home.social

#sandworm — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #sandworm, aggregated by home.social.

  1. 🐛🤖 "Shai-Hulud-themed malware" in PyTorch Lightning? Really? What's next, a Bene Gesserit ransomware? This is just another excuse for a #cybersecurity company to throw #buzzwords like multimodal and AI at us while riding the #sandworm of #fearmongering. 📈🔒
    semgrep.dev/blog/2026/maliciou #ShaiHuludMalware #PyTorchLightning #HackerNews #ngated

  2. 🐛🤖 "Shai-Hulud-themed malware" in PyTorch Lightning? Really? What's next, a Bene Gesserit ransomware? This is just another excuse for a #cybersecurity company to throw #buzzwords like multimodal and AI at us while riding the #sandworm of #fearmongering. 📈🔒
    semgrep.dev/blog/2026/maliciou #ShaiHuludMalware #PyTorchLightning #HackerNews #ngated

  3. 🐛🤖 "Shai-Hulud-themed malware" in PyTorch Lightning? Really? What's next, a Bene Gesserit ransomware? This is just another excuse for a #cybersecurity company to throw #buzzwords like multimodal and AI at us while riding the #sandworm of #fearmongering. 📈🔒
    semgrep.dev/blog/2026/maliciou #ShaiHuludMalware #PyTorchLightning #HackerNews #ngated

  4. 🐛🤖 "Shai-Hulud-themed malware" in PyTorch Lightning? Really? What's next, a Bene Gesserit ransomware? This is just another excuse for a #cybersecurity company to throw #buzzwords like multimodal and AI at us while riding the #sandworm of #fearmongering. 📈🔒
    semgrep.dev/blog/2026/maliciou #ShaiHuludMalware #PyTorchLightning #HackerNews #ngated

  5. 🐛🤖 "Shai-Hulud-themed malware" in PyTorch Lightning? Really? What's next, a Bene Gesserit ransomware? This is just another excuse for a #cybersecurity company to throw #buzzwords like multimodal and AI at us while riding the #sandworm of #fearmongering. 📈🔒
    semgrep.dev/blog/2026/maliciou #ShaiHuludMalware #PyTorchLightning #HackerNews #ngated

  6. Energy Sector Incident Report

    On December 29, 2025, coordinated destructive cyberattacks targeted Poland's energy infrastructure during severe winter weather. Approximately 30 wind and solar farms, a manufacturing company, and a combined heat and power plant serving nearly 500,000 customers were affected. Attackers exploited vulnerable FortiGate perimeter devices using stolen credentials and default passwords to access industrial control systems. Multiple types of wiper malware, including DynoWiper and LazyWiper, were deployed to destroy data across IT and OT environments. While renewable facilities lost communication with distribution operators without affecting electricity generation, the incidents demonstrated significant capability to cause physical disruption. Infrastructure analysis revealed connections to threat clusters known as Static Tundra, Ghost Blizzard, and potentially Sandworm, marking a notable escalation in cyber-sabotage operations.

    Pulse ID: 69f32ac81834d5a878e8fac0
    Pulse Link: otx.alienvault.com/pulse/69f32
    Pulse Author: AlienVault
    Created: 2026-04-30 10:11:20

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberAttack #CyberAttacks #CyberSecurity #IndustrialControlSystems #InfoSec #Malware #Manufacturing #OTX #OpenThreatExchange #Password #Passwords #Poland #RAT #Sandworm #Word #Worm #bot #AlienVault

  7. Energy Sector Incident Report

    On December 29, 2025, coordinated destructive cyberattacks targeted Poland's energy infrastructure during severe winter weather. Approximately 30 wind and solar farms, a manufacturing company, and a combined heat and power plant serving nearly 500,000 customers were affected. Attackers exploited vulnerable FortiGate perimeter devices using stolen credentials and default passwords to access industrial control systems. Multiple types of wiper malware, including DynoWiper and LazyWiper, were deployed to destroy data across IT and OT environments. While renewable facilities lost communication with distribution operators without affecting electricity generation, the incidents demonstrated significant capability to cause physical disruption. Infrastructure analysis revealed connections to threat clusters known as Static Tundra, Ghost Blizzard, and potentially Sandworm, marking a notable escalation in cyber-sabotage operations.

