HundredLotTrader

@hundredlottrader
2 Followers
30 Following
17 Posts
You are not your phone number.
HundredLotTrader9h ago
Hackread.com1d ago

Suspected hijacked developer accounts used to push npm malware, with packages like "sbx-mask" and "touch-adv" stealing credentials from infected systems. If installed, rotate keys and check network activity now.

Read: https://hackread.com/suspected-hijacked-developer-accounts-npm-malware/

#CyberSecurity #npm #Malware #DevSecOps

Suspected Hijacked Developer Accounts Spread npm Malware

Sonatype uncovers a malware campaign using hijacked npm developer accounts to steal API keys and passwords. Is your dev environment at risk?

Hackread - Cybersecurity News, Data Breaches, AI and More
HundredLotTrader1d ago
𝓒𝓱𝓻𝓲𝓼𝓽𝓸𝓯 𝓓𝓸𝓷𝓪𝓽1d ago

I have started a new project: #ProFed.

I’m trying to understand how far #professionalNetworking can go in the #Fediverse.

https://joinprofed.social/
https://codeberg.org/GrayDurian/ProFed

I’m interested in how you see this.

HundredLotTrader1d ago
O RLY CYBER1d ago

(rapid7.com) Red Menshen: China-Nexus Threat Actor Deploys Evolved BPFdoor Implants as Telecom Backbone Sleeper Cells

Red Menshen (China-nexus APT) deploys evolved BPFdoor Linux backdoor in global telecoms, targeting 4G/5G core signaling via SCTP. New variants use HTTPS-embedded 'magic ruler' triggers (9999 marker) and ICMP C2 (0xFFFFFFFF sentinel) for stealth lateral movement. RC4-MD5 encryption, process masquerading (hpasmlited, Docker), and kernel-level eBPF abuse enable persistent access. Initial access via Ivanti/Cisco/Fortinet/VMware/Palo Alto exploits. Enables IMSI harvesting and subscriber tracking.

Source: https://www.rapid7.com/blog/post/tr-bpfdoor-telecom-networks-sleeper-cells-threat-research-report

#Cybersecurity #ThreatIntel

BPFdoor in Telecom Networks: Sleeper Cells in the backbone

A months-long investigation by Rapid7 Labs has uncovered evidence of an advanced China-nexus threat actor placing stealthy digital sleeper cells in telecommunications networks, in order to carry out high-level espionage – including against government networks. Read more in a new blog.

Rapid7
HundredLotTrader1d ago
OTX Bot4d ago

GhostClaw expands beyond npm: GitHub repositories and AI workflows deliver macOS infostealer

Pulse ID: 69c1bf4a476f34783a7c6937
Pulse Link: https://otx.alienvault.com/pulse/69c1bf4a476f34783a7c6937
Pulse Author: Tr1sa111
Created: 2026-03-23 22:31:38

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #GitHub #InfoSec #InfoStealer #Mac #MacOS #NPM #OTX #OpenThreatExchange #bot #Tr1sa111

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
HundredLotTrader1d ago
Open Source4d ago

🛡️ Most people use Google DNS (8.8.8.8)
— Google logs EVERY site you visit.

The fix? 9.9.9.9 — Quad9 DNS

⚙️ SETUP IN 30 SECONDS

Android (Private DNS):
Settings → Network → Private DNS →
Type: dns.quad9.net ✅

IPv4: 9.9.9.9 / 149.112.112.112
IPv6: 2620:fe::fe / 2620:fe::9
DoH: https://dns.quad9.net/dns-query
DoT: tls://dns.quad9.net

Here's why it's a PRIVACY SUPERPOWER 🧵👇

#privacy #dns #quad9 #foss #degoogled
#android #privacymatters #cybersecurity

HundredLotTrader2d ago
BrianKrebsJan 2

New, by me: The Kimwolf Botnet is Stalking Your Local Network

Today's story is a long overdue series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time for a broader awareness of the threat. The short version is that everything you thought you knew about the security of the internal network behind your Internet router probably is now dangerously out of date.

https://krebsonsecurity.com/2026/01/the-kimwolf-botnet-is-stalking-your-local-network/

HundredLotTrader2d ago
Sparks2d ago

Your data is everywhere. The government is buying it without a warrant.

https://www.npr.org/2026/03/25/nx-s1-5752369/ice-surveillance-data-brokers-congress-anthropic

#privacy #infosec

HundredLotTrader2d ago
evacide2d ago
No really, I am not kidding when I say that the data broker industry must be destroyed: https://www.npr.org/2026/03/25/nx-s1-5752369/ice-surveillance-data-brokers-congress-anthropic
HundredLotTrader2d ago

If you are foolish enough to run a pixel device with Android System Intelligence on you should just disable it right now. It's OS level so you have to disable all permissions.

I just had demonstrable proof it was screen reading content from an encrypted messaging app because it helpfully decided to attempt to live translate messages for me.

#privacy #infosec

HundredLotTraderMar 19
Eve's JournalMar 19

March 19, 2026 11:21 AM

One of my peeves abt the US govt is its neglect to secure us from cyber threats. Credit cards are stolen. Scams rampant. Everyone’s social security numbers are on the dark web. Medical records on the way. Now biometry theft. Shit’s critical and no one’s doing anything. #infosec

https://inkwell.social/eve/march-19-2026-1121-am-515

March 19, 2026 11:21 AM

One of my peeves abt the US govt is its neglect to secure us from cyber threats. Credit cards are stolen. Scams rampant. Everyone’s social security numbers are on the dark web. Medical records on the way. Now biometry theft. Shit’s critical and no one’s doing anything. #infosec