#troll — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #troll, aggregated by home.social.
-
#ThrowbackThursday with an old Troll graphite drawing.✏️
#myart #troll #fairytale #folklore #fantasy #darkfantasy #horrorart #horror #drawing #monster #fantasyart #doodle #zeichnen #fediart #art #artist #artofmastodon #artistsofmastodon #Konaa #Kmac #macNessa #Konaa #illustration #AkasaSigna
-
#ThrowbackThursday with an old Troll graphite drawing.✏️
#myart #troll #fairytale #folklore #fantasy #darkfantasy #horrorart #horror #drawing #monster #fantasyart #doodle #zeichnen #fediart #art #artist #artofmastodon #artistsofmastodon #Konaa #Kmac #macNessa #Konaa #illustration #AkasaSigna
-
#ThrowbackThursday with an old Troll graphite drawing.✏️
#myart #troll #fairytale #folklore #fantasy #darkfantasy #horrorart #horror #drawing #monster #fantasyart #doodle #zeichnen #fediart #art #artist #artofmastodon #artistsofmastodon #Konaa #Kmac #macNessa #Konaa #illustration #AkasaSigna
-
#ThrowbackThursday with an old Troll graphite drawing.✏️
#myart #troll #fairytale #folklore #fantasy #darkfantasy #horrorart #horror #drawing #monster #fantasyart #doodle #zeichnen #fediart #art #artist #artofmastodon #artistsofmastodon #Konaa #Kmac #macNessa #Konaa #illustration #AkasaSigna
-
#ThrowbackThursday with an old Troll graphite drawing.✏️
#myart #troll #fairytale #folklore #fantasy #darkfantasy #horrorart #horror #drawing #monster #fantasyart #doodle #zeichnen #fediart #art #artist #artofmastodon #artistsofmastodon #Konaa #Kmac #macNessa #Konaa #illustration #AkasaSigna
-
Oh, look! #AMD decided to #troll #Linux users with #Vivado licensing changes, proving once again that open-source enthusiasts are merely pawns in their corporate chess game. 🎯🤦♂️ Meanwhile, AMD's PR department must be working overtime crafting excuses that no one will read. 📉
https://itsfoss.com/news/amd-vivado-bait-and-switch-on-linux-users/ #OpenSource #CorporateChess #HackerNews #ngated -
Oh, look! #AMD decided to #troll #Linux users with #Vivado licensing changes, proving once again that open-source enthusiasts are merely pawns in their corporate chess game. 🎯🤦♂️ Meanwhile, AMD's PR department must be working overtime crafting excuses that no one will read. 📉
https://itsfoss.com/news/amd-vivado-bait-and-switch-on-linux-users/ #OpenSource #CorporateChess #HackerNews #ngated -
Oh, look! #AMD decided to #troll #Linux users with #Vivado licensing changes, proving once again that open-source enthusiasts are merely pawns in their corporate chess game. 🎯🤦♂️ Meanwhile, AMD's PR department must be working overtime crafting excuses that no one will read. 📉
https://itsfoss.com/news/amd-vivado-bait-and-switch-on-linux-users/ #OpenSource #CorporateChess #HackerNews #ngated -
Oh, look! #AMD decided to #troll #Linux users with #Vivado licensing changes, proving once again that open-source enthusiasts are merely pawns in their corporate chess game. 🎯🤦♂️ Meanwhile, AMD's PR department must be working overtime crafting excuses that no one will read. 📉
https://itsfoss.com/news/amd-vivado-bait-and-switch-on-linux-users/ #OpenSource #CorporateChess #HackerNews #ngated -
Oh, look! #AMD decided to #troll #Linux users with #Vivado licensing changes, proving once again that open-source enthusiasts are merely pawns in their corporate chess game. 🎯🤦♂️ Meanwhile, AMD's PR department must be working overtime crafting excuses that no one will read. 📉
https://itsfoss.com/news/amd-vivado-bait-and-switch-on-linux-users/ #OpenSource #CorporateChess #HackerNews #ngated -
I don't post on Twitter any more, read-only
But just as a *lot* of people cannot bring themselves to admit that #Trump is *not* some sort of god-tier strategist who is playing twelve-dimensional geopolitical chess in a way that is too subtle for the human mind to comprehend,
so a *lot* of peeple cannot bring themselves to admit that #Musk is just a petty little twenty-something 4Chan /pol shitposting edgelord most of the time
