Ahsen

🚨 CRITICAL: Active supply chain attack on axios -- one of npm's most depended-on packages. The latest axios@1.14.1 now pulls in plain-crypto-js@4.2.1, a package that did not exist before today. This is a live compromise. This is textbook supply chain installer malware. axios has 100M+ weekly downloads. Every npm install pulling the latest version is potentially compromised right now. Socket AI analysis confirms this is malware. plain-crypto-js is an obfuscated dropper/loader that: • Deobfuscates embedded payloads and operational strings at runtime • Dynamically loads fs, os, and execSync to evade static analysis • Executes decoded shell commands • Stages and copies payload files into OS temp and Windows ProgramData directories • Deletes and renames artifacts post-execution to destroy forensic evidence If you use axios, pin your version immediately and audit your lockfiles. Do not upgrade.

🚨‼️"Team PCP" — the group behind the Trivy compromise — have likely hit more software vendors and repos, stealing even more credentials in the process. LiteLLM is just one of many. More disclosures are expected in the coming days. Stay alert!

> be kippu > some startup app or something > idfk > goes live > people sign up > realize it's vibe coded > nerds get silly > nerds do http get on api endpoint > dumps entire database *image censored, although it's all over xitter

Krebs (@briankrebs) on Security used OSINT Industries to help track down operators of the Badbox 2.0 botnet: 10 million compromised Android devices. Phone numbers, emails, corporate entities connected across China. This is what proper OSINT looks like 💪🏼 Full investigation ⬇️🎯 krebsonsecurity.com/2026/01/who-op…

Logging sucks loggingsucks.com

AI-powered malware hit 2,180 GitHub accounts in “s1ngularity” attack - @billtoulas bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

@ahsentekd dünyanın en güzel üçlüsü. #2012

CORNFLAKE.V3 malware spotted in an access-as-a-service operation using the ClickFix technique. 🥣 UNC5518 uses fake CAPTCHA pages for access, which UNC5774 then leverages to deploy the CORNFLAKE.V3. Learn more: bit.ly/4mZ64a3

🔥 Tersine mühendisler, 6. toplantıya koşun! Yusuf İşlek, Ahsen Tekdemir, Celil Ünüver ve Utku Çorbacı ile, 16 Ağustos, İzmir'de. RT == MOV PC, 0x41414141414141

🚨 RubyGems & PyPI under attack: 🔸 60 fake RubyGems stole social media logins (275K+ downloads) 🔸 PyPI fakes hijacked crypto staking wallets Both hide credential-stealing code in legit-looking packages. Details → thehackernews.com/2025/08/rubyge…

''This Malicious PyPI Package Stole Ethereum Private Keys via Polygon RPC Transactions'' #infosec #pentest #redteam #blueteam thehackernews.com/2025/03/this-m…

New release of pytest-examples github.com/pydantic/pytes… now supports calling a function or coroutine within the example code. I'd love to rename the package so people can actually find and use it, but I can't think of a good name that's easier to search for.

LLMs as vulnerability hunters? Yup. Our Vulnhuntr tool from @ProtectAICorp uses Claude to scan Python code for 0days. 🤯 Check out the NoHat talk for the full story from @DanHMcInerney & @byt3bl33d3r. 👇 hubs.ly/Q02Xqxkv0

Say hello to the Polyglot Payload. The complete payload for the XSS Polyglot Challengev2 is now available on the xss.report platform. Source: web.archive.org/web/2019061711… Thanks @filedescriptor and crlf #xss #polyglot #polyglotxss

In collaboration with @rizasabuncu , we promptly identified and reported a vulnerability in iOS and macOS to Apple’s security team. This vulnerability had the potential to allow unauthorized access to user activities or browsing history, even when the device was in lockdown or incognito mode. We worked closely with Apple’s security team to provide detailed information on the vulnerability and contributed to its fix. ---- support.apple.com/en-us/121250 support.apple.com/en-us/121238

🐍💥Python 3.13.0 has been released! 🎉 This is the first version with 🧵experimental GIL-free mode, an experimental JIT compiler🔧, a slick new REPL 🖌️ and many new cool features! And it's faster, smarter, and more colorful than ever! 🚀 Get it here: python.org/downloads/rele…

Can your current tools cache 10,000 SBOMs transitive dependents in 30 seconds? Minefield can.

トルコのおじさんあまりにかっこよくてスケッチしてしまった　描いてみるとあらためてわかるんですけど姿勢の美しさがすごいわ

Cloudflare’s 1.1.1.1 DNS Service Disrupted by BGP Hijacking and Route Leak securityonline.info/cloudflares-1-…

🚨Alert🚨CVE-2024-21413 Microsoft Outlook RCE Flaw POC Released 📊219.8K+ Services are found on the Hunter.how 🔗Hunter:hunter.how/list?searchVal… Dorks 👇👇👇 Hunter:product.name="Outlook Web App" FOFA: app="Microsoft-Outlook" Shodan:http.component:"outlook web app" 📰PoC: github.com/Neo23x0/signat… #Microsoft #Outlook #hunterhow #infosec #infosecurity #Infosys #vulnerability