zaicurity2d ago
IFIN - The Independent Federated Intelligence Network

Got Nessus? Got Crowdstrike? You might also have a huge pile of false positives this morning, as Nessus attempted to run a PoC of the "MiniPlasma" exploit proactively, triggering CrowdStrike alerts.

https://discourse.ifin.network/t/crowdstrike-s1-triggering-1000s-of-high-severity-alerts-on-tenable-2026-05-25/500

CrowdStrike/S1 triggering 1000s of High Severity Alerts on Tenable (2026-05-25)

For some wild reason, Tenable decided to run a recent PoC as part of their vulnerability scanning, generating thousands of alerts across customer EDRs this last Memorial Day weekend. CrowdStrike Support Notice (Login required) https://supportportal.crowdstrike.com/s/article/Tech-Alert-US-1-US-2-EU-1-MiniPlasma-Detection-2026-05-25

IFIN
May 26 at 2:53pmWeb
Show threadScott Wilson2d ago
@ifin Thankfully, Tenable have retracted their faulty signature.
Show threadB'ad Samurai 2d ago

@scottwilson @ifin You may need to force update the plugins to take effect.

Tenable boldly states incorrectly interpreting plugin behavior when we know CrowdStrike, S1, and Defender alerted.

surprised_dog_meme.gif for orgs with Tenable and no alerts.

Show threadScott Wilson2d ago
@badsamurai @ifin Indeed! Have been doing this all morning.
Show threadKevin Beaumont2d ago
@ifin Microsoft Defender for Endpoint too