Falcon8x

Udemy online educational platform has been breached by ShinyHunters 1.4 million alleged student records containing PII are being claimed @udemy

🚨 Apple has finally patched the notification storage vulnerability that retained deleted messages for 30+ days, leaving them accessible to law enforcement extraction. Happy to have contributed to this together with you, my followers, by making this go viral. 💪

This is why Signal also offers features like disappearing messages and a separate Signal PIN/screen lock within the app: they're mitigations for exactly this endpoint-compromise reality, not part of the E2EE guarantee itself. Were you still able to read data with Signal Pin enabled?

@huntnp007 Exactly. End to end protects the messages in transit.

We now have access to signal messages when the message is at rest on the receiver’s phone⚡️

The SILENT WITNESS ON YOUR COMPUTER WAITING FOR YOU TO GET INTO TROUBLE. Most people believe that deleting a folder, clearing recent files, or wiping their history is enough to hide their tracks on a computer. What they don’t realize is that Windows quietly keeps a hidden record of the folders they open, even after those folders are deleted or the drive is removed. These records are called Shellbags, and they are one of the most powerful and incriminating artifacts available to forensic investigators. Shellbags appear inside two registry hives NTUSER.DAT and USRCLASS.DAT and they store detailed information about a user’s folder-browsing activity. This includes local folders, USB drives, external hard drives, network shares, and even directories that no longer exist. Each time a user opens a folder in Windows Explorer, the system automatically creates or updates a Shellbag entry. These entries contain timestamps, folder paths, the hierarchy of subfolders, the order in which a folder was accessed, and even the specific view settings used by the user. Because of this, Shellbags reconstruct a user’s exact navigation trail long after the person believes the evidence is gone. What makes Shellbags truly dangerous is the fact that they survive actions that users typically rely on to cover their tracks. Deleting a folder does not delete the Shellbag. Formatting a drive does not delete it. Even privacy tools and cleaners like CCleaner or BleachBit cannot reliably erase Shellbag data, because the information is deeply embedded within registry hives that standard cleaning utilities do not touch. The only way to remove Shellbags is through advanced forensic wiping, and attempting such wiping is, in itself, a sign of suspicious behavior. Forensic examiners rely heavily on Shellbags because they expose the truth even when a suspect tries to lie. If a person denies ever accessing a directory, the Shellbags can show when that folder was opened, how many times it was accessed, and whether it was located on an internal drive, an external USB, or a deleted partition. This makes Shellbags extremely valuable in investigations involving insider threats, data theft, fraud, child exploitation, unauthorized data access, and corporate disputes. In many cases, Shellbags become the deciding factor that disproves a suspect’s story. In the screenshot, the highlighted red section shows three important keys inside the registry. When all of this information is combined, Shellbags become a silent witness that never forgets. They reconstruct a hidden story of user activity that the person cannot deny, overwrite, or talk their way out of. This is why Shellbags remain one of the most feared artifacts for anyone attempting to conceal their actions on a Windows computer. You can delete the folder… but Shellbags still show it existed Even if you format a drive or delete the directory, Windows has already logged: 1. The folder name 2. Its full path 3. When it was opened 4. How many times it was opened 5. The view settings (icon mode, window size) 6. The order in which folders were browsed This means forensic investigators can prove someone accessed: “Secret” directories Hidden folder structures USB drives or removable media Folder paths used for storage of illicit or suspicious Folder paths used for storage of illicit or suspicious data even if the folders are long gone.

🚨 Ransomware Alert: 🇯🇲 JOH Investments Limited (myjohgroup.com), a Jamaica-based financial services company, has reportedly fallen victim to the Payload ransomware group. 📝 NB: The group intends to publish it within 5-6 days. 🔎 Key Details: 👥 Threat Actor: Payload 📅 Reported on: 21-04-2026 📦 Data Compromised: 30 GB

Go to iOS Settings → Notifications → [App Name] → Show Previews and set it to Never. You can also do this globally under Settings → Notifications → Show Previews → Never

Cyber Tweeps, check this out: From CISA, Mobile Communications Best Practice Guidance 'Do not use a personal virtual private network (VPN). Personal VPNs simply shift residual risks from the internet service provider (ISP) to the VPN provider, often increasing the attack surface. Many free and commercial VPN providers have questionable security and privacy policies. However, if your organization requires a VPN client to access its data, that is a different use case.' cisa.gov/sites/default/…

Microsoft introduces Backup and Recovery for Microsoft Entra ID! Entra Backup and Recovery solution enables you to quickly recover from malicious attacks or accidental changes by reverting your core tenant objects to any previous state within the last 5 days. With automated backups and granular recovery capabilities, it ensures minimal downtime and supports your business continuity in the face of unexpected disruptions. Entra automatically generates one backup per day, retaining the last 5 days of backup history. You can recover key properties of the following core tenant objects: - Users - Groups - Applications - Conditional access policies - Service principals - Organization - Authentication methods - Authorization policy - Named locations #EntraID #Microsoft365 #Microsoft

LexisNexis confirms data breach as hackers leak stolen files bleepingcomputer.com/news/security/… bleepingcomputer.com/news/security/…

United States 🇺🇸 - LexisNexis has allegedly been breached, exposing 400,000 user profiles, federal judge and DOJ accounts, plaintext AWS secrets, customer passwords, and internal IT infrastructure maps. dailydarkweb.net/lexisnexis-inv…

ICYMI: This is the TTP that hit the UK retailers Scattered Spider mounts a virtualized domain controller (DC)’s VMDK as a drive to a new or decommissioned VM. This effectively allows the adversary to copy the AD database ntds.dit from an unmanaged host. go.crowdstrike.com/rs/281-OBQ-266…

🚨 The CrowdStrike 2026 Global Threat Report is here. In the age of AI, even less sophisticated threat actors can execute complex attacks, and advanced adversaries have become dramatically more dangerous. This year’s report exposes the latest tradecraft of the evasive adversary, who is supercharging attacks with AI and posing an unprecedented threat. Attacks by AI-enabled adversaries increased by 89% in 2025. The average eCrime breakout time plummeted to just 29 minutes. That’s a 65% increase in speed from 2024. And with adversaries using AI to accelerate their attacks and move fluidly across domains, they are evading detection more effectively than ever. Get the latest threat intel findings here: crowdstrike.com/global-threat-…

@CableCarDom Which quarter of the year will this open? I’m planning a trip but would like to schedule during the time it’s slated to open so I can experience this.

This New Year, let the journey lift you. The Dominica Cable Car is more than a ride, it’s a passage through forests, clouds, and possibility. Wishing everyone a grounded yet elevated 2026. Know more - dominicacablecar.com

.@1Password browser extension is injecting Prism.js *globally* on every page, which then applies its syntax highlighting logic on all blocks matching [lang=*] regardless of whether it’s meant to be compatible, thus breaking original highlighting. Terrible negligence and even more so that this made to prod while already flagged during beta. Been a user for a long time but this will def push me to an alternative if not fixed soon.