The Shadowserver Foundation

2.4K posts

The Shadowserver Foundation banner
The Shadowserver Foundation

The Shadowserver Foundation

@Shadowserver

Our mission is to make the Internet more secure by bringing to light vulnerabilities, malicious activity and emerging threats. Join our Alliance!

Global Katılım Mart 2009
0 Takip Edilen21.9K Takipçiler
Sabitlenmiş Tweet
The Shadowserver Foundation
The Shadowserver Foundation@Shadowserver·
Using ELK & interested in automating ingestion of our threat intel for your network/constituency via our API? We have introduced an ECS logging script for our intelligence reports. This script uses Redis to queue events for Logstash. Check it out at github.com/The-Shadowserv…
The Shadowserver Foundation tweet media
English
1
12
54
12.7K
The Shadowserver Foundation
The Shadowserver Foundation@Shadowserver·
We shared out ~2000 unique IPs exposing secrets that are known to have been harvested by a threat actor. IP data in our Compromised Website report: shadowserver.org/what-we-do/net… for your network/constituency with the 'stolen-key' tag (dated 2026-07-02). Check your reports!
The Shadowserver Foundation tweet mediaThe Shadowserver Foundation tweet media
English
1
10
37
4.6K
The Shadowserver Foundation
The Shadowserver Foundation@Shadowserver·
We are scanning for SimpleHelp CVE-2026-48558 vulnerable instances since 2026-06-16. We see 439 unpatched in our 2026-07-01 scan. Most (268) found in the US. Raw IP data in shadowserver.org/what-we-do/net… for your network/constitiuency Dashboard World Map view: dashboard.shadowserver.org/statistics/com…
The Shadowserver Foundation tweet media
CISA Cyber@CISACyber

🛡️ We added SimpleHelp authentication bypass vulnerability CVE-2026-48558 to our Known Exploited Vulnerabilities Catalog. Visit go.dhs.gov/Z3Q & apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec

English
1
3
11
2.8K
The Shadowserver Foundation
The Shadowserver Foundation@Shadowserver·
We have improved our Oracle E-Business Suite fingerprinting by adding domain based scans in collaboration with @ValidinLLC. Around 950 exposed instances now seen globally (no vulnerability assessment). CVE-2026-46817 attempts have been observed in the wild by @DefusedCyber
The Shadowserver Foundation tweet media
English
2
10
22
4.9K
The Shadowserver Foundation
The Shadowserver Foundation@Shadowserver·
The report also contains over 1000 IPs where the threat actor ran credential sniffing in June. Check out SpyCloud's analysis here: spycloud.com/blog/what-spyc… Thank you to SpyCloud for the collaboration! If you receive an alert from us, make sure to verify the data!
English
1
1
1
817
The Shadowserver Foundation
The Shadowserver Foundation@Shadowserver·
As with SocGholish Compromised WordPress Sites Special Report run last week (2026-06-18), if you receive a StealC alert from us or your service provider/national CSIRT, please follow remediation advice and change passwords immediately!
English
0
1
2
392
The Shadowserver Foundation
The Shadowserver Foundation@Shadowserver·
WordPress site users/admins (plus their friends and colleagues): Please read the defensive guidance provided, check your sites and remediate any signs of compromise immediately.
English
0
1
1
939
The Shadowserver Foundation
The Shadowserver Foundation@Shadowserver·
1,441,695 credentials covering period 2023-05-17 to 2026-05-25, from 1,134,542 domains hosted on 271,176 unique IP addresses, across 7,550 different ASNs in 187 countries/territories globally. Report technical details available here (dated 2026-06-18): shadowserver.org/what-we-do/net…
English
2
2
3
1.5K