Xavier Bellekens

10.5K posts

Xavier Bellekens

@noktec

Founder of Lupovis

Glasgow, Scotland Katılım Aralık 2009

4.7K Takip Edilen1.8K Takipçiler

Xavier Bellekens retweetledi

Lupovis@LupovisDefence·6 Mar

The Lupovis telemetry observed 1,322 unique attacker IPs originating from Iranian infrastructure targeting US networks during that short burst. More than any other NATO country, should we check the sectors next? #ThreatIntel #CyberSecurity

Xavier Bellekens@noktec

@symantec Threat Hunters @threatintel research highlights Iranian Seedworm (MuddyWater) activity inside US networks since early February. Interesting timing. The @LupovisDefence telemetry, we observed multiple spikes in activity originating from Iranian infrastructure the last one peaking Feb 12, heavily targeting US networks. This could indicate: • broader reconnaissance activity • infrastructure positioning Credit to Symantec Threat Hunter for the research. Article: security.com/threat-intelli… #threatintel #cybersecurity #Iran

English

108

Xavier Bellekens@noktec·6 Mar

@symantec Threat Hunters @threatintel research highlights Iranian Seedworm (MuddyWater) activity inside US networks since early February. Interesting timing. In the @LupovisDefence telemetry, we observed multiple spikes in activity originating from Iranian infrastructure the last one peaking Feb 12, heavily targeting US networks. This could indicate: • broader reconnaissance activity • infrastructure positioning Credit to Symantec Threat Hunter for the research. Article: security.com/threat-intelli… #threatintel #cybersecurity #Iran

English

Xavier Bellekens retweetledi

Lupovis@LupovisDefence·5 Mar

CVE-2025-0282 activity just exploded across our sensors. For weeks we saw ~500–1500 tries/day. In the last 48h that jumped to 10k+. When splitting by location, the spike is almost entirely targeting US infrastructure. Likely the vuln was automated or a better PoC is available

English

261

Xavier Bellekens@noktec·5 Mar

CVE-2025-0282 (Invanti Connect Secure) activity just exploded across our sensors. This pattern usually means the vulnerability has been integrated into automated scanning tooling or botnets, moving from opportunistic probing to mass exploitation attempts. Something clearly changed in the ecosystem. We'll be watching to see if the scanning expands globally. #threatintel #cybersecurity #honeypots

Lupovis@LupovisDefence

English

161

Xavier Bellekens@noktec·5 Mar

Heavy exploitation from Russia this morning seen around the world. Mostly these 2 in the last hour or so. 193.24.123.58 91.215.85.104

Lupovis@LupovisDefence

We’re observing an increase in exploitation attempts for CVE-2026-20127 (@Cisco SD-WAN). Initial activity was first detected early last week, primarily from the US and the MEA. We are now seeing exploitation originating from Russia, suggesting the activity is spreading

English

111

Xavier Bellekens@noktec·24 Şub

Interesting case with CVE-2025-40551 (SolarWinds Helpdesk). We started seeing exploitation activity in our honeypots less than 2 days after disclosure. That early signal meant our customers had visibility into in-the-wild activity several days before broader confirmation later appeared in sources like CISA’s KEV. It’s a good reminder that the window between disclosure and exploitation can be very short, and that layering multiple intelligence sources is key.

English

161

Xavier Bellekens retweetledi

Aakash Gupta@aakashgupta·20 Şub

Anthropic just made the entire $15B application security market price in a question it can't answer. Traditional AppSec tools from Snyk, Veracode, and Checkmarx charge per-developer licensing for static analysis. They find vulnerabilities. They generate reports. They flag code. Then a security engineer has to actually fix the problem, which is where 80% of the cost and 90% of the delay lives. Look at the screenshot. Input sanitization audits. SSRF detection. Auth bypass tracing. RBAC enforcement reviews. These are the exact tasks that cost security consultants $300-500/hr and take weeks to schedule. Claude Code Security doesn't generate a PDF full of findings for a human to triage. It writes the patches. That compresses the entire vulnerability lifecycle, discovery through remediation, into a single loop. This tells you everything about where Anthropic sees the real margin in developer tools. Scanning is commoditized. Every CI/CD pipeline already runs some flavor of SAST/DAST. The bottleneck has always been fixing vulnerabilities fast enough to matter, and that bottleneck just disappeared. The timing is worth noting too. Anthropic released this the same week enterprises are getting audited on SOC 2 and ISO 27001 compliance cycles. Security teams running 200+ open findings with a 90-day remediation SLA just got a tool that could clear that backlog in hours. If you're building in AppSec right now, the competitive question changed. You're no longer selling "we find more bugs." You're competing against an AI that finds them and writes the patches in the same session.

Claude@claudeai

Introducing Claude Code Security, now in limited research preview. It scans codebases for vulnerabilities and suggests targeted software patches for human review, allowing teams to find and fix issues that traditional tools often miss. Learn more: anthropic.com/news/claude-co…

English

149

370

3.6K

926.8K

Xavier Bellekens@noktec·4 Şub

@_SaxX_ Tu exagères un peu, un autre document montre clairement #1island comme password. 🤣🤣

Français

3.3K

$SaxX ¯\_(ツ)_/¯$

SaxX ¯\_(ツ)_/¯@_SaxX_·4 Şub

Jeffrey Epstein utilisait le même mot de passe partout ! Son mot de passe était jeevacation12 ! LE MÊME QUE SON ADRESSE MAIL + 12... comme l'année 2012 ! *FOR GOD F*CK SAKE NOOOOOO Quelle mauvaise hygiène numérique 😬🤦🏽‍♂️ Et le pire dans tout cela... il avait des "pro" qui s'occupaient de sa sécurité informatique... ⚠️❌️ N'UTILISEZ PAS LE MÊME MOT DE PASSE PARTOUT !

