CyberNetSecIO
@netsecio.bsky.social
Cybersecurity professional with over 10 years of specialized experience in security operations, threat intelligence, incident response, and security automation.
⛓️ Supply chain attacks are targeting manufacturers via insecure web portals. Attackers use bots & SQL injection to breach supplier forms, stealing data to attack customers in defense & finance. 85% of firms report related incidents. #SupplyChain #M...
Manufacturing Web Portals Are a Weak Link in Supply Chain Attacks
A new report shows how attackers are using bots and SQL injection to compromise manufacturers
cyber.netsecops.io
December 19, 2025 at 3:55 PM
⛓️ Supply chain attacks are targeting manufacturers via insecure web portals. Attackers use bots & SQL injection to breach supplier forms, stealing data to attack customers in defense & finance. 85% of firms report related incidents. #SupplyChain #M...
📢 URGENT: WatchGuard warns of active exploitation of a critical RCE flaw (CVE-2025-14733, CVSS 9.3) in Fireware OS. Firebox firewalls with IKEv2 VPNs are at risk. Patch immediately to protect your network perimeter! 🔥 #WatchGuard #CyberAttack #VPN
Actively Exploited RCE Flaw in WatchGuard Firewalls Puts Networks at Risk
WatchGuard urges customers to patch a critical, actively exploited RCE vulnerability (CVE-2025-14733) in Fireware OS affecting Firebox firewalls with IKEv2 VPN configurations.
cyber.netsecops.io
December 19, 2025 at 3:55 PM
📢 URGENT: WatchGuard warns of active exploitation of a critical RCE flaw (CVE-2025-14733, CVSS 9.3) in Fireware OS. Firebox firewalls with IKEv2 VPNs are at risk. Patch immediately to protect your network perimeter! 🔥 #WatchGuard #CyberAttack #VPN
‼️ URGENT: HPE has patched a critical 10.0 CVSS unauthenticated RCE flaw (CVE-2025-37164) in its OneView management tool. This flaw gives attackers the 'keys to the kingdom.' Patch immediately! 🔑 #HPE #OneView #CyberSecurity #PatchNow
HPE Issues Urgent Patch for 10.0 CVSS RCE Flaw in OneView
HPE urges customers to patch a critical 10.0 CVSS vulnerability (CVE-2025-37164) in HPE OneView, which allows for unauthenticated remote code execution and potential full infrastructure takeover.
cyber.netsecops.io
December 19, 2025 at 3:55 PM
‼️ URGENT: HPE has patched a critical 10.0 CVSS unauthenticated RCE flaw (CVE-2025-37164) in its OneView management tool. This flaw gives attackers the 'keys to the kingdom.' Patch immediately! 🔑 #HPE #OneView #CyberSecurity #PatchNow
🇨🇳 A China-linked APT is exploiting a critical 10.0 CVSS zero-day (CVE-2025-20393) in Cisco Email Gateways for root-level RCE. CISA has added it to the KEV catalog. Patch immediately! 🛡️ #ZeroDay #Cisco #CyberSecurity #APT
China-Linked Hackers Exploit Critical Cisco Email Gateway Zero-Day
A China-linked APT group (UAT-9686) is actively exploiting a critical zero-day RCE vulnerability (CVE-2025-20393) in Cisco Secure Email Gateway appliances. CISA has added it to the KEV list.
cyber.netsecops.io
December 19, 2025 at 3:55 PM
🇨🇳 A China-linked APT is exploiting a critical 10.0 CVSS zero-day (CVE-2025-20393) in Cisco Email Gateways for root-level RCE. CISA has added it to the KEV catalog. Patch immediately! 🛡️ #ZeroDay #Cisco #CyberSecurity #APT
🚨 Google confirms it's investigating a security anomaly after malicious code was found embedded in its search result infrastructure. The code may be designed to exploit browser sandboxes. #Google #CyberSecurity #DataBreach #Breaking
Google Investigates Malicious Code Found in Search Result Infrastructure
Google is investigating a potential security breach after malicious code and suspicious scripts were found embedded within its core search result infrastructure.
