box turtle

270 posts

box turtle banner
box turtle

box turtle

@xploitrsturtle2

I follow ToS Box turtle / canisterturtle / shai huturtle email service is down - uwu underground / icesolst has a safeword with me mum look Im on the news.

your aws key Katılım Mart 2026
19 Takip Edilen1.9K Takipçiler
Sabitlenmiş Tweet
box turtle
box turtle@xploitrsturtle2·
Github knew for hours, they delayed telling you and they wont be honest in the future. what an amazing run, its been an honor to play around with the cats over the past few months. #teamPCP #github
box turtle tweet media
English
61
225
1.7K
279.7K
box turtle
box turtle@xploitrsturtle2·
@hasanbroked @intelkink @FBI Im not involved in you and caspers beef, not sure why he brought me up anyway... even so, you dont have anything on me because no one i work with has anything on me
English
1
0
1
7
HasanBroker
HasanBroker@hasanbroked·
https://breached[.]st/threads/hello-breachforums.86013/ Site is launched.
English
10
1
61
7.3K
box turtle
box turtle@xploitrsturtle2·
Tell me your friends ill tell you your future
English
4
2
19
977
Michael R
Michael R@nahamike01·
A new competitor to TeamPCP & PCPJack? An open directory hosted at 38.174.216[.]194 exposed 'Cloud AI Infrastructure Attack Framework' (CAI): a centralized botnet targeting Docker/Kubernetes/Redis/Ray Dashboards, etc. for credential theft and cryptomining. CAI explicitly seeks out and kills TeamPCP and PCPJack processes, to further monopolize on compromised targets. Pivoting on an SSH key comment (41832@CAI) embedded in cai_config.py, uncovered two additional nodes: 95.182.96[.]223 - recently identified by @Yusufcancakiir , and 120.26.46[.]187 first observed by @Huntio AttackCapture on 15 June. This was a single operator across three IPs, using two different Monero wallets, both of which see daily activity. The scripts on 95.182.96[.]223 are heavily inspired by the actors behind the cloud worm, using code comments like "PCPJack-aligned." 38.174.216[.]194 serves as a staging server, while 38.174.218[.]65:666 is the C2 endpoint. This may be worth monitoring as additional threat actors seek to monetize on this type of activity.
Michael R tweet mediaMichael R tweet mediaMichael R tweet media
English
5
17
71
5.9K
box turtle
box turtle@xploitrsturtle2·
@DoomsdayGoth @kernelstub its ok bro, just stick to it and you will learn something that will impress people eventually. everyone starts somewhere
English
0
0
2
53
scythe
scythe@DoomsdayGoth·
@xploitrsturtle2 @kernelstub You are correct, I’m a beginner and tried to make something for fun and people are treating me like I’m stupid for doing this.
English
2
0
1
88
ret2src
ret2src@ret2src·
Escalating from On-prem to Entra through MITM Attacks My colleague @0x64616e just published his latest research on lateral movement between on-premises Active Directory and Entra through DNS hijacking. Check it out: ➡️ securitylog.sva.de/2026/offsec/es…
English
2
64
186
31.8K
box turtle
box turtle@xploitrsturtle2·
hacktivism will again be the next revolution if law makers continue stomping on the autonomy of their people with laws that pretend to help their citizens but only exist to surveil.
English
4
7
42
1.2K
box turtle retweetledi
FBI Cyber Division
FBI Cyber Division@FBICyberDiv·
The FBI has issued a FLASH on the cybercriminal group TeamPCP, which has carried out large-scale software supply chain compromises by targeting widely used developers and security tools. The group has infiltrated victim environments and extracted sensitive data, including cloud access tokens, SSH keys, and Kubernetes secrets. TeamPCP has also engaged in extortion and collaboration with cyber actors from other threat actor groups, publishing victim names on a public leak site and threatening to release stolen data. Read the FLASH for more on TeamPCP’s tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and recommendations to protect your organization: ic3.gov/CSA/2026/26070…
FBI Cyber Division tweet media
English
107
150
398
46.8K
john boggans
john boggans@johnboggans17·
@FBICyberDiv also they do humiliation tactics so girls on onlyfans or do porn again they see everything thats on your device so they put out photos and videos off people
English
1
0
0
569
box turtle
box turtle@xploitrsturtle2·
amazing username
box turtle tweet media
English
2
0
180
7.6K
Moshe Siman Tov Bustan
Moshe Siman Tov Bustan@MosheTov·
Please give me a heads up :( We're not a big corp, we're drowning with work, and the research team that's been on your tail for the past few months has only two researchers (including me!)
English
1
0
1
81
box turtle
box turtle@xploitrsturtle2·
still alive
English
4
0
18
800
box turtle
box turtle@xploitrsturtle2·
@MosheTov i hope you guys dont catch the next in dev supply chain X)
English
1
0
0
120
box turtle retweetledi
0xjb
0xjb@0xjbb_·
Your call stacks suck. Trollstackspoofing is the new meta
0xjb tweet media
English
4
11
141
23K