    Pulse ID: 69f32ac81834d5a878e8fac0
    Pulse Link: otx.alienvault.com/pulse/69f32
    Pulse Author: AlienVault
    Created: 2026-04-30 10:11:20

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberAttack #CyberAttacks #CyberSecurity #IndustrialControlSystems #InfoSec #Malware #Manufacturing #OTX #OpenThreatExchange #Password #Passwords #Poland #RAT #Sandworm #Word #Worm #bot #AlienVault

  8. Energy Sector Incident Report

    On December 29, 2025, coordinated destructive cyberattacks targeted Poland's energy infrastructure during severe winter weather. Approximately 30 wind and solar farms, a manufacturing company, and a combined heat and power plant serving nearly 500,000 customers were affected. Attackers exploited vulnerable FortiGate perimeter devices using stolen credentials and default passwords to access industrial control systems. Multiple types of wiper malware, including DynoWiper and LazyWiper, were deployed to destroy data across IT and OT environments. While renewable facilities lost communication with distribution operators without affecting electricity generation, the incidents demonstrated significant capability to cause physical disruption. Infrastructure analysis revealed connections to threat clusters known as Static Tundra, Ghost Blizzard, and potentially Sandworm, marking a notable escalation in cyber-sabotage operations.

    Pulse ID: 69f32ac81834d5a878e8fac0
    Pulse Link: otx.alienvault.com/pulse/69f32
    Pulse Author: AlienVault
    Created: 2026-04-30 10:11:20

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberAttack #CyberAttacks #CyberSecurity #IndustrialControlSystems #InfoSec #Malware #Manufacturing #OTX #OpenThreatExchange #Password #Passwords #Poland #RAT #Sandworm #Word #Worm #bot #AlienVault

  9. Energy Sector Incident Report

    On December 29, 2025, coordinated destructive cyberattacks targeted Poland's energy infrastructure during severe winter weather. Approximately 30 wind and solar farms, a manufacturing company, and a combined heat and power plant serving nearly 500,000 customers were affected. Attackers exploited vulnerable FortiGate perimeter devices using stolen credentials and default passwords to access industrial control systems. Multiple types of wiper malware, including DynoWiper and LazyWiper, were deployed to destroy data across IT and OT environments. While renewable facilities lost communication with distribution operators without affecting electricity generation, the incidents demonstrated significant capability to cause physical disruption. Infrastructure analysis revealed connections to threat clusters known as Static Tundra, Ghost Blizzard, and potentially Sandworm, marking a notable escalation in cyber-sabotage operations.

    Pulse ID: 69f32ac81834d5a878e8fac0
    Pulse Link: otx.alienvault.com/pulse/69f32
    Pulse Author: AlienVault
    Created: 2026-04-30 10:11:20

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberAttack #CyberAttacks #CyberSecurity #IndustrialControlSystems #InfoSec #Malware #Manufacturing #OTX #OpenThreatExchange #Password #Passwords #Poland #RAT #Sandworm #Word #Worm #bot #AlienVault

  10. Energy Sector Incident Report

    On December 29, 2025, coordinated destructive cyberattacks targeted Poland's energy infrastructure during severe winter weather. Approximately 30 wind and solar farms, a manufacturing company, and a combined heat and power plant serving nearly 500,000 customers were affected. Attackers exploited vulnerable FortiGate perimeter devices using stolen credentials and default passwords to access industrial control systems. Multiple types of wiper malware, including DynoWiper and LazyWiper, were deployed to destroy data across IT and OT environments. While renewable facilities lost communication with distribution operators without affecting electricity generation, the incidents demonstrated significant capability to cause physical disruption. Infrastructure analysis revealed connections to threat clusters known as Static Tundra, Ghost Blizzard, and potentially Sandworm, marking a notable escalation in cyber-sabotage operations.

    Pulse ID: 69f32ac81834d5a878e8fac0
    Pulse Link: otx.alienvault.com/pulse/69f32
    Pulse Author: AlienVault
    Created: 2026-04-30 10:11:20

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberAttack #CyberAttacks #CyberSecurity #IndustrialControlSystems #InfoSec #Malware #Manufacturing #OTX #OpenThreatExchange #Password #Passwords #Poland #RAT #Sandworm #Word #Worm #bot #AlienVault

  11. Analysis of Attack Activities Using SSH+TOR Tunnels to Achieve Covert Persistence

    APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage operations. The organization recently deployed malicious campaigns using nested SSH and TOR tunnel infrastructure to establish covert remote access channels. Attackers distribute ZIP archives containing weaponized LNK files via spearphishing emails, which extract and execute payloads that create scheduled tasks disguised as legitimate software. The attack establishes dual-encrypted anonymous tunnels using obfs4 protocol to bypass deep packet inspection, while mapping sensitive ports (SMB/445, RDP/3389) to Onion domains for persistent backdoor access. The campaign leverages sophisticated anti-analysis techniques including sandbox detection, file disguise, and process masquerading to evade detection and maintain long-term unauthorized control over compromised systems for intelligence collection.