cyber.netsecops.io
December 18, 2025 at 11:39 PM
🚨 Google confirms it's investigating a security anomaly after malicious code was found embedded in its search result infrastructure. The code may be designed to exploit browser sandboxes. #Google #CyberSecurity #DataBreach #Breaking
APT group 'Operation ForumTroll' is back, targeting Russian academics with a sophisticated phishing campaign. Lures disguised as plagiarism reports deploy the Tuoni C2 framework. 🎓 #APT #Phishing #CyberEspionage #ForumTroll
"Operation ForumTroll" APT Targets Russian Academics with Plagiarism Lure
The APT group Operation ForumTroll is targeting Russian academics with a new phishing campaign that uses fake plagiarism reports to deploy the Tuoni C2 framework.
cyber.netsecops.io
December 18, 2025 at 11:39 PM
APT group 'Operation ForumTroll' is back, targeting Russian academics with a sophisticated phishing campaign. Lures disguised as plagiarism reports deploy the Tuoni C2 framework. 🎓 #APT #Phishing #CyberEspionage #ForumTroll
Ransomware is evolving! 📈 Attackers now use 'ClickFix' social engineering to bypass security. Groups like Qilin and DragonForce are forming alliances to increase their impact. #Ransomware #Cybercrime #ThreatIntel #ClickFix
Ransomware Evolves: "ClickFix" Social Engineering and Threat Actor Alliances on the Rise
Ransomware tactics are evolving with the rise of the "ClickFix" social engineering technique and increased collaboration between threat groups like Qilin and DragonForce, according to a new report.
cyber.netsecops.io
December 18, 2025 at 11:39 PM
Ransomware is evolving! 📈 Attackers now use 'ClickFix' social engineering to bypass security. Groups like Qilin and DragonForce are forming alliances to increase their impact. #Ransomware #Cybercrime #ThreatIntel #ClickFix
Massive 'IRLeaks' data breach hits Iranian banks after a third-party IT vendor was compromised. Millions of customer records, including financial data and PII, were stolen. 🇮🇷 #DataBreach #SupplyChainAttack #CyberSecurity #IRLeaks
"IRLeaks" Supply Chain Attack Hits Iranian Banks, Exposing Millions of Customer Records
The "IRLeaks" data breach exposed millions of Iranian bank customers
cyber.netsecops.io
December 18, 2025 at 11:39 PM
Massive 'IRLeaks' data breach hits Iranian banks after a third-party IT vendor was compromised. Millions of customer records, including financial data and PII, were stolen. 🇮🇷 #DataBreach #SupplyChainAttack #CyberSecurity #IRLeaks
New BEC group 'Scripted Sparrow' is targeting finance teams with highly credible fake invoices. The group uses a structured approach and a large network of mule accounts to steal funds. 💸 #BEC #Phishing #Cybercrime #ScriptedSparrow
"Scripted Sparrow" BEC Group Targets Finance Teams with Highly Structured Attacks
A persistent and organized Business Email Compromise (BEC) group named Scripted Sparrow is targeting finance teams with convincing phishing emails and fake invoices.
cyber.netsecops.io
December 18, 2025 at 11:39 PM
New BEC group 'Scripted Sparrow' is targeting finance teams with highly credible fake invoices. The group uses a structured approach and a large network of mule accounts to steal funds. 💸 #BEC #Phishing #Cybercrime #ScriptedSparrow
Firefox users beware! 🦊 'GhostPoster' malware found in 17 browser add-ons with 50,000+ downloads. Malicious code was hidden in logo files to hijack links and commit ad fraud. #Malware #Firefox #CyberSecurity #GhostPoster
"GhostPoster" Malware Infects 50,000+ Firefox Users via Malicious Add-ons
The GhostPoster malware campaign has infected over 50,000 Mozilla Firefox users by hiding malicious JavaScript inside the logo files of 17 browser extensions.