He's not an adult, people, he's a troll who just loves how many people Musk has hanging on his every word, searching for wisdom
Musk is a fucking #Troll, people
Catch a clue, laugh at him, and move on
-
😦Zenoni is about to fight Koron❕❕❕❕❕❕❕❕❕❕❕❕
#mythicalcreatures #breakingnews
#thetruth #troll #stromdragon
#Luisenterianmentcrop #Waltonpictures
#starwaystudios #ravestudios
#snowmassmeidaenterprisesworldwide
#closeencountersproductions
#blueskycinemamagic #scifi #projectbluebook #worldpressexpeditions -
😦Zenoni is about to fight Koron❕❕❕❕❕❕❕❕❕❕❕❕
#mythicalcreatures #breakingnews
#thetruth #troll #stromdragon
#Luisenterianmentcrop #Waltonpictures
#starwaystudios #ravestudios
#snowmassmeidaenterprisesworldwide
#closeencountersproductions
#blueskycinemamagic #scifi #projectbluebook #worldpressexpeditions -
😦Zenoni is about to fight Koron❕❕❕❕❕❕❕❕❕❕❕❕
#mythicalcreatures #breakingnews
#thetruth #troll #stromdragon
#Luisenterianmentcrop #Waltonpictures
#starwaystudios #ravestudios
#snowmassmeidaenterprisesworldwide
#closeencountersproductions
#blueskycinemamagic #scifi #projectbluebook #worldpressexpeditions -
😦Zenoni is about to fight Koron❕❕❕❕❕❕❕❕❕❕❕❕
#mythicalcreatures #breakingnews
#thetruth #troll #stromdragon
#Luisenterianmentcrop #Waltonpictures
#starwaystudios #ravestudios
#snowmassmeidaenterprisesworldwide
#closeencountersproductions
#blueskycinemamagic #scifi #projectbluebook #worldpressexpeditions -
😦Zenoni is about to fight Koron❕❕❕❕❕❕❕❕❕❕❕❕
#mythicalcreatures #breakingnews
#thetruth #troll #stromdragon
#Luisenterianmentcrop #Waltonpictures
#starwaystudios #ravestudios
#snowmassmeidaenterprisesworldwide
#closeencountersproductions
#blueskycinemamagic #scifi #projectbluebook #worldpressexpeditions -
Politicians to Ditch Signal for Homegrown Apps
European governments are transitioning from encrypted messaging applications like Signal and WhatsApp to sovereign Matrix-based solutions. This shift follows successful phishing campaigns, primarily attributed to Russian intelligence services, exploiting Signal's linked devices feature to gain persistent access to political communications. While Signal was initially recommended for external communications, scope creep led to its widespread use for sensitive statecraft discussions. Matrix-based systems offer advantages including federated architecture, government-controlled identity platforms, and customizable data retention policies. However, these homegrown solutions introduce new security vulnerabilities and implementation challenges. The walled-garden nature of current sovereign systems limits their utility for international diplomacy, suggesting Signal will continue to be used for communications with external parties despite the security concerns.
Pulse ID: 6a0ec4bc3bab6cd24d3d05be
Pulse Link: https://otx.alienvault.com/pulse/6a0ec4bc3bab6cd24d3d05be
Pulse Author: AlienVault
Created: 2026-05-21 08:39:24Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #Europe #Government #InfoSec #Mac #OTX #OpenThreatExchange #Phishing #RAT #Russia #Troll #WhatsApp #bot #AlienVault
-
The Worm That Keeps on Digging: Latest Wave
A sophisticated supply chain campaign targeting the open source developer ecosystem has emerged, compromising NPM packages in the @antv namespace, GitHub Actions including actions-cool/issues-helper, and the VSCode extension nrwl.angular-console. The malware initiates multi-stage infection chains using GitHub-hosted infrastructure and orphaned commits to deploy payloads via bun. It harvests extensive credentials including GitHub tokens, SSH keys, cloud credentials, and browser secrets, exfiltrating data through attacker-controlled public GitHub repositories. The campaign establishes persistence through a Python backdoor that polls GitHub for signed commands containing specific trigger strings, enabling remote code execution. Infrastructure analysis and operational patterns indicate moderate confidence attribution to the threat actor TeamPCP.
