Tootfinder

Here today at @… and very excited about it!
#cybersecurity

This guy has a nice set of threat hunting blog posts. He includes detection logic and #ioc when available
https://newtonpaul.com

"President Trump’s CYBER STRATEGY for America"
The strategy does not explicitly mention Coordinated Vulnerability Disclosure (CVD) or vulnerability disclosure programs.
Basically it's more about offensive posture, infrastructure protection, and technology dominance.
Cybersecurity independence for Europe is no longer optional, it has become a strategic necessity.
#cybersecurity

De hackers hebben de buitgemaakte gegevens vernietigd, echt waar….🤣
#chipsoft #hack #cybersecurity

Chipsoft: Alle door hackers buitgemaakte data zijn vernietigd
Cyberaanval: Bij de cyberaanval stalen de hackers medische gegevens van zorginstellingen. Volgens de getroffen softwareontwikkelaar zijn de data niet gepubliceerd.

Another cut in CISA budget for 2027, 707 million less.
#cisa #us #cybersecurity
🔗

Deep research on a recent ClickFix campaign from Kirk at Derp.ca. He offered much more analysis of this campaign but I want to highlight two aspects of the identified kill chain: duckdns.org and trycloudflare.com. Blocking those two domains would have stopped this attack. #cybersecurity

SERPENTINE#CLOUD returns: ClickFix lure drops five RATs
Same operator, new delivery chain. ClickFix through Cloudflare tunnels drops five RAT families simultaneously - including Brute Ratel C4 wrapping PureHVNC.

"Natürlich ist und bleibt der Mensch als Einfallstor ein Kernproblem. Und auch Signal könnte hier vermutlich noch bessere Sicherheitsmechanismen ermöglichen als jene, die es bislang anbietet. Aber Anbieter können das Problem vor dem Bildschirm nicht lösen, wenn dieses sich nicht für Grundsätze der IT-Sicherheit interessiert." #heise

"Pass the key, passwords have passed their sell-by date"
#cybersecurity

Pass the key, passwords have passed their sell-by date
: NCSC passes judgment: passkeys pass muster, passwords fail

Security: Learning the Language of Privacy by Matthew Plascencia
Watch now: https://youtu.be/qV5KVKQdCmI?si=imAhOc_xz9p-MfAn
🔒 Dive into the essentials of privacy and security in the open source world!

We need id for vulnerabilities on online services. Documenting is critical.
#cybersecurity #vulnerability

Microsoft says bug causes Copilot to summarize confidential emails
Microsoft says a Microsoft 365 Copilot bug has been causing the AI assistant to summarize confidential emails since late January, bypassing data loss prevention (DLP) policies that organizations rely on to protect sensitive information.

One of the best detailed descriptions of cybersecurity program essentials I’ve seen. From JP Morgan’s #cybersecurity team
https://www.j…

Fortifying the enterprise: 10 actions to take now for AI-ready cyber resilience
By the JPMorganChase Global Technology Leadership Team

RE: https://infosec.exchange/@ScumBots/116195646833821026
Come ‘on now?!? Who still doesn’t have *.ngrok.io blocked? Ngrok themselves don’t even recommend using this domain any longer.

gcve-eu-kev updated — a CISA KEV and ENISA CNW/EUVD to GCVE BCP-07 converter.
It now also includes a generic RSS/Atom exporter for any GCVE KEV BCP-07 feed.
@…
#cybersecurity

GitHub - gcve-eu/gcve-eu-kev: CISA/ENISA KEV to GCVE BCP-07 Converter.
CISA/ENISA KEV to GCVE BCP-07 Converter. Contribute to gcve-eu/gcve-eu-kev development by creating an account on GitHub.

Life is full of paradoxes. We spend countless time discussing threat actors using AI and in 2026 some are still relying on PlugX.
#plugx #cybersecurity #threatintel

Red Canary’s March Intelligence Insights report is out. They provide detection opportunities for common Windows and MacOS exploits #cybersecurity
https://redcanary.com/blog/threat-inte…

Intelligence Insights: March 2026 | Red Canary
ScreenConnect stays the course, Mac infostealers surge, and Vidar resurfaces in this month’s edition of Intelligence Insights

RE: #cybersecurity

RE: https://swecyb.com/@orlysec/116500890115601107
IOCs to hunt for:
Domains / Services
jsonkeeper[.]com
jsonsilo[.]com
api[.]npoint[.]io
pastebin[.]com
*.vercel[.]app

For those in the Microsoft Defender ecosystem
#cybersecurity

What's new in Microsoft Defender XDR - Microsoft Defender XDR
Lists the new features and functionality in Microsoft Defender XDR

You have a verified LinkedIn account, read this. #microsoft #linkedin #privacy #cybersecurity

Geoshitties for the win! If you use @… ‘s blocklists you’d have already blocked *.vercel.app which is a key link in the kill chain for this attack described by Microsoft. My advice: block Vercel for everyone in your org except for those that have a business need. #cybersecurity

Developer-targeting campaign using malicious Next.js repositories | Microsoft Security Blog
A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard build workflows. The activity demonstrates how staged command-and-control can hide inside routine development tasks.