Paxion (Pax-ee-on) is a full-purpose cybersecurity technology & services firm, headquartered in Madison, WI. The business is driven by (1) Simplification (2) Education (3) Research (4) Development (5) Security. Our flagship cybersecurity tech product - PAXIE.ai (Proprietary Artificial XDR Intelligence for Enterprise) - is coming soon!β¨Paxion Cybersecurity β¨Simplify. Educate. Secure.
Even if you don't run Telnet, you should strongly consider blocking these ASNs from hitting remote access systems on your perimeter. They are the worst of the worst for this campaign, and will 100% be used for other attacks (b/c they always are).
AS4837, AS4134, AS23969, AS3462, AS4713, AS8151, AS45899, AS4766
A stealth #phishing campaign hid on Google Cloud & Cloudflare for 3+ years.
π 48K+ hosts across 86 clusters
π Expired domains hijacked
π Brand clones tricking victims
π Lesson: Continuous monitoring & domain vigilance are non-negotiable.
#CyberSecurity #InfoSec #Cloud
In remembrance of all the victims. 24 years ago today. Never forget 9/11.
Hackers exploit trusted AI platforms to steal Microsoft 365 credentials.
πA recent campaign used Simplified AI to host fake login portals, evading traditional defenses.
Would your team detect phishing from a βlegitimateβ AI tool?
#CyberSec #Phishing #Microsoft365 #AI #InfoSec
Nevada cyber attack forced state offices to shut down, disrupted services, & led to personal data theft.
π Govβt systems remain high-value targets for attackers.
π Strengthen resilience with: paxioncyber.com
#CyberAttack #DataBreach #Ransomware #IncidentResponse
Nevada cyber attack forced state offices to shut down, disrupted services, & led to personal data theft.
π Govβt systems remain high-value targets for attackers.
π Strengthen resilience with: paxioncyber.com
#CyberAttack #DataBreach #Ransomware #IncidentResponse
A stealth #phishing campaign hid on Google Cloud & Cloudflare for 3+ years.
π 48K+ hosts across 86 clusters
π Expired domains hijacked
π Brand clones tricking victims
π Lesson: Continuous monitoring & domain vigilance are non-negotiable.
#CyberSecurity #InfoSec #Cloud
π¨ Palo Alto Networks confirms data breach!
Hackers exploited OAuth tokens in the Salesloft Driftβ#Salesforce integration to steal:
πΉ Contact info
πΉ Sales data
πΉ Credentials for cloud services
π Lesson: 3rd-party risks are real.
#Cybersecurity #DataBreach #ZeroTrust
π¨ New Threat: AI Waifu RAT Malware π¨
Disguised as an βAI companion tool,β it:
β οΈ Executes arbitrary commands
β οΈ Reads/exfiltrates files
β οΈ Disables antivirus
DM us and stay protected. paxioncyber.com
#CyberSecurity #Malware #RAT #AI #InfoSec #PaxionCyber
Critical Nagios XI XSS flaw in Graph Explorer allows attackers to run malicious JavaScript in admin browsers.
β οΈ Risks: session hijacking, data theft, configuration tampering.
β
Fixed in v2024R2.1 β patch now!
πAt Paxion, we help orgs stay secure.
#Cyber #XSS #Nagios #InfoSec
7,500 Instacart and Shipt gig worker accounts hacked.
Cyber awareness and strong defenses are crucial for gig workers and companies handling sensitive customer data.
β οΈ Always verify code requests!
π Paxion Cyber: Simplify. Educate. Secure.
#CyberSecurity #PhishingAwareness
New Chrome 0-Day (CVE-2025-9478)
Critical use-after-free flaw in Chromeβs ANGLE library allows arbitrary code execution. Full system compromise is possible.
β
Update Chrome to v139.0.7258.154/.155+
π Use EDR, browser isolation, and CSP.
#CyberSecurity #Chrome #0day #InfoSec
β οΈ New AI risk: Prompt Insertion Attacks.
Hackers can embed malicious instructions in an OpenAI account name, bypassing filters and exposing system prompts.
#AI #CybersecurityNews #LLM #Prompts #PaxionCyber
π https://cybersecuritynews.com/openai-name-trigger-chatgpt-jailbreaks/
Ransomware Strikes Drug Research Firm Inotiv
Donβt let a cyberattack derail your mission. Visit https://paxioncyber.com to learn how we can secure your future.
#Cybersecurity #PaxionCyber #CyberResilience #InfoSec #DataProtection
UAC-0057 hackers weaponize PDF "invitation" files to deploy shell scripts & spy on Ukraine/Poland orgs.
π XLS macros β DLL implants β persistent access.
π #Paxion defends with MDR & layered defenses.
π° https://cybersecuritynews.com/uac-0057-hackers-weaponizing-pdf/
UAC-0057 hackers weaponize PDF "invitation" files to deploy shell scripts & spy on Ukraine/Poland orgs.
π XLS macros β DLL implants β persistent access.
π #Paxion defends with MDR & layered defenses.
π° https://cybersecuritynews.com/uac-0057-hackers-weaponizing-pdf/
Group UNC5518 hacks real websites to inject fake CAPTCHAs that trick users into running malware.
β‘οΈ One click = malicious PowerShell command
β‘οΈ Payload = CORNFLAKE.V3 backdoor
πStay sharp. Stay secure. Stay Paxion.
#CyberSecurity #Malware #ClickFix #Paxion #FakeCAPTCHA
RingReaper malware targets Linux servers, using io_uring to evade EDR solutions.
β οΈ Capabilities:
πΉ Process & network discovery
πΉ Privilege escalation
πΉ Self-destructs to hide traces
Our proactive defenses catch what others miss.
#RingReaper #LinuxMalware
Pirated games are a new cyber weapon.
Attackers spread HijackLoader malware via trusted piracy sites, bypassing SmartScreen + Adblockers.
Paxion offers proactive defense against evolving threats.
π Stay protected. Donβt take risks.
#CyberSecurity #HijackLoader #PiratedGames
