also observed exploited.
Meridian Group tweet media
English
0
0
0
88
Meridian Group
Meridian Group@MeridianEU·
#Bluesky experienced service disruption due to a DDoS attack, causing timeouts, slow loading, and request limit errors. Core platform impacted, while independent communities on the protocol remained operational.
Meridian Group tweet media
English
0
1
0
38
Meridian Group
Meridian Group@MeridianEU·
#ZionSiphon malware targets Israeli water facilities, aiming to manipulate ICS configs to alter chlorine levels and pressure. Spreads via USB and scans for Modbus, DNP3, S7comm. Current variant flawed, preventing real-world execution.
Meridian Group tweet media
English
0
0
0
37
Meridian Group
Meridian Group@MeridianEU·
Aggiornamento settimanale sul conflitto Israele-Iran. 10-17 aprile: il dominio cyber non registra solo continuità operativa, registra un'evoluzione qualitativa del repertorio. Analisi completa: linkedin.com/posts/meridian…
Meridian Group tweet media
Italiano
0
0
0
64
Meridian Group
Meridian Group@MeridianEU·
CVE-2026-33032 (CVSS 9.8) in nginx-ui is actively exploited. Missing auth controls on an MCP endpoint allow network-adjacent attackers to gain full Nginx admin access: config modification, service restart, traffic interception, and credential theft.
Meridian Group tweet media
English
0
0
0
65
Meridian Group
Meridian Group@MeridianEU·
Ababil of Minab, pro-Iranian cluster, claims #breach of LA #Metro systems including VMware vCenter, IIS servers, and rail yard management platform. Screenshots show alleged access to real-time train control dashboards. 1 TB exfiltrated, 500 TB destroyed; unverified.
Meridian Group tweet media
English
0
9
13
153
Meridian Group
Meridian Group@MeridianEU·
CVE-2026-33825 patched in #Microsoft April 2026 update. #BlueHammer PoC now confirmed for Defender LPE, patch priority elevated. Also in scope: CVE-2026-33824 (CVSS 9.8), pre-auth double-free in Windows IKE enabling RCE.
Meridian Group@MeridianEU

#BlueHammer, a Windows #zeroday LPE combining TOCTOU race condition and improper path handling, allows local attackers to access the SAM database and gain SYSTEM-level privileges. PoC disclosed; exploit reliability limited in server environments.

English
0
0
0
186
Meridian Group
Meridian Group@MeridianEU·
Storm #infostealer targets browsers and messaging apps to harvest credentials, session cookies, and crypto wallets. Remote server-side decryption bypasses local protections. Active session hijacking without password required.
Meridian Group tweet media
English
0
0
0
183
Meridian Group
Meridian Group@MeridianEU·
An AI model demonstrated autonomous zero-day exploitation, identifying unknown vulnerabilities and generating functional exploits without supervision. Capabilities include sandbox bypass, privilege escalation to SYSTEM, and RCE across heterogeneous codebases.
Meridian Group tweet media
English
0
0
1
23

Keşfet

@elonmusk @BarackObama @taylorswift13 @cristiano @BillGates @NASA @nikifrancismediavine @katyperry