Criminal IP (@criminalip_us) 's Twitter Profile
Criminal IP

@criminalip_us

Criminal IP is a comprehensive web-based cyber threat intelligence search engine.
Search for Anything, Secure Your Everything.

ID: 1442422215803166722

linkhttps://criminalip.io/ calendar_today27-09-2021 09:34:08

1,1K Tweet

4,4K Followers

1,1K Following

Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

23 days ago

⚠️CVE-2025-58726 (Windows SMB) — Privilege Escalation Alert⚠️ CVE-2025-58726 is a vulnerability in the Windows SMB server caused by improper access controls, allowing an authenticated attacker to gain elevated privileges on the network. (CVSS: 7.5) Mitigation:Apply patches

⚠️CVE-2025-58726 (Windows SMB) — Privilege Escalation Alert⚠️ CVE-2025-58726 is a vulnerability in the Windows SMB server caused by improper access controls, allowing an authenticated attacker to gain elevated privileges on the network. (CVSS: 7.5) Mitigation:Apply patches
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

23 days ago

📜 Cyber News! by Criminal IP – November 7th​ 🐞 Multiple #ChatGPT Security Bugs Allow Rampant Data Theft​ darkreading.com/application-se…​ ​ 📺 ClickFix #Malware Attacks Evolve With Multi-OS Support, Video Tutorials​ bleepingcomputer.com/news/security/…​ ⚠️ #SonicWall Breach Linked to State-Backed

Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

23 days ago

🎯 #Django Emergency Security Update (CVE-2025-64458 / CVE-2025-64459) A security patch that fixes SQL injection and Denial-of-Service (DoS) vulnerabilities has been distributed. (Affected versions: Django 4.2 / 5.1 / 5.2 / 6.0 (beta)) According to Criminal IP threat hunting

🎯 #Django Emergency Security Update (CVE-2025-64458 / CVE-2025-64459) A security patch that fixes SQL injection and Denial-of-Service (DoS) vulnerabilities has been distributed. (Affected versions: Django 4.2 / 5.1 / 5.2 / 6.0 (beta)) According to Criminal IP threat hunting
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

20 days ago

☑️ Exploited ASA / FTD zero-day RCE vulnerabilities: CVE-2025-20333 / CVE-2025-20362​ 🌐️ Exposed #cisco Firewall Threat Defense instances worldwide: Over 84,000​ Query: criminalip.io/asset/search?q…​ ⚠️ Key risk: CVE-2025-20333 can allow an attacker to execute arbitrary code by

☑️ Exploited ASA / FTD zero-day RCE vulnerabilities: CVE-2025-20333 / CVE-2025-20362​ 🌐️ Exposed #cisco Firewall Threat Defense instances worldwide: Over 84,000​ Query: criminalip.io/asset/search?q…​ ⚠️ Key risk: CVE-2025-20333 can allow an attacker to execute arbitrary code by
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

20 days ago

📜 Cyber News! by Criminal IP – November 10th​ 🤳 Lost #iPhone? Don’t Fall for Phishing Texts Saying It was Found​ bleepingcomputer.com/news/security/…​ 🤖 Radware: Bad Actors Spoofing AI Agents to Bypass #Malicious Bot Defenses​ securityboulevard.com/2025/11/radwar…​ 📈 OWASP Global AppSec: New #AI

Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

20 days ago

🚨 UniFi OS Backup API RCE — CVE-2025-52665 🚨​ Security researchers disclosed a critical unauthenticated remote-code-execution vulnerability in Ubiquiti’s UniFi OS ecosystem. Criminal IP has found over 90,000 instances exposed worldwide — check the blog for mitigation steps!