    Pulse ID: 69f1f50a5410ca637c84368c
    Pulse Link: otx.alienvault.com/pulse/69f1f
    Pulse Author: AlienVault
    Created: 2026-04-29 12:09:46

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #CyberSecurity #Email #Espionage #InfoSec #LNK #OTX #Onion #OpenThreatExchange #Phishing #RAT #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #ZIP #bot #AlienVault

  12. Analysis of Attack Activities Using SSH+TOR Tunnels to Achieve Covert Persistence

    APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage operations. The organization recently deployed malicious campaigns using nested SSH and TOR tunnel infrastructure to establish covert remote access channels. Attackers distribute ZIP archives containing weaponized LNK files via spearphishing emails, which extract and execute payloads that create scheduled tasks disguised as legitimate software. The attack establishes dual-encrypted anonymous tunnels using obfs4 protocol to bypass deep packet inspection, while mapping sensitive ports (SMB/445, RDP/3389) to Onion domains for persistent backdoor access. The campaign leverages sophisticated anti-analysis techniques including sandbox detection, file disguise, and process masquerading to evade detection and maintain long-term unauthorized control over compromised systems for intelligence collection.

    Pulse ID: 69f1f50a5410ca637c84368c
    Pulse Link: otx.alienvault.com/pulse/69f1f
    Pulse Author: AlienVault
    Created: 2026-04-29 12:09:46

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #CyberSecurity #Email #Espionage #InfoSec #LNK #OTX #Onion #OpenThreatExchange #Phishing #RAT #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #ZIP #bot #AlienVault

  13. Analysis of Attack Activities Using SSH+TOR Tunnels to Achieve Covert Persistence

    APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage operations. The organization recently deployed malicious campaigns using nested SSH and TOR tunnel infrastructure to establish covert remote access channels. Attackers distribute ZIP archives containing weaponized LNK files via spearphishing emails, which extract and execute payloads that create scheduled tasks disguised as legitimate software. The attack establishes dual-encrypted anonymous tunnels using obfs4 protocol to bypass deep packet inspection, while mapping sensitive ports (SMB/445, RDP/3389) to Onion domains for persistent backdoor access. The campaign leverages sophisticated anti-analysis techniques including sandbox detection, file disguise, and process masquerading to evade detection and maintain long-term unauthorized control over compromised systems for intelligence collection.

    Pulse ID: 69f1f50a5410ca637c84368c
    Pulse Link: otx.alienvault.com/pulse/69f1f
    Pulse Author: AlienVault
    Created: 2026-04-29 12:09:46

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #CyberSecurity #Email #Espionage #InfoSec #LNK #OTX #Onion #OpenThreatExchange #Phishing #RAT #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #ZIP #bot #AlienVault

  14. Analysis of Attack Activities Using SSH+TOR Tunnels to Achieve Covert Persistence

    APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage operations. The organization recently deployed malicious campaigns using nested SSH and TOR tunnel infrastructure to establish covert remote access channels. Attackers distribute ZIP archives containing weaponized LNK files via spearphishing emails, which extract and execute payloads that create scheduled tasks disguised as legitimate software. The attack establishes dual-encrypted anonymous tunnels using obfs4 protocol to bypass deep packet inspection, while mapping sensitive ports (SMB/445, RDP/3389) to Onion domains for persistent backdoor access. The campaign leverages sophisticated anti-analysis techniques including sandbox detection, file disguise, and process masquerading to evade detection and maintain long-term unauthorized control over compromised systems for intelligence collection.

    Pulse ID: 69f1f50a5410ca637c84368c
    Pulse Link: otx.alienvault.com/pulse/69f1f
    Pulse Author: AlienVault
    Created: 2026-04-29 12:09:46

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #CyberSecurity #Email #Espionage #InfoSec #LNK #OTX #Onion #OpenThreatExchange #Phishing #RAT #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #ZIP #bot #AlienVault

  15. Analysis of Attack Activities Using SSH+TOR Tunnels to Achieve Covert Persistence

    APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage operations. The organization recently deployed malicious campaigns using nested SSH and TOR tunnel infrastructure to establish covert remote access channels. Attackers distribute ZIP archives containing weaponized LNK files via spearphishing emails, which extract and execute payloads that create scheduled tasks disguised as legitimate software. The attack establishes dual-encrypted anonymous tunnels using obfs4 protocol to bypass deep packet inspection, while mapping sensitive ports (SMB/445, RDP/3389) to Onion domains for persistent backdoor access. The campaign leverages sophisticated anti-analysis techniques including sandbox detection, file disguise, and process masquerading to evade detection and maintain long-term unauthorized control over compromised systems for intelligence collection.

