Sabitlenmiş Tweet
@onyphe.io
1.3K posts
@onyphe.io
@onyphe
Provider of Attack Surface Discovery (ASD), Attack Surface Management (ASM) and CTI solutions. Scanning at Internet-scale since 2017 - contact at onyphe dot io
France Katılım Mart 2016
122 Takip Edilen2.1K Takipçiler
@onyphe.io retweetledi
And you had coinbase in Septembre 2025 on this domain, Cc @onyphe :
Steven Lim@0x534c
🚨 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿𝘀 – 𝗦𝗵𝗶𝗻𝘆𝗛𝘂𝗻𝘁𝗲𝗿𝘀 𝗜𝗻𝗳𝗿𝗮𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲 𝗔𝗹𝗲𝗿𝘁 ReliaQuest Threat Research has identified a newly registered domain: 𝘀𝘁𝗿𝘆𝗸𝗲𝗿[.]𝗽𝗮𝘀𝘀𝗸𝗲𝘆𝘀𝗲𝘁𝘂𝗽[.]𝗰𝗼𝗺, attempting to exploit confusion around Stryker’s current situation. Link: reliaquest.com/blog/threat-sp… Further investigation reveals two additional organizations being targeted: 𝘀𝘄𝗶𝗻𝗲𝗿𝘁𝗼𝗻[.]𝗽𝗮𝘀𝘀𝗸𝗲𝘆𝘀𝗲𝘁𝘂𝗽[.]𝗰𝗼𝗺 𝗰𝗯𝗶[.]𝗽𝗮𝘀𝘀𝗸𝗲𝘆𝘀𝗲𝘁𝘂𝗽[.]𝗰𝗼𝗺 ⚠️ Defenders are strongly advised to: - Monitor the generic, non-brand domains listed in the IOCs. - Deploy defensive threat monitoring queries immediately to detect potential activity. Let’s stay ahead of adversaries.🤝 #Cybersecurity #ThreatIntel #ShinyHunters
English
Service is partially restored (not all data is available) but main issue is not fixed yet by our hosting provider.
English
Our hosting provider is experiencing an issue, we will keep you posted.
English
We are experiencing an availability issue on our search platform. Currently investigating, will let you know.
Thank you for your patience.
English
@onyphe.io retweetledi
I deleted the previous tweet to avoid confusion. It was incorrect.
English
@t43cr0wl3r @OVHcloud @Hetzner_Online It seems you think withaname is affiliated to NoName, while it's not.
Withaname is tracking NoName infra through our data.
An onion Website doesn't always mean malicious intent.
English
@onyphe @skocherhan Happy to connect and exchange via DM / email
😎
English
@c_APT_ure @skocherhan Do you have a specific regex to share for matching?
English
You mean like this:
onyphe -search 'category:ctiscan ip.asn:"AS20473" cert.fingerprint.sha256:"8521f42ce73b1646ccf6d85d876e40662fd0560aeded05ce62b94e5e30233cbe" | uniq ip.dest'
Will@BushidoToken
🆕 Quick Pivot on UNC6201 infrastructure with @TeamCymru Scout! @Mandiant shared a GRIMBOLT C2: 149.248.11.71 in their latest blog on UNC6201 (cloud.google.com/blog/topics/th…) Using Scout, I found 2 more IPs using the same certificate, ASN, and open ports 140.82.18.134 66.42.111.219
English
🏁 The new year has already begun, so it’s time to look back on 2025 and list what we’ve accomplished at @onyphe. It’s also time to talk about upcoming developments. And once again, they’re ambitious, as they are every year for us.
Blog article:
blog.onyphe.io/en/retrospecti…
English
🏁 La nouvelle année est déjà entamée, c’est le moment de revenir sur 2025 et de lister ce que nous avons fait chez @onyphe. C’est également le moment de parler des évolutions à venir. Et c’est encore une fois ambitieux, comme chaque année chez nous:
blog.onyphe.io/rtrospective-2…
Français
English
📣 UPDATE: now scanning 2,600+ ports, weekly refresh.
@onyphe.io@onyphe
📣 ANNOUNCEMENT: we have reached the 2,100+ scanned ports milestone, at Internet scale with a weekly refresh rate. Next step: 5,000+ ports, weekly refresh. Then 10,000 by end of next year. We will be the competitor number 1 to @censysio in 2026. #ASM #CTI #ASD
English
onyphe -search 'category:ctiscan app.device:c2 -dayago:0 | uniq ip.dest | addcount | fields count' | tail -n 1
{"count":236}
#C2 #CTI #ThreatHunting
English
📣 We have added a new #vulnerability detection to our #ASM #AttackSurfaceManagement solution for #n8n product:
CVE-2026-21858: unauthenticated remote code execution #Ni8mare
search.onyphe.io/search?q=categ…
English
@onyphe.io retweetledi
We are experiencing a production incident, our Web site or APIs may not be available to all.
Will keep you posted as soon as it is resolved.
Thanks for your patience.
English
📣 We have added a new #vulnerability detection to our #ASM #AttackSurfaceManagement solution for #SmarterMail product:
CVE-2025-52691: remote unauthenticated file upload & overwrite
search.onyphe.io/search?q=categ…
English