RE: https://mastodon.social/@timpritlove/116246267755261116

Genial!

#habeck #söder #troll

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

A credential theft campaign by Storm-2561 exploits SEO poisoning to distribute fake VPN clients. Users searching for legitimate VPN software are redirected to malicious websites hosting ZIP files containing trojans masquerading as trusted VPN clients. These digitally signed trojans harvest VPN credentials and exfiltrate data to attacker-controlled infrastructure. The campaign uses GitHub repositories, legitimate code-signing certificates, and sophisticated post-theft redirection strategies to avoid detection. The attack chain involves initial access through SEO manipulation, execution of malicious MSI files, credential theft via fake VPN interfaces, and data exfiltration. Defensive recommendations include enabling cloud-delivered protection, using EDR in block mode, and enforcing multi-factor authentication.

Pulse ID: 69b7da9f7950cc3e720bfb13
Pulse Link: https://otx.alienvault.com/pulse/69b7da9f7950cc3e720bfb13
Pulse Author: AlienVault
Created: 2026-03-16 10:25:35

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Cloud #CyberSecurity #EDR #GitHub #InfoSec #OTX #OpenThreatExchange #RAT #Rust #SEOPoisoning #Trojan #Troll #VPN #ZIP #bot #AlienVault

Wide-scale, opportunistic SMS pumping attacks target customer sign-up pages

A widespread SMS pumping campaign has been identified, targeting customer sign-up pages. The attackers, designated as O-UNC-036, use disposable email infrastructure and proxy services to launch high-volume, automated attacks against public API endpoints. Their objective is to create numerous accounts and trigger SMS messages to actor-controlled phone numbers, generating significant financial costs for target organizations. The attack pattern involves reconnaissance, infrastructure setup, and high-volume requests using known high-cost phone country codes. The campaign has been active since at least March 2024, affecting multiple tenants and organizations. Recommended protective measures include implementing FIDO Authentication, blocking suspicious domains and ASNs, and enhancing monitoring and response capabilities.

Pulse ID: 69b4567b03ea40d6ffd8a0f7
Pulse Link: https://otx.alienvault.com/pulse/69b4567b03ea40d6ffd8a0f7
Pulse Author: AlienVault
Created: 2026-03-13 18:24:59

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Email #Endpoint #InfoSec #OTX #OpenThreatExchange #Proxy #RAT #SMS #Troll #bot #AlienVault

I finally had my first butt hurt troll of 2026 just claim that I’m an Ai after they tried that tired “just asking questions” reaction to my last Noam Chomsky post.

I thought about including a screen cap of them showing their ass, but that attention seems like it would reward them.

#Block, don’t react and starve a #troll I say😎✊🏾

Desert Ogre concept art. (Now updated to include a female version)

These creature designs are meant to be like giant or troll creatures in a fantasy setting, but they are inspired by the evolution of real-life apes instead of being purely magical beings.

#Art #DigitalArt #CreatureDesign #ConceptArt #FantasyArt #MasoArt #Creature #Monster #MonsterDesign #CreatureConcept #MonsterConcept #MastoArt #SpeculativeEvolution #Ogre #Giant #Troll

#iran #iranwar #politics #troll #taco #lego #ai #epstein #EpsteinFiles

“ Iran has trolled President Donald Trump by releasing an AI-generated propaganda video that mocks the Jeffrey Epstein files scandal that has dogged his administration.

The Islamic regime shared the two-minute video this week depicting Trump and Israeli Prime Minister Benjamin Netanyahu as Lego figurines amid the joint U.S.-Israeli bombing campaign on Iran.”

https://www.independent.co.uk/news/world/americas/us-politics/iran-lego-video-trump-epstein-files-b2936362.html