cyber.netsecops.io
December 18, 2025 at 11:39 PM
Firefox users beware! 🦊 'GhostPoster' malware found in 17 browser add-ons with 50,000+ downloads. Malicious code was hidden in logo files to hijack links and commit ad fraud. #Malware #Firefox #CyberSecurity #GhostPoster
A new phishing campaign, 'Operation MoneyMount-ISO,' targets finance departments with Phantom Stealer malware. 🇷🇺 Attackers use malicious ISO files in emails to bypass security and steal credentials & crypto wallets. 📧 #Phishing #Malware #InfoSte...
'Operation MoneyMount-ISO' Phishing Campaign Deploys Phantom Stealer via Malicious ISOs
A Russian-language phishing campaign,
cyber.netsecops.io
December 17, 2025 at 10:55 PM
MITRE has extended its D3FEND framework to Operational Technology (OT)! 🛡️ Funded by the NSA, the new knowledge base provides a standard for defending critical infrastructure and cyber-physical systems. 🏭 #OTsecurity #ICS #D3FEND #Cybersecurity
December 17, 2025 at 10:54 PM
MITRE has extended its D3FEND framework to Operational Technology (OT)! 🛡️ Funded by the NSA, the new knowledge base provides a standard for defending critical infrastructure and cyber-physical systems. 🏭 #OTsecurity #ICS #D3FEND #Cybersecurity
New Zealand's NCSC is emailing 26,000 people in a massive alert about Lumma Stealer malware. 🇳🇿 The info-stealer targets Windows PCs to harvest passwords, banking data & crypto wallets. Check your emails & secure your accounts! 💻 #Malware #InfoSt...
New Zealand Launches Massive Public Alert, Warning 26,000 Citizens of Lumma Stealer Malware Infections
New Zealand
cyber.netsecops.io
December 17, 2025 at 10:18 PM
⚠️ New 'ConsentFix' phishing attack hijacks Microsoft accounts by tricking users into pasting a URL with an OAuth token. It abuses the trusted Azure CLI to bypass MFA and gain full access. Be vigilant! #Phishing #CyberSecurity #MFA #OAuth
New
A new
cyber.netsecops.io
December 17, 2025 at 10:18 PM
⚠️ New 'ConsentFix' phishing attack hijacks Microsoft accounts by tricking users into pasting a URL with an OAuth token. It abuses the trusted Azure CLI to bypass MFA and gain full access. Be vigilant! #Phishing #CyberSecurity #MFA #OAuth
France's Interior Ministry confirms a cyberattack compromised its email servers. 🇫🇷 Hackers stole passwords & accessed files. An unverified claim suggests 16.4M citizen records were taken. MFA rollout is underway. 🔒 #CyberAttack #DataBreach #France
French Interior Ministry Confirms Cyberattack Compromised Email Servers
The French Ministry of the Interior confirms a major cyberattack compromised its email servers, leading to a data breach. Attackers stole credentials and accessed files, with investigations ongoing.
cyber.netsecops.io
December 17, 2025 at 10:18 PM
France's Interior Ministry confirms a cyberattack compromised its email servers. 🇫🇷 Hackers stole passwords & accessed files. An unverified claim suggests 16.4M citizen records were taken. MFA rollout is underway. 🔒 #CyberAttack #DataBreach #France
Palo Alto Networks' 2025 report: AI is driving a massive cloud attack surface expansion! ☁️ 99% of orgs had AI systems attacked last year, as insecure code outpaces security teams. API attacks are up 41%. 🚨 #CloudSecurity #AI #CyberRisk
AI Adoption Fuels
Palo Alto Networks
cyber.netsecops.io
December 17, 2025 at 10:18 PM
Palo Alto Networks' 2025 report: AI is driving a massive cloud attack surface expansion! ☁️ 99% of orgs had AI systems attacked last year, as insecure code outpaces security teams. API attacks are up 41%. 🚨 #CloudSecurity #AI #CyberRisk
⚠️ New malware 'PyStoreRAT' targets developers via fake GitHub repos for OSINT & AI tools. The RAT steals crypto wallets, drops more malware like Rhadamanthys & spreads via USB. Be cautious with open-source tools! 💻 #Malware #GitHub #PyStoreRAT #In...
