Peter Girnus
LightNews LightNews
gothburz.bsky.social
Peter Girnus
@gothburz.bsky.social
28 followers 1 following 730 posts
Sr. Threat Researcher @theZDI 🥷🏻🛡️👨🏼‍💻Hunts for 0-days and #security threats in the wild 🎯 News 📰 Memes 😏 Books 📚 Games 👾 opinions my own 💭 #infosec
Posts Media Videos Starter Packs
Pinned
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Feb 4
We identified a new zero-day vulnerability affecting 7-Zip (CVE-2025-0411) being exploited in-the-wild on September 25th, 2024. Russian groups utilized this vulnerability, deploying SmokeLoader for espionage operations targeting #Ukraine during the Russo-Ukrainian War. #infosec #cybersecurity 🔗👇
1 1 1
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Jun 4
Justi autem in perpetuum vivent et apud Dominum est merces eorum — Wisdom 5:16
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · May 26
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · May 3
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Apr 19
"It is evening in the soul... when the light of this world fades and a man is indrawn and rests" — Meister Eckhart, Sermon 38
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 25
🚨Patch up your Kubernetes installs.

⚠️ Affected @kubernetesio versions:
< v1.11.0
v1.11.0 - 1.11.4
v1.12.0

🦠Vulnerabilities 
CVE-2025-1974
CVE-2025-1097 
CVE-2025-1098 
CVE-2025-24514
CVE-2025-24513
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 13
Rare urgent advisory from @Meta 🚨⚠️ CVE-2025-27363: FreeType flaw risks millions. Remote code execution possible on major platforms. Patch urged as exploitation rises. Severity: 8.2/10. Affects versions pre-2.13.3. Update now! 

www.facebook.com
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 10
RIP $TSLA... 💥🚗📉
1
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 9
Snack Makers Are Removing Fake Colors From Processed Foods - Slashdot
"PepsiCo is launching a new product, Simply Ruffles Hot &amp; Spicy, which uses natural ingredients like tomato powder and red chile pepper instead of artificial dyes," reports Bloomberg. But it's part of a larger trend: In one of the final acts of President Joe Biden's administration, the U.S. Fo...
science.slashdot.org
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 9
Snack makers are shifting away from artificial colors in processed foods. PepsiCo's new Simply Ruffles product uses natural ingredients like tomato powder. This change aligns with a trend following the FDA's ban on Red No. 3 due to health concerns.
1
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 8
iPhone 16e review: The most expensive cheap iPhone yet
The iPhone 16e rethinks—and prices up—the basic iPhone.
arstechnica.com
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 8
The iPhone 16e: the priciest budget phone! 💸 It boasts a solid display, performance, and battery life but ditches fun features like MagSafe and Dynamic Island. 🏖️ Apple’s strategy? Hike prices while streamlining production. Great for profits📱😬 @arstechnica
1
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 7
🚨Medusa #ransomware claims 40+ victims in 2025, including a US healthcare org hit in Jan. @Symantec reports nearly 400 victims since 2023, with ransom demands up to $15M. True victim count likely higher. From @InfosecurityMag 👉
Medusa Ransomware Claims 40+ Victims in 2025
Symantec found that Medusa has listed almost 400 victims on its data leaks site since early 2023, demanding ransom payments as high as $15m
www.infosecurity-magazine.com
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 7
Ransomware gang encrypted network from a webcam to bypass EDR
The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim's network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows.
www.bleepingcomputer.com
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 7
🚨Akira ransomware gang used an unsecured webcam to deploy a Linux encryptor, bypassing EDR and encrypting network shares via SMB 🤯. Highlights need for broader device monitoring beyond Windows endpoints. From @BleepinComputer
1
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 6
🚨@BleepinComputer: @Ethereum key stealer hits PyPI as "set-utils", downloaded 1K+ times! @billtoulas
 warns blockchain devs to stay vigilant. #crypto
Ethereum private key stealer on PyPI downloaded over 1,000 times
A malicious Python Package Index (PyPI)  package named "set-utils" has been stealing Ethereum private keys through intercepted wallet creation functions and exfiltrating them via the Polygon blockchain.
www.bleepingcomputer.com
1
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 6
Ransomware gang encrypted network from a webcam to bypass EDR
The Akira ransomware gang was spotted using an unsecured webcam to launch encryption attacks on a victim's network, effectively circumventing Endpoint Detection and Response (EDR), which was blocking the encryptor in Windows.
www.bleepingcomputer.com
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 6
🚨 Akira ransomware exploited an unsecured webcam (yes this is an initial security vector and one reason why #Pwn2Own has IoT cameras as a target category) to encrypt a network, bypassing EDR. @BleepinComputer reports rapid attack from initial access to encryption in hours. 🤯 #Ransomware
1
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 6
@Microsoft takes down massive malvertising campaign hit ~1M PCs via GitHub repos. Malware stole system data & dropped payloads. Tracked as Storm-0408.💽🛡️ via @BleepingComputer
Microsoft says malvertising campaign impacted 1 million PCs
​Microsoft has taken down an undisclosed number of GitHub repositories used in a massive malvertising campaign that impacted almost one million devices worldwide.
www.bleepingcomputer.com
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 6
@jenkinsci releases Jenkins Security Advisory 2025-03-05

Jenkins Security Advisory 2025-03-05
Jenkins – an open source automation server which enables developers around the world to reliably build, test, and deploy their software
www.jenkins.io
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 6
🩹SMR-MAR-2025: @SamsungMobile releases patches for flagship model phones 📱 make sure to apply the latest patch in order to secure your @Samsung devices.

https://security.samsungmobile.com/securityUpdate.smsb?year=2025&month=03
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 6
Over 37,000 VMware ESXi servers vulnerable to ongoing attacks
Over 37,000 internet-exposed VMware ESXi instances are vulnerable to CVE-2025-22224, a critical out-of-bounds write flaw that is actively exploited in the wild.
www.bleepingcomputer.com
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 6
Over 37,000 VMware ESXi servers are vulnerable to a critical flaw (CVE-2025-22224) that is being actively exploited, prompting urgent updates and mitigation efforts from affected organizations. From @BleepinComputer @billtoulas
1
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 6
Attackers Targeting Japanese Firms with Cobalt Strike
Attackers are actively exploiting an RCE flaw in Windows PHP-CGI implementations to target Japanese firms, deploying Cobalt Strike for persistence
www.infosecurity-magazine.com
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 6
A sophisticated cyber-intrusion campaign 🥷 has been reported, targeting various Japanese sectors 🇯🇵🎯 by exploiting a remote code execution flaw to gain access, deploying Cobalt Strike 🦠for persistent control, while engaging in credential theft and lateral movement
1
gothburz.bsky.social
Peter Girnus @gothburz.bsky.social · Mar 5
🚨@BleepinComputer: BadBox malware 🦠 disrupted on 500K Android devices! @billtoulas reports.