    Pulse ID: 69f1f50a5410ca637c84368c
    Pulse Link: otx.alienvault.com/pulse/69f1f
    Pulse Author: AlienVault
    Created: 2026-04-29 12:09:46

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #BackDoor #CyberSecurity #Email #Espionage #InfoSec #LNK #OTX #Onion #OpenThreatExchange #Phishing #RAT #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #ZIP #bot #AlienVault

  16. 疑似APT-C-13(Sandworm)组织利用SSH+TOR隧道实现隐蔽持久化的攻击活动分析-安全资讯-360官网

    Pulse ID: 69f1f472cc1acc636d7983ef
    Pulse Link: otx.alienvault.com/pulse/69f1f
    Pulse Author: CyberHunter_NL
    Created: 2026-04-29 12:07:14

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #InfoSec #OTX #OpenThreatExchange #SSH #Sandworm #Worm #bot #CyberHunter_NL

  17. Attack Activity Analysis Using SSH+TOR Tunnels for Covert Persistence

    APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage targeting government agencies, diplomatic departments, energy enterprises, and research organizations. Recently detected samples reveal the group's use of nested SSH and TOR tunnel architecture to establish covert communication channels. The attack begins with spear-phishing emails delivering malicious LNK files disguised as PDF documents. Upon execution, the payload deploys TOR hidden services mapping internal ports (SMB/445, RDP/3389) to onion domains, while SSH services with public key authentication provide encrypted remote access. The malware employs obfs4 protocol to obfuscate TOR traffic, evading deep packet inspection. Persistence is achieved through scheduled tasks masquerading as legitimate applications like Opera GX and Dropbox, establishing an anonymous shadow management infrastructure for sustained intelligence collection.

    Pulse ID: 69f06b1eeeb1fca735cb0bb8
    Pulse Link: otx.alienvault.com/pulse/69f06
    Pulse Author: AlienVault
    Created: 2026-04-28 08:09:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Dropbox #Email #Espionage #Government #InfoSec #LNK #Malware #OTX #Onion #OpenThreatExchange #Opera #PDF #Phishing #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #bot #AlienVault

  18. Attack Activity Analysis Using SSH+TOR Tunnels for Covert Persistence

    APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage targeting government agencies, diplomatic departments, energy enterprises, and research organizations. Recently detected samples reveal the group's use of nested SSH and TOR tunnel architecture to establish covert communication channels. The attack begins with spear-phishing emails delivering malicious LNK files disguised as PDF documents. Upon execution, the payload deploys TOR hidden services mapping internal ports (SMB/445, RDP/3389) to onion domains, while SSH services with public key authentication provide encrypted remote access. The malware employs obfs4 protocol to obfuscate TOR traffic, evading deep packet inspection. Persistence is achieved through scheduled tasks masquerading as legitimate applications like Opera GX and Dropbox, establishing an anonymous shadow management infrastructure for sustained intelligence collection.

    Pulse ID: 69f06b1eeeb1fca735cb0bb8
    Pulse Link: otx.alienvault.com/pulse/69f06
    Pulse Author: AlienVault
    Created: 2026-04-28 08:09:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Dropbox #Email #Espionage #Government #InfoSec #LNK #Malware #OTX #Onion #OpenThreatExchange #Opera #PDF #Phishing #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #bot #AlienVault

  19. Attack Activity Analysis Using SSH+TOR Tunnels for Covert Persistence

    APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage targeting government agencies, diplomatic departments, energy enterprises, and research organizations. Recently detected samples reveal the group's use of nested SSH and TOR tunnel architecture to establish covert communication channels. The attack begins with spear-phishing emails delivering malicious LNK files disguised as PDF documents. Upon execution, the payload deploys TOR hidden services mapping internal ports (SMB/445, RDP/3389) to onion domains, while SSH services with public key authentication provide encrypted remote access. The malware employs obfs4 protocol to obfuscate TOR traffic, evading deep packet inspection. Persistence is achieved through scheduled tasks masquerading as legitimate applications like Opera GX and Dropbox, establishing an anonymous shadow management infrastructure for sustained intelligence collection.