New
A new malware campaign is spreading PyStoreRAT via fake GitHub repositories disguised as OSINT and AI tools, targeting developers to steal cryptocurrency wallets and other sensitive data.
cyber.netsecops.io
December 16, 2025 at 4:00 PM
⚠️ New malware 'PyStoreRAT' targets developers via fake GitHub repos for OSINT & AI tools. The RAT steals crypto wallets, drops more malware like Rhadamanthys & spreads via USB. Be cautious with open-source tools! 💻 #Malware #GitHub #PyStoreRAT #In...
⚠️ Critical vulnerabilities patched in FreePBX! Flaws including auth bypass (CVE-2025-66039) & SQLi can lead to full RCE on VoIP servers. Update your systems immediately to prevent takeover. 📞 #FreePBX #VoIP #CyberSecurity #Vulnerability
FreePBX Patches Critical Auth Bypass and RCE Flaws; Update VoIP Platforms Immediately
Critical vulnerabilities, including authentication bypass (CVE-2025-66039) and RCE, have been patched in the FreePBX VoIP platform. Administrators should update immediately to prevent system compromise.
cyber.netsecops.io
December 16, 2025 at 4:00 PM
⚠️ Critical vulnerabilities patched in FreePBX! Flaws including auth bypass (CVE-2025-66039) & SQLi can lead to full RCE on VoIP servers. Update your systems immediately to prevent takeover. 📞 #FreePBX #VoIP #CyberSecurity #Vulnerability
🚨 CRITICAL: Fortinet devices under active attack via two SSO bypass flaws (CVE-2025-59718 & CVE-2025-59719). Attackers are forging SAML messages to gain admin access. Patch NOW or disable FortiCloud SSO! 🔥 #Fortinet #CyberAttack #Vulnerability
Active Attacks Exploit Critical Fortinet SSO Bypass Flaws to Gain Admin Access
Active attacks are exploiting critical Fortinet SSO authentication bypass vulnerabilities (CVE-2025-59718, CVE-2025-59719). Learn how to detect and mitigate these flaws to prevent administrative takeover.
cyber.netsecops.io
December 16, 2025 at 4:00 PM
🚨 CRITICAL: Fortinet devices under active attack via two SSO bypass flaws (CVE-2025-59718 & CVE-2025-59719). Attackers are forging SAML messages to gain admin access. Patch NOW or disable FortiCloud SSO! 🔥 #Fortinet #CyberAttack #Vulnerability
📢 CISA KEV ALERT: Federal agencies ordered to patch critical GeoServer XXE vulnerability (CVE-2025-58360) by Jan 1. The flaw is actively exploited, allowing remote file theft & SSRF. All orgs using GeoServer must patch NOW! ⚠️ #CyberSecurity #KEV #...
CISA Orders Federal Agencies to Patch Actively Exploited Critical GeoServer XXE Flaw
CISA has added the critical, actively exploited GeoServer XXE vulnerability CVE-2025-58360 to its KEV catalog, mandating federal agencies to patch. Learn about the risks and remediation steps.
cyber.netsecops.io
December 16, 2025 at 4:00 PM
📢 CISA KEV ALERT: Federal agencies ordered to patch critical GeoServer XXE vulnerability (CVE-2025-58360) by Jan 1. The flaw is actively exploited, allowing remote file theft & SSRF. All orgs using GeoServer must patch NOW! ⚠️ #CyberSecurity #KEV #...