Pulse ID: 6a0c5b666ccb232590e33087
Pulse Link: https://otx.alienvault.com/pulse/6a0c5b666ccb232590e33087
Pulse Author: AlienVault
Created: 2026-05-19 12:45:26Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #Cloud #CyberSecurity #GitHub #InfoSec #Malware #NPM #OTX #OpenThreatExchange #Python #RAT #RCE #RemoteCodeExecution #SSH #SupplyChain #Troll #Worm #bot #AlienVault
-
Popular node-ipc npm Package Infected with Credential Stealer
A supply chain attack has compromised the node-ipc npm package, with malicious versions 9.1.6, 9.2.3, and 12.0.1 containing obfuscated stealer and backdoor functionality. The attack vector involved takeover of a dormant maintainer account through an expired email domain. The malware fingerprints host environments, enumerates and reads local files including SSH keys, cloud credentials, database configurations, and various developer secrets. Collected data is compressed into a gzip archive and exfiltrated via DNS TXT queries to attacker-controlled infrastructure disguised as legitimate Azure domains. The payload targets over 100 file patterns across macOS and Linux systems, focusing on developer credentials from AWS, Azure, GCP, Kubernetes, Docker, npm, GitHub, and numerous other services. The malicious code executes during CommonJS module loading, forking a detached child process to perform credential harvesting while avoiding detection through obfuscation and DNS-based covert channels.
Pulse ID: 6a0d970e99916e7e7e17c893
Pulse Link: https://otx.alienvault.com/pulse/6a0d970e99916e7e7e17c893
Pulse Author: AlienVault
Created: 2026-05-20 11:12:14Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AWS #Azure #BackDoor #Cloud #CredentialHarvesting #CyberSecurity #DNS #Docker #Email #GitHub #InfoSec #Linux #Mac #MacOS #Malware #NPM #OTX #OpenThreatExchange #RAT #SSH #SupplyChain #Troll #ZIP #bot #AlienVault
-
Popular node-ipc npm Package Infected with Credential Stealer
A supply chain attack has compromised the node-ipc npm package, with malicious versions 9.1.6, 9.2.3, and 12.0.1 containing obfuscated stealer and backdoor functionality. The attack vector involved takeover of a dormant maintainer account through an expired email domain. The malware fingerprints host environments, enumerates and reads local files including SSH keys, cloud credentials, database configurations, and various developer secrets. Collected data is compressed into a gzip archive and exfiltrated via DNS TXT queries to attacker-controlled infrastructure disguised as legitimate Azure domains. The payload targets over 100 file patterns across macOS and Linux systems, focusing on developer credentials from AWS, Azure, GCP, Kubernetes, Docker, npm, GitHub, and numerous other services. The malicious code executes during CommonJS module loading, forking a detached child process to perform credential harvesting while avoiding detection through obfuscation and DNS-based covert channels.
Pulse ID: 6a0d970e99916e7e7e17c893
Pulse Link: https://otx.alienvault.com/pulse/6a0d970e99916e7e7e17c893
Pulse Author: AlienVault
Created: 2026-05-20 11:12:14Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AWS #Azure #BackDoor #Cloud #CredentialHarvesting #CyberSecurity #DNS #Docker #Email #GitHub #InfoSec #Linux #Mac #MacOS #Malware #NPM #OTX #OpenThreatExchange #RAT #SSH #SupplyChain #Troll #ZIP #bot #AlienVault
-
Popular node-ipc npm Package Infected with Credential Stealer
A supply chain attack has compromised the node-ipc npm package, with malicious versions 9.1.6, 9.2.3, and 12.0.1 containing obfuscated stealer and backdoor functionality. The attack vector involved takeover of a dormant maintainer account through an expired email domain. The malware fingerprints host environments, enumerates and reads local files including SSH keys, cloud credentials, database configurations, and various developer secrets. Collected data is compressed into a gzip archive and exfiltrated via DNS TXT queries to attacker-controlled infrastructure disguised as legitimate Azure domains. The payload targets over 100 file patterns across macOS and Linux systems, focusing on developer credentials from AWS, Azure, GCP, Kubernetes, Docker, npm, GitHub, and numerous other services. The malicious code executes during CommonJS module loading, forking a detached child process to perform credential harvesting while avoiding detection through obfuscation and DNS-based covert channels.