$SaxX ¯\_(ツ)_/¯ tweet media$ $SaxX ¯\_(ツ)_/¯ tweet media$ $SaxX ¯\_(ツ)_/¯ tweet media$ $SaxX ¯\_(ツ)_/¯ tweet media$

Français

689

163.8K

Xavier Bellekens@noktec·27 Oca

5 meters of blood 😂 is that a new metric?

HustleBitch@HustleBitch_

🚨 KEVIN O’LEARY JUST SAID THE QUIET PART OUT LOUD - ELITES ARE FILTERING THEIR BLOOD OVERSEAS Billionaire Kevin O’Leary was filmed in Dubai casually describing a procedure where nearly five meters of blood are drained from the body, run through a dialysis-style machine, ozonated, oxygenated, then pumped back in. This wasn’t an experiment. This wasn’t a one time test. This was a repeatable, scheduled procedure he says he does every time he’s in the UAE. Mr. Wonderful openly says it’s his fourth time. He openly says he blocks off half a day just to do it. And he openly says the effects are noticeable almost immediately. This procedure isn’t FDA approved. And it isn’t explained on mainstream medical shows Americans are told to trust. Yet the same class of people urging the public to “follow the science” are quietly flying overseas to filter their own blood - then walking out saying they feel incredible. First it was Tijuana. Now it’s Dubai. Same procedure. Same quiet pattern. What’s the first thing this makes you think of?

English

Xavier Bellekens@noktec·31 Ara

@regelegorila @lafollehistoire A 5kmh 4h de marche en bossant c’est pas mal! J arrive a faire les meetings, les mails mais je ne depasse jamais le 12km/j impossible de meetings concentrer vraiment sur le taff.

Français

2.4K

Regelegorila@regelegorila·31 Ara

@lafollehistoire Tapis de marche : je marche 10 à 20km par jour en travaillant.

Français

153

31.7K

La Folle Histoire@lafollehistoire·31 Ara

Bon ça sera toujours pas l’année des 10k mais compliqué de faire mieux en bossant de chez moi.

Français

170

42.1K

Xavier Bellekens@noktec·8 Ara

I haven't done academic research in years now but once in a while I still check my scholar profile, This is my first paper breaching the 1k citation mark. The next one is 250 citations away! Nice milestone.

English

Xavier Bellekens retweetledi

Fahd Ananta@fahdananta·6 Ara

Justin Bieber is now a top 10% product manager

Justin Bieber@justinbieber

If I hit this dictation button after sending a text and it beeps and stops my music one more time, I’m gonna find everyone at apple and put them in a rear naked choke hold Even if I turn off dictation I somehow hit the voice note thing The send button should not have multiple functions in the same spot

English

1.4K

30.7K

4.2M

Xavier Bellekens@noktec·1 Ara

One more to go.

English

Xavier Bellekens@noktec·18 Kas

@peterrhague Foreigners all go back to their home country. Travel to France Poland Belgium get it done there. Get a FR BE PL friend recommendation.

English

374

Peter Hague@peterrhague·18 Kas

My son needs a dental operation. We have a private dentist (cannot get an NHS one) for regular visits and small procedures but they can’t do big operations. So we go with the public sector. I’ve just been on the phone and was told the waiting list is 1 to 2 years. Not months. Years. This is some Soviet BS. I need to find some way to get this done without depending on our failed state.

English

2.5K

888

9.7K

1.3M

Xavier Bellekens@noktec·9 Kas

Elections are just one example. Every large-scale event often has early signals in network telemetry especially IP activity. We can often predict events too (to an extent) Continuous enrichment and scoring transform those signals into warnings, not post-mortems.

English

Xavier Bellekens@noktec·9 Kas

Those IPs weren’t new. They’d appeared in smaller campaigns months before, rotating across residential nodes and cloud providers. Time-decayed reputation scoring would have revealed their re-activation pattern days before election day.

English

Xavier Bellekens@noktec·9 Kas

During Moldova’s 2025 elections, the Central Election Commission faced 898M malicious requests in 12 hours. It wasn’t random. The same botnet IPs had been probing earlier rehearsing the attack. This is not an uncommon pattern, we often see this with @LupovisDefence

English

107

Xavier Bellekens@noktec·9 Kas

@_jameslincoln @HubSpot We moved as well. Pipedrive is a lot better. Didn’t like Zoho too much. Attio was too slow.

English

James Lincoln@_jameslincoln·7 Kas

We decided to make a switch to @HubSpot and couldn't be more disappointed. Functionality was promised in the sales process that doesn't actually work. 10 days into our implementation we pulled the plug. They refuse to negotiate at all on the 12-month term.

English

164

403

84.5K

Keşfet

@symantec @threatintel @LupovisDefence @_SaxX_ @regelegorila @lafollehistoire @peterrhague @elonmusk