🚨 UniFi OS Backup API RCE — CVE-2025-52665 🚨​ Security researchers disclosed a critical unauthenticated remote-code-execution vulnerability in Ubiquiti’s UniFi OS ecosystem. Criminal IP has found over 90,000 instances exposed worldwide — check the blog for mitigation steps!
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

19 days ago

🖥️Criminal IP Security Plugin for #WordPress ​ Strengthen your login security with Criminal IP’s real-time IP intelligence!​ Key advantages:​ ✅ Automatic risk scoring for login IPs​ ✅ One-click blocking of VPN / Proxy / Tor / Hosting IPs​ ✅ Configurable limits for failed

🖥️Criminal IP Security Plugin for #WordPress ​ Strengthen your login security with Criminal IP’s real-time IP intelligence!​ Key advantages:​ ✅ Automatic risk scoring for login IPs​ ✅ One-click blocking of VPN / Proxy / Tor / Hosting IPs​ ✅ Configurable limits for failed
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

18 days ago

📜 Cyber News! by Criminal IP – November 12th​ 🛠️ #Microsoft Patch Tuesday Addresses 63 Defects, Including One Actively Exploited Zero-Day​ cyberscoop.com/microsoft-patc…​ 📞 #WhatsApp Malware 'Maverick' Hijacks Browser Sessions to Target Brazil's Biggest Banks

Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

17 days ago

🔥 BadCandy is BACK — Cisco IOS XE Web UI (CVE-2023-20198) Under Active Exploitation 🔥​ On Nov 1, Australia’s ASD confirmed new attacks using the BadCandy web shell, abusing the old but CVSS 10.0 Cisco IOS XE Web UI flaw.​ ➡️ Attackers can create privilege-15 admin accounts

🔥 BadCandy is BACK — Cisco IOS XE Web UI (CVE-2023-20198) Under Active Exploitation 🔥​ On Nov 1, Australia’s ASD confirmed new attacks using the BadCandy web shell, abusing the old but CVSS 10.0 Cisco IOS XE Web UI flaw.​ ➡️ Attackers can create privilege-15 admin accounts
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

17 days ago

☑️ Multiple SuiteCRM Vulnerabilities Exposed — CVSS 6.5 to 8.8 HIGH Severity ​ 🎯 Affected Vulnerabilities​ CVE-2025-64492 (CVSS 8.8): Time-based Blind SQL Injection​ CVE-2025-64493 (CVSS 6.5): Blind SQL Injection via GraphQL API​ These flaws give attackers a direct path to

☑️ Multiple SuiteCRM Vulnerabilities Exposed — CVSS 6.5 to 8.8 HIGH Severity ​ 🎯 Affected Vulnerabilities​ CVE-2025-64492 (CVSS 8.8): Time-based Blind SQL Injection​ CVE-2025-64493 (CVSS 6.5): Blind SQL Injection via GraphQL API​ These flaws give attackers a direct path to
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

17 days ago

[Criminal IP v1.91.0 Release Notes] ✅ Tech Blog unified into the Knowledge Hub To deliver more professional and comprehensive cybersecurity insights, the Criminal IP technical blog has been fully integrated into the Knowledge Hub. ✅ Hacking Group TI data download fix An issue

Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

16 days ago

🔥 Warning CVE-2025-34299: Unauthenticated File Upload Vulnerability in Monsta FTP​ 🌐️Exposed #Monsta FTP favicon in Criminal IP: ​ Query ➡️ favicon: -64a5a63​ criminalip.io/asset/search?q…​ ​ Key risk of CVE-2025-34299​: -Unauthorized Code Execution​ -Data Breaches​ -Increased

🔥 Warning CVE-2025-34299: Unauthenticated File Upload Vulnerability in Monsta FTP​ 🌐️Exposed #Monsta FTP favicon in Criminal IP: ​ Query ➡️ favicon: -64a5a63​ criminalip.io/asset/search?q…​ ​ Key risk of CVE-2025-34299​: -Unauthorized Code Execution​ -Data Breaches​ -Increased
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

16 days ago

🚨 #CISA KEV vulnerability: Triofox Under Active Attack — CVE-2025-12480 N-Day Exploited in the Wild​ 🔓 Exposed Triofox favicon in Criminal IP: ​ Query ➡️ favicon: -3f6cbb54​ criminalip.io/ko/asset/searc…​ ​ 🛑 Active Exploitation Timeline (per Mandiant)​ • Patch released: July