Pulse ID: 6a0d970e99916e7e7e17c893
Pulse Link: https://otx.alienvault.com/pulse/6a0d970e99916e7e7e17c893
Pulse Author: AlienVault
Created: 2026-05-20 11:12:14Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AWS #Azure #BackDoor #Cloud #CredentialHarvesting #CyberSecurity #DNS #Docker #Email #GitHub #InfoSec #Linux #Mac #MacOS #Malware #NPM #OTX #OpenThreatExchange #RAT #SSH #SupplyChain #Troll #ZIP #bot #AlienVault
-
Popular node-ipc npm Package Infected with Credential Stealer
A supply chain attack has compromised the node-ipc npm package, with malicious versions 9.1.6, 9.2.3, and 12.0.1 containing obfuscated stealer and backdoor functionality. The attack vector involved takeover of a dormant maintainer account through an expired email domain. The malware fingerprints host environments, enumerates and reads local files including SSH keys, cloud credentials, database configurations, and various developer secrets. Collected data is compressed into a gzip archive and exfiltrated via DNS TXT queries to attacker-controlled infrastructure disguised as legitimate Azure domains. The payload targets over 100 file patterns across macOS and Linux systems, focusing on developer credentials from AWS, Azure, GCP, Kubernetes, Docker, npm, GitHub, and numerous other services. The malicious code executes during CommonJS module loading, forking a detached child process to perform credential harvesting while avoiding detection through obfuscation and DNS-based covert channels.
Pulse ID: 6a0d970e99916e7e7e17c893
Pulse Link: https://otx.alienvault.com/pulse/6a0d970e99916e7e7e17c893
Pulse Author: AlienVault
Created: 2026-05-20 11:12:14Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AWS #Azure #BackDoor #Cloud #CredentialHarvesting #CyberSecurity #DNS #Docker #Email #GitHub #InfoSec #Linux #Mac #MacOS #Malware #NPM #OTX #OpenThreatExchange #RAT #SSH #SupplyChain #Troll #ZIP #bot #AlienVault
-
Popular node-ipc npm Package Infected with Credential Stealer
A supply chain attack has compromised the node-ipc npm package, with malicious versions 9.1.6, 9.2.3, and 12.0.1 containing obfuscated stealer and backdoor functionality. The attack vector involved takeover of a dormant maintainer account through an expired email domain. The malware fingerprints host environments, enumerates and reads local files including SSH keys, cloud credentials, database configurations, and various developer secrets. Collected data is compressed into a gzip archive and exfiltrated via DNS TXT queries to attacker-controlled infrastructure disguised as legitimate Azure domains. The payload targets over 100 file patterns across macOS and Linux systems, focusing on developer credentials from AWS, Azure, GCP, Kubernetes, Docker, npm, GitHub, and numerous other services. The malicious code executes during CommonJS module loading, forking a detached child process to perform credential harvesting while avoiding detection through obfuscation and DNS-based covert channels.
Pulse ID: 6a0d970e99916e7e7e17c893
Pulse Link: https://otx.alienvault.com/pulse/6a0d970e99916e7e7e17c893
Pulse Author: AlienVault
Created: 2026-05-20 11:12:14Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#AWS #Azure #BackDoor #Cloud #CredentialHarvesting #CyberSecurity #DNS #Docker #Email #GitHub #InfoSec #Linux #Mac #MacOS #Malware #NPM #OTX #OpenThreatExchange #RAT #SSH #SupplyChain #Troll #ZIP #bot #AlienVault
-
Ich stelle fest, es gibt keine Antwort, somit keinen Beleg für Deine Behauptung. Offenbar ein #Troll.
