InfoSec Pandey🥷🏻 🇮🇳 🕉️

The BIGGEST NPM Attack Ever? | Axios Compromised by North Korea! | How A... youtu.be/uUqhivZ5wCc?si… via @YouTube

💥 Supply chain nightmare continues! Axios a widely used HTTP client got compromised. Malicious versions: - axios 1.14.1 (latest) - axios 0.30.4 (legacy) - plain-crypto-js 4.2.x (postinstall backdoor) NPM supply chain attacks are becoming more common, so I put together a short cheat sheet you can keep around to secure your pipeline.

Google Threat Intelligence Group is tracking an active supply chain attack 🔎 North Korea-nexus actor UNC1069 compromised the "axios" NPM package (v1.14.1 & 0.30.4), deploying the WAVESHAPER.V2 backdoor across Windows, macOS, and Linux. Learn more: bit.ly/3NZR3Zv

Day 39: MITRE ATT&CK Mapping for Detection Rules | Detection Rule Mappin... youtu.be/hNPmD_4NULQ?si… via @YouTube

18. Papers With Code: paperswithcode.com 19. AssemblyAI Blog: assemblyai.com/blog 20. Pinecone Learn: learn.pinecone.io Never pay for AI courses. The best ones from the industry LEADERS are already completely free.

13. Stanford AI: cs231n.stanford.edu 14. MIT OpenCourseWare: ocw.mit.edu 15. Full Stack Deep Learning: fullstackdeeplearning.com 16. DeepMind Resources: deepmind.com/learning-resou… 17. OpenAI Cookbook: github.com/openai/openai-…

The best AI courses that are FREE to learn in 2026: 1. Anthropic: anthropic.skilljar.com 2. Google: grow.google/ai 3. Meta: ai.meta.com/resources 4. NVIDIA: developer.nvidia.com/training (GOATed) 5. Microsoft: learn.microsoft.com/training

A phishing campaign is abusing an official device code OAuth flow. Instead of stealing passwords, attackers trick you into entering a verification code on the real login page to hijack OAuth tokens. This grants long-term access to email and files. Details: bit.ly/3PvgHG0

238,000 Impacted by Bell Ambulance Data Breach securityweek.com/238000-impacte…

ES|QL Cheat Sheet. Save for later.

Just uploaded the video regarding #SIEM/#SOC L2 & L3 #interview preparation. It provides an in-depth look at advanced #security operations topics that are essential for senior-level roles. #CyberSecurity #infosec youtu.be/LVnww_YqvD4

Become a SOC Analyst in 2026! 🛡️🚀 ✅ Core Skills (Networking, OS, SIEM/EDR) ✅ Incident Response Frameworks (NIST/SANS) ✅ Real-world Alert Triage Methodology ✅ Certification & Interview Guide Your career starts here youtu.be/BGfOZcTGHfE #CyberSecurity #SOCAnalyst #BlueTeam

Master the SOC Alert Lifecycle! 🛡️🚀 breaks down the journey of a security #alert—from the first ping to final closure. Stop reacting randomly and start following a structured process to turn chaos into clarity. youtu.be/p49fz8W0uE8 #CyberSec #SOCAnalyst #BlueTeam #InfoSec

Triage alerts like a pro! 🛡️☕ Day 32 of #SOC100Days teaches you how to master alert prioritization, avoid burnout, use tools like #VirusTotal and #GrayNoise to spot real threats fast. Don't just work harder, work smarter: youtu.be/SeKxW4nEGnU #SOCAnalyst #BlueTeam #InfoSec

Master KQL for MS Sentinel with @InfosecPandey! 🛡️💻 Day 33 of #SOC100Days simplifies Kusto Query Language with hands-on demos and 10 essential queries for your hunting toolkit. 🕵️‍♂️🚀 Level up your SOC skills: youtu.be/maUI896LT3g #KQL #MicrosoftSentinel #CyberSecurity #InfoSec

Master Splunk's SPL with @InfosecPandey! 🛡️💻 Day 34 of #SOC100Days breaks down the Search Processing Language with hands-on demos and 10 essential queries for your SOC toolkit. 🕵️‍♂️🔍 Stop searching, start hunting: youtu.be/G6LqXgwPr2E #Splunk #CyberSecurity #InfoSec #BlueTeam

Highlights: ✅ Foundations: Networking, OS, & Security principles. ✅ Toolkit: SIEM, EDR, and Network Monitoring. ✅ Mindset: Triage, prioritization, and threat intelligence. ✅ Build a home lab & get hands-on!💻#CyberSecurityCareer #BlueTeam #InfoSec #CyberSecurity #TechCareer

Want to break into Cyber Security? 🛡️🚀 ​This comprehensive SOC Analyst Career Guide is ultimate roadmap! From understanding "digital command center" to mastering the tools of the trade, it covers everything you need to go from rookie to pro: youtu.be/qIqqb8tQE5o ​#SOCAnalyst

Key takeaways: 🔹 Components of a solid rule: Use Case, Log Source, Trigger, Time Window, & Action. 🔹 Real-world examples: Lateral movement & Data exfiltration. 🔹 Pro-tip: Map your logic to the MITRE ATT&CK framework.

Stop being an "alert monkey" and start thinking like a #detection engineer! 🛡️💻 In Day 35 of the #SOC100Days challenge, @InfosecPandey breaks down how to write custom #SIEM #correlationrule to catch advanced #threats that default rules miss: youtu.be/L3286oXsXO0 #infosec