🔥Telegram İfşa

Become a contributor at XINTRA XINTRA 🔎 We're looking for RED and BLUE team contributors 🔴Red Team – Emulate real APT groups 🔵Blue Team – Investigate & respond to emulations What you get: - Challenging, realistic emulations - Hack & forensicate vendor devices -

Got a new Huntress blog out today taking a look at some intrusion analysis methodology with practical examples - check it out! huntress.com/blog/intrusion…

🚨 SonicWall Exploitation (Zero Day?) 🚨 Huntress is tracking active intrusions via SonicWall devices. Threat actors are bypassing MFA, pivoting to domain controllers, deploying ransomware (likely Akira), and creating users for persistence. Pace suggests possible zero-day

⚠️ Huntress has been responding to an ongoing wave of high-severity Akira ransomware incidents originating from SonicWall devices. Learn more about this active exploit and get an up-to-date list of indicators of compromise: huntress.com/blog/exploitat…

Alright 3 lucky 🍀 winners will snag a #DaBears sideline hat 🧢 Pick any style that’s in stock! To Enter: 1️⃣ Like & RT 👍 ⏰ Winners Announced - Halftime Tomorrow

🚨 Case from Huntress 🔎 Cephalus seen side loading DLL 'SentinelAgentCore.dll' into legitimate 'SentinelBrowserNativeHost.exe' for ransomware execution ✏️ File extension for encrypted files - '.sss'

⚠️ Alert: Widespread data theft campaign by UNC6395. The threat actor is targeting Salesforce instances via Salesloft Drift, targeting sensitive data. Organizations should investigate, rotate credentials, and harden access controls. More here: bit.ly/3HviIi1

If you have a Cisco ASA 5500-X series you'll want to be aware that an espionage related TA was exploiting multiple 0-days against these devices for months which now have patches available. 🔥 sec.cloudapps.cisco.com/security/cente…

9/26/2025: Every week I share a curated list of red team-specific jobs (or similar) that caught my attention or were shared with me by others in the community. My goal is to help job hunters in the offensive security space find a red team-specific role. 🏛 Company + Role:

Hello. The Huntress CTF is back for its third year. October 1st through October 31st with new challenges each and every day, all month long. Free to play, register at any time (even while the game is running!) and play whenever you want at your leisure. ctf.huntress.com

1⃣ The 𝓮𝓻𝓲𝓬𝓪 team uncovered a campaign by a likely China-nexus threat actor. The most novel finding is use of a publicly available tool called Nezha as a post-exploitation C2 agent. This is the first public reporting of the tool I've seen. huntress.com/blog/nezha-chi…

We're seeing active exploitation for a recent 0-Day in WSUS which received an out of band update to it. 🔥 CC: Huntress 👇

WSUS shouldn't be exposed to the internet (and honestly shouldn't be used), but unfortunately it is in many locations, and this being RCE with a CVSS of 9.8 makes it bad.

I don't like being the Friday security issue messenger man, but at least we can provide some detection guidance and forensic artifacts showing exploitation occurring and provide it to the community. ❤️ huntress.com/blog/exploitat…

⚠️ Threat actors exploiting a recent Microsoft WSUS vulnerability (CVE-2025-59287) - Microsoft released an out-of-band update for the flaw on 10/24 ✅ Apply the update as soon as possible IOCs, examples of adversary tradecraft, and remediations: okt.to/0eJ3zw

Huntress has now also published a blog about it: huntress.com/blog/exploitat… The blog contains a sigma rule with the logic to build detections based on your EDR/logs.

Good morning! ☀️ #GootLoader woke up and chose violence (again) Grab your coffee, this one's JUICY 💣 huntress.com/blog/gootloade…

There's an open role for a Staff CTI Analyst on my team here Huntress 📢💫 ✨Do you love doing correlations between different incidents, sometimes digging into them, or doing malware analysis? ✨Do you like doing data analysis, and using this to make threat reports? 👇