➡️ geblockt 🚫
-
Yen a qui sont sur #bluesky ? Je me suis reconnecté, ça faisait 1 an que j’y avais pas mis les pieds 😅
J’ai l’impression qu’il y a toujours aussi peu d’interactions entre utilisateurices, et que c’est surtout des comptes “mainstream”/médias qui postent.
Y a eu des vraies évolutions depuis ? Leur modèle économique a changé ou c’est toujours un peu flou ? Oui je sais techniquement leur protocole est meilleur que Masto (#troll)
#retourdexpériences -
Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
Cisco Talos tracks active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager, allowing remote attackers to obtain administrative privileges. The exploitation is attributed to UAT-8616, a sophisticated threat actor previously involved in similar attacks. Additionally, multiple threat clusters have been exploiting CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 since March 2026, following public release of proof-of-concept code by ZeroZenX Labs. Post-compromise activities include deployment of various webshells, including XenShell, Godzilla, and Behinder variants, along with cryptocurrency miners, red team frameworks like Sliver and AdaptixC2, and credential stealers. Ten distinct threat clusters have been identified, each utilizing different malicious tooling and infrastructure. Affected systems require immediate patching and security measures.
Pulse ID: 6a062c38dfdb5434bb2f0876
Pulse Link: https://otx.alienvault.com/pulse/6a062c38dfdb5434bb2f0876
Pulse Author: AlienVault
Created: 2026-05-14 20:10:32Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Cisco #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Sliver #Talos #Troll #Vulnerability #bot #cryptocurrency #AlienVault
-
Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
Cisco Talos tracks active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager, allowing remote attackers to obtain administrative privileges. The exploitation is attributed to UAT-8616, a sophisticated threat actor previously involved in similar attacks. Additionally, multiple threat clusters have been exploiting CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 since March 2026, following public release of proof-of-concept code by ZeroZenX Labs. Post-compromise activities include deployment of various webshells, including XenShell, Godzilla, and Behinder variants, along with cryptocurrency miners, red team frameworks like Sliver and AdaptixC2, and credential stealers. Ten distinct threat clusters have been identified, each utilizing different malicious tooling and infrastructure. Affected systems require immediate patching and security measures.
Pulse ID: 6a062c38dfdb5434bb2f0876
Pulse Link: https://otx.alienvault.com/pulse/6a062c38dfdb5434bb2f0876
Pulse Author: AlienVault
Created: 2026-05-14 20:10:32Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Cisco #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Sliver #Talos #Troll #Vulnerability #bot #cryptocurrency #AlienVault
-
Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
Cisco Talos tracks active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager, allowing remote attackers to obtain administrative privileges. The exploitation is attributed to UAT-8616, a sophisticated threat actor previously involved in similar attacks. Additionally, multiple threat clusters have been exploiting CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 since March 2026, following public release of proof-of-concept code by ZeroZenX Labs. Post-compromise activities include deployment of various webshells, including XenShell, Godzilla, and Behinder variants, along with cryptocurrency miners, red team frameworks like Sliver and AdaptixC2, and credential stealers. Ten distinct threat clusters have been identified, each utilizing different malicious tooling and infrastructure. Affected systems require immediate patching and security measures.
Pulse ID: 6a062c38dfdb5434bb2f0876
Pulse Link: https://otx.alienvault.com/pulse/6a062c38dfdb5434bb2f0876
Pulse Author: AlienVault
Created: 2026-05-14 20:10:32Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Cisco #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Sliver #Talos #Troll #Vulnerability #bot #cryptocurrency #AlienVault
-
Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
Cisco Talos tracks active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager, allowing remote attackers to obtain administrative privileges. The exploitation is attributed to UAT-8616, a sophisticated threat actor previously involved in similar attacks. Additionally, multiple threat clusters have been exploiting CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 since March 2026, following public release of proof-of-concept code by ZeroZenX Labs. Post-compromise activities include deployment of various webshells, including XenShell, Godzilla, and Behinder variants, along with cryptocurrency miners, red team frameworks like Sliver and AdaptixC2, and credential stealers. Ten distinct threat clusters have been identified, each utilizing different malicious tooling and infrastructure. Affected systems require immediate patching and security measures.