🚨 #CISA KEV vulnerability: Triofox Under Active Attack — CVE-2025-12480 N-Day Exploited in the Wild​ 🔓 Exposed Triofox favicon in Criminal IP: ​ Query ➡️ favicon: -3f6cbb54​ criminalip.io/ko/asset/searc…​ ​ 🛑 Active Exploitation Timeline (per Mandiant)​ • Patch released: July
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

13 days ago

🚨#CISA Adds Fortinet FortiWeb Zero-Day (CVE-2025-64446) to #KEV Catalog​ A suspected zero-day Fortinet FortiWeb vulnerability is actively exploted by unauthenticated attackers!​ ​ 🌐️ Fortinet FortiWeb vulnerabilities detected by Criminal IP: ​ Query ➡️ title: "FortiWeb -"

🚨#CISA Adds Fortinet FortiWeb Zero-Day (CVE-2025-64446) to #KEV Catalog​ A suspected zero-day Fortinet FortiWeb vulnerability is actively exploted by unauthenticated attackers!​ ​ 🌐️ Fortinet FortiWeb vulnerabilities detected by Criminal IP: ​ Query ➡️ title: "FortiWeb -"
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

12 days ago

📜 Cyber News! by Criminal IP – November 18th​ ​🛠️ #CISA Alerts on Critical Lynx+ Gateway Flaw Leaks Data in Cleartext​ gbhackers.com/cisa-alerts-on…​ 💡 #Microsoft: Azure Hit by 15 Tbps DDoS Attack Using 500,000 IP Addresses​ bleepingcomputer.com/news/microsoft…​ 🖱️ #Logitech Confirms Data

Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

12 days ago

📢 Our technical blog has now been integrated into the Knowledge Hub!​ ​ You can now access all ASM and TI content in one place including reports, webinars, case studies, release notes, and more.​ Check out the details in the post below!​ 🔗 criminalip.io/knowledge-hub/…

📢 Our technical blog has now been integrated into the Knowledge Hub!​ ​ You can now access all ASM and TI content in one place including reports, webinars, case studies, release notes, and more.​ Check out the details in the post below!​ 🔗 criminalip.io/knowledge-hub/…
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

10 days ago

📜 Cyber News! by Criminal IP – November 20th​ 🚨 #CISA Alerts on Fortinet FortiWeb Vulnerability Exploited in Real-World Attacks​ gbhackers.com/cisa-alerts-on…​ ⛓️‍💥 Two-Year-Old #Ray AI Framework Flaw Exploited in Ongoing Campaign​ securityweek.com/two-year-old-r…​ 🖱️ Single Click on

Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

9 days ago

Join us at MWC Doha 2025!​ Cybersecurity is entering an AI-driven, intelligence-first era, and we’re excited to show what that looks like.​ Visit Booth D52 to​ ✔️ Experience live demonstrations of our newest innovations​ ✔️ Explore next-generation AI security capabilities with

Join us at MWC Doha 2025!​ Cybersecurity is entering an AI-driven, intelligence-first era, and we’re excited to show what that looks like.​ Visit Booth D52 to​ ✔️ Experience live demonstrations of our newest innovations​ ✔️ Explore next-generation AI security capabilities with
Criminal IP (@criminalip_us) 's Twitter Profile Photo
Criminal IP
@criminalip_us

6 days ago

🚨 Fortinet FortiWeb Zero-Day (CVE-2025-64446) Actively Exploited 🚨​ A critical path-traversal authentication bypass flaw is being weaponized in the wild since early October, allowing attackers to skip admin auth and fully compromise vulnerable appliances.​ 🔎 871 Critical

🚨 Fortinet FortiWeb Zero-Day (CVE-2025-64446) Actively Exploited 🚨​ A critical path-traversal authentication bypass flaw is being weaponized in the wild since early October, allowing attackers to skip admin auth and fully compromise vulnerable appliances.​ 🔎 871 Critical