    Pulse ID: 69f06b1eeeb1fca735cb0bb8
    Pulse Link: otx.alienvault.com/pulse/69f06
    Pulse Author: AlienVault
    Created: 2026-04-28 08:09:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Dropbox #Email #Espionage #Government #InfoSec #LNK #Malware #OTX #Onion #OpenThreatExchange #Opera #PDF #Phishing #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #bot #AlienVault

  20. Attack Activity Analysis Using SSH+TOR Tunnels for Covert Persistence

    APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage targeting government agencies, diplomatic departments, energy enterprises, and research organizations. Recently detected samples reveal the group's use of nested SSH and TOR tunnel architecture to establish covert communication channels. The attack begins with spear-phishing emails delivering malicious LNK files disguised as PDF documents. Upon execution, the payload deploys TOR hidden services mapping internal ports (SMB/445, RDP/3389) to onion domains, while SSH services with public key authentication provide encrypted remote access. The malware employs obfs4 protocol to obfuscate TOR traffic, evading deep packet inspection. Persistence is achieved through scheduled tasks masquerading as legitimate applications like Opera GX and Dropbox, establishing an anonymous shadow management infrastructure for sustained intelligence collection.

    Pulse ID: 69f06b1eeeb1fca735cb0bb8
    Pulse Link: otx.alienvault.com/pulse/69f06
    Pulse Author: AlienVault
    Created: 2026-04-28 08:09:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Dropbox #Email #Espionage #Government #InfoSec #LNK #Malware #OTX #Onion #OpenThreatExchange #Opera #PDF #Phishing #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #bot #AlienVault

  21. Attack Activity Analysis Using SSH+TOR Tunnels for Covert Persistence

    APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage targeting government agencies, diplomatic departments, energy enterprises, and research organizations. Recently detected samples reveal the group's use of nested SSH and TOR tunnel architecture to establish covert communication channels. The attack begins with spear-phishing emails delivering malicious LNK files disguised as PDF documents. Upon execution, the payload deploys TOR hidden services mapping internal ports (SMB/445, RDP/3389) to onion domains, while SSH services with public key authentication provide encrypted remote access. The malware employs obfs4 protocol to obfuscate TOR traffic, evading deep packet inspection. Persistence is achieved through scheduled tasks masquerading as legitimate applications like Opera GX and Dropbox, establishing an anonymous shadow management infrastructure for sustained intelligence collection.

    Pulse ID: 69f06b1eeeb1fca735cb0bb8
    Pulse Link: otx.alienvault.com/pulse/69f06
    Pulse Author: AlienVault
    Created: 2026-04-28 08:09:02

    Be advised, this data is unverified and should be considered preliminary. Always do further verification.

    #CyberSecurity #Dropbox #Email #Espionage #Government #InfoSec #LNK #Malware #OTX #Onion #OpenThreatExchange #Opera #PDF #Phishing #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #bot #AlienVault

  22. "He who can command the worm, can command the breakfast."

    #Dune #sandworm

  23. Europe’s Power Grid Faces Hybrid Warfare Threat

    European electricity infrastructure has become a target of sustained hybrid warfare, and a new report from Eurelectric, the…
    #Europe #EU #CriticalInfrastructure #cyberattack #DTEK #EURELECTRIC #European #Fingrid #gridresilience #HybridWarfare #Sandworm
    europesays.com/europe/3489/

  24. Jeśli ktoś chce zerknąć do świeżo wydanego raportu firmy Dragos dotyczącego ataku na polski sektor energetyczny, to link znajdzie poniżej. Wskazywana przez badaczy grupa Electrum to nic innego jak Sandworm (wg nazewnictwa stosowanego przez ESET) czy po prostu APT44, czyli ślady prowadzą do Rosji. Ale szczegółów brak, same ogólniki. Sugeruję poczekać na publikację polskiego CERT-u, która ma szansę pojawić się już jutro.

    5943619.hs-sites.com/hubfs/Rep

    #cyberbezpieczenstwo #apt44 #sandworm

  25. CW: kinda looks like a butthole, but only kinda

    This is a sunspot. If it doesn't frighten you the same way it frightens me, you have no soul.

    photo credit unknown, NASA probably.

    #sun #astrophotography #dune #sandworm

  26. 🔐 🖥️ 🌐 🛡️ Russian state-sponsored hackers are moving away from security vulnerabilities and breaking into critical infrastructure through misconfigured devices, warns Amazon Threat Intelligence. ⚠️ 🏭 🔍

    Read: hackread.com/amazon-russia-gru

    #CyberSecurity #Russia #Sandworm #APT44 #Amazon

  27. 🚀🐛 Oh no! A #sandworm named Shai-Hulud decided to slither into our #dev machine and throw a #party on our #GitHub org. But don’t worry, we've got a fancy timeline of how "invincible" our #AI #agents were and how we’re "building next" the ultimate road to... nowhere! 🤖📉
    trigger.dev/blog/shai-hulud-po #mishap #tech #humor #HackerNews #ngated