Pulse ID: 6a062c38dfdb5434bb2f0876
Pulse Link: https://otx.alienvault.com/pulse/6a062c38dfdb5434bb2f0876
Pulse Author: AlienVault
Created: 2026-05-14 20:10:32Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Cisco #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Sliver #Talos #Troll #Vulnerability #bot #cryptocurrency #AlienVault
-
Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
Cisco Talos tracks active exploitation of CVE-2026-20182, an authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller and Manager, allowing remote attackers to obtain administrative privileges. The exploitation is attributed to UAT-8616, a sophisticated threat actor previously involved in similar attacks. Additionally, multiple threat clusters have been exploiting CVE-2026-20133, CVE-2026-20128, and CVE-2026-20122 since March 2026, following public release of proof-of-concept code by ZeroZenX Labs. Post-compromise activities include deployment of various webshells, including XenShell, Godzilla, and Behinder variants, along with cryptocurrency miners, red team frameworks like Sliver and AdaptixC2, and credential stealers. Ten distinct threat clusters have been identified, each utilizing different malicious tooling and infrastructure. Affected systems require immediate patching and security measures.
Pulse ID: 6a062c38dfdb5434bb2f0876
Pulse Link: https://otx.alienvault.com/pulse/6a062c38dfdb5434bb2f0876
Pulse Author: AlienVault
Created: 2026-05-14 20:10:32Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Cisco #CyberSecurity #InfoSec #OTX #OpenThreatExchange #RAT #Sliver #Talos #Troll #Vulnerability #bot #cryptocurrency #AlienVault
-
Folklore read live!
Would you marry a troll?
He owns his own home...Decide for yourself LIVE right NOW: https://youtube.com/live/hpLLek7jkm0
#FairyTaleTuesday #WritingCommunity #storyteller #FairyTale #AmReading #reading #indieWriter #fairy #folklore #folk #tales #stories #GrimmBrothers #dnd #dnd5e #pathfinder #pf2e #ttrpg #fantasy #lotr #norwegian #folklore #legend #epic #troll #giant #heart #Asbjørnsen #Moe
-
Folklore read live!
Hear the first three tales of the new best translation of Abjørnsen & Moe!
Hear folklore about that LIVE right NOW: https://youtube.com/live/i6Qrn_U0leA
#FairyTaleTuesday #WritingCommunity #storyteller #FairyTale #AmReading #reading #vancouver #indieWriter #fairy #folklore #folk #tales #stories #GrimmBrothers #dnd #dnd5e #pathfinder #pf2e #ttrpg #fantasy #lotr #troll #Asbjørnsen #norway #norwegian #scandanavian
-
CW: NSFW, GenAI
“Troll”
#bigboobs #bigbreasts #boobs #breasts #caption #cleavage #transgenderpride #transgendercaption #transgendercomics #skeleton #xrayvision #glasses #glassesgirl #library #archaeology #archaeologist #feminization #feminizationcaption #gendertransformation #genderchange #transgender #feminizationtransformation #transition #tgcaption #tgtransformation #tshirt #prank #troll #trolling #posthumoustrolling
-
CW: NSFW, GenAI
“Troll”
#bigboobs #bigbreasts #boobs #breasts #caption #cleavage #transgenderpride #transgendercaption #transgendercomics #skeleton #xrayvision #glasses #glassesgirl #library #archaeology #archaeologist #feminization #feminizationcaption #gendertransformation #genderchange #transgender #feminizationtransformation #transition #tgcaption #tgtransformation #tshirt #prank #troll #trolling #posthumoustrolling
-
CW: NSFW, GenAI
“Troll”
#bigboobs #bigbreasts #boobs #breasts #caption #cleavage #transgenderpride #transgendercaption #transgendercomics #skeleton #xrayvision #glasses #glassesgirl #library #archaeology #archaeologist #feminization #feminizationcaption #gendertransformation #genderchange #transgender #feminizationtransformation #transition #tgcaption #tgtransformation #tshirt #prank #troll #trolling #posthumoustrolling
-
PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale
PCPJack is a sophisticated credential theft framework that propagates across exposed cloud infrastructure while systematically removing artifacts linked to TeamPCP, a threat actor behind notable 2026 supply chain compromises. The toolset harvests credentials from cloud platforms, containers, developer tools, productivity applications, and financial services, exfiltrating data through attacker-controlled infrastructure. It targets exposed Docker, Kubernetes, Redis, MongoDB, RayML services and vulnerable web applications, enabling external propagation and lateral movement. Unlike typical cloud malware, PCPJack deploys no cryptominers, focusing instead on credential theft for monetization through fraud, spam campaigns, extortion, or access resale. The framework uses modular Python scripts orchestrated by a central component, employs Common Crawl data for target selection, and utilizes Telegram for command and control communications.