SoundCloud & Pornhub confirm data breaches. 🎧 SoundCloud hack exposed emails of ~28M users. 🎬 Pornhub data leaked via a past breach at third-party vendor Mixpanel. ShinyHunters claims credit & attempts extortion. #DataBreach #SupplyChain #ShinyHun...
SoundCloud and Pornhub Confirm User Data Exposure in Separate Breaches, One Via Third-Party
SoundCloud and Pornhub have disclosed separate data breaches. SoundCloud
cyber.netsecops.io
December 16, 2025 at 4:00 PM
SoundCloud & Pornhub confirm data breaches. 🎧 SoundCloud hack exposed emails of ~28M users. 🎬 Pornhub data leaked via a past breach at third-party vendor Mixpanel. ShinyHunters claims credit & attempts extortion. #DataBreach #SupplyChain #ShinyHun...
Indian government confirms GPS spoofing attacks targeted 7 major airports, disrupting aircraft navigation. No flights were diverted due to contingency measures, but the incidents highlight major risks to aviation security. ✈️📡 #GPSSpoofing #Aviatio...
India Confirms GPS Spoofing Attacks Targeted Seven Major Airports
The Indian government has confirmed that GPS spoofing attacks occurred at seven major airports, disrupting aircraft navigation systems, though no flights were ultimately diverted due to contingency measures.
cyber.netsecops.io
December 15, 2025 at 4:39 PM
Indian government confirms GPS spoofing attacks targeted 7 major airports, disrupting aircraft navigation. No flights were diverted due to contingency measures, but the incidents highlight major risks to aviation security. ✈️📡 #GPSSpoofing #Aviatio...
UK's ICO fines LastPass £1.2 million for the 2022 data breach. The regulator cited failure to implement robust security measures, which led to the compromise of 1.6 million users' data. 🇬🇧 #LastPass #DataBreach #ICO #Fine #CyberSecurity
LastPass Fined £1.2M by UK Regulator Over 2022 Security Failures
The UK
cyber.netsecops.io
December 15, 2025 at 4:39 PM
UK's ICO fines LastPass £1.2 million for the 2022 data breach. The regulator cited failure to implement robust security measures, which led to the compromise of 1.6 million users' data. 🇬🇧 #LastPass #DataBreach #ICO #Fine #CyberSecurity
New cross-platform '01flip' ransomware written in Rust is targeting critical infrastructure in APAC. Attackers use the Sliver C2 framework for lateral movement before deploying the evasive malware. 💻 #Ransomware #01flip #RustLang #SliverC2 #CyberSe...
New
A new cross-platform ransomware named
cyber.netsecops.io
December 15, 2025 at 4:39 PM
New cross-platform '01flip' ransomware written in Rust is targeting critical infrastructure in APAC. Attackers use the Sliver C2 framework for lateral movement before deploying the evasive malware. 💻 #Ransomware #01flip #RustLang #SliverC2 #CyberSe...
Cyber-espionage group xHunt is back, targeting Kuwaiti government & shipping sectors. Attackers exploit Exchange/IIS servers to deploy custom PowerShell backdoors like 'Hisoka' for long-term intelligence gathering. 🕵️♂️ #xHunt #CyberEspionage #Thr...
xHunt Espionage Group Returns, Targeting Kuwait with New PowerShell Backdoors
The cyber-espionage group xHunt has resurfaced with a new campaign targeting Kuwaiti organizations in government and shipping, using custom PowerShell backdoors after compromising Exchange and IIS servers.
cyber.netsecops.io
December 15, 2025 at 4:39 PM
Cyber-espionage group xHunt is back, targeting Kuwaiti government & shipping sectors. Attackers exploit Exchange/IIS servers to deploy custom PowerShell backdoors like 'Hisoka' for long-term intelligence gathering. 🕵️♂️ #xHunt #CyberEspionage #Thr...