Pulse ID: 69fd0520d3687243cca2f973
Pulse Link: https://otx.alienvault.com/pulse/69fd0520d3687243cca2f973
Pulse Author: AlienVault
Created: 2026-05-07 21:33:20Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Cloud #CryptoMiner #CyberSecurity #Docker #Extortion #InfoSec #Malware #OTX #OpenThreatExchange #Python #RAT #Redis #Spam #SupplyChain #Telegram #Troll #Worm #bot #AlienVault
-
OPERATION SILENTCANVAS: JPEG BASED MULTISTAGE POWERSHELL INTRUSION
A sophisticated multi-stage intrusion campaign was identified leveraging a weaponized PowerShell payload disguised as a JPEG image file (sysupdate.jpeg) to deploy a trojanized ConnectWise ScreenConnect instance for covert remote access. The attack likely originates through social engineering techniques including phishing emails or malicious attachments. Upon execution, the malware establishes a staging environment, retrieves additional payloads from attacker-controlled infrastructure, and dynamically compiles a custom launcher using Microsoft's legitimate .NET compiler (csc.exe) to evade detection. The intrusion abuses ComputerDefaults.exe and a malicious ms-settings registry hijack to perform a fileless UAC bypass and obtain elevated privileges. Once elevated, the malware deploys a persistent service masquerading as OneDriveServers and launches a modified ScreenConnect framework capable of credential interception, remote command execution, surveillance operations, SYSTEM-level execution, encrypted command...
Pulse ID: 6a008382641183db3b20fef5
Pulse Link: https://otx.alienvault.com/pulse/6a008382641183db3b20fef5
Pulse Author: AlienVault
Created: 2026-05-10 13:09:22Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#ConnectWise #CyberSecurity #EDR #Email #InfoSec #Malware #Microsoft #NET #OTX #OpenThreatExchange #Phishing #PowerShell #RAT #RCE #RemoteCommandExecution #ScreenConnect #SocialEngineering #Trojan #Troll #bot #AlienVault
-
OPERATION SILENTCANVAS: JPEG BASED MULTISTAGE POWERSHELL INTRUSION
A sophisticated multi-stage intrusion campaign was identified leveraging a weaponized PowerShell payload disguised as a JPEG image file (sysupdate.jpeg) to deploy a trojanized ConnectWise ScreenConnect instance for covert remote access. The attack likely originates through social engineering techniques including phishing emails or malicious attachments. Upon execution, the malware establishes a staging environment, retrieves additional payloads from attacker-controlled infrastructure, and dynamically compiles a custom launcher using Microsoft's legitimate .NET compiler (csc.exe) to evade detection. The intrusion abuses ComputerDefaults.exe and a malicious ms-settings registry hijack to perform a fileless UAC bypass and obtain elevated privileges. Once elevated, the malware deploys a persistent service masquerading as OneDriveServers and launches a modified ScreenConnect framework capable of credential interception, remote command execution, surveillance operations, SYSTEM-level execution, encrypted command...
Pulse ID: 6a008382641183db3b20fef5
Pulse Link: https://otx.alienvault.com/pulse/6a008382641183db3b20fef5
Pulse Author: AlienVault
Created: 2026-05-10 13:09:22Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#ConnectWise #CyberSecurity #EDR #Email #InfoSec #Malware #Microsoft #NET #OTX #OpenThreatExchange #Phishing #PowerShell #RAT #RCE #RemoteCommandExecution #ScreenConnect #SocialEngineering #Trojan #Troll #bot #AlienVault