Don't forget to put your puppygirls in a quiet room tonight. Fireworks can be loud and scary for them. #GAYINT #FURINT
#FURINT
As you may know, we do our fair amount of bitching here at GAYINT which made it difficult to narrow it down to one thing for a Festivus post. But we did. So let the airing of grievances commence. :gayint:
JavaScript libraries and frameworks are bad and the modern Internet should feel bad.
Edit because I forgot to add :gayint:
Look, we're not mad. We're just disappointed that some of y'all weren't listening last time and let this happen again. :8bitrainbow:
Heads up if you're unfortunate enough to be an M365 / Entra shop. There is a TOAD / phishing campaign going on targeting M365 tenants and because the senders are also MS tenants, they tend to be allowed.
Libs you are legally allowed to lib out for the next 24hrs. Go explore your love for tequila and call out sick. Fuck corporations. Enjoy your PTO. #GAYINT #FURINT #DicksOutLibOut
BREAKING NEWS: After a successful DICK REMOVAL the United States has transed itself into a populist working class socialist country. TRANSGENDER FOR EVERYONE!!!! #FuckCuomo #FuckDonaldTrump #DICKREMOVAL #GAYINT #FURINT
Hey friends, shit's fucked. Lots of people are struggling. And a lot of people who can help don't know where to start. So to kick off some extra giving, here's an offer: DM us a receipt of a donation you made for $50USD or more to a food bank and we'll mail you a GAYINT sticker. While supplies last. We only have like 50 stickers left from the first batch but more is on order already. Is that a lot for a sticker? Yes. It's just a fucking sticker. But helping direct people to a way to help their community is priceless.
Feeling super generous? Or maybe you just want to show off? DM a receipt showing a donation of $1000USD or more to a food bank and we'll work on getting you a threat actor name of your own in the upcoming GAYINT Threat Actor Taxonomy v2.
Can't donate? That's cool. Boost this toot and help where you can. Also, food banks, as well as the entire food distribution chain in the US, always need more volunteer labor.
Don't know of a good food bank local to you? Check here: https://www.feedingamerica.org/find-your-local-foodbank/all-food-banks
Currently we can only guarantee delivery of stickers to people with US addresses. International delivery isn't something we are currently prepared to do. Sorry. But at least you likely live in a country where this shit isn't necessary.
In true XKCD 927 fashion, here is the first public release of part of the GAYINT Threat Actor Naming Crosswalk. Feel free to start using our names in your reporting. It's better than a lot of what's out there already. It is a living document so it will be updated as more shit goes sideways in this horrible field of ours.
RE: https://infosec.exchange/@greynoise/115334901922511531
We like this idea. So here, have a similar list of username and password combinations currently in use against Cisco SSL VPN portals:
https://blog.gayint.org/intel/ciscoVpnCreds.txt
Currently our count is only ~82,000 unique combinations but it's still climbing.
22,387 IP addresses that have been observed attacking Palo Alto GlobalProtect portals recently have been published to the GAYINT IOC RSS feed. So have 158 IPs observed attacking Cisco SSL VPN portals. Our visibility there is a little lower but it should still help if you manage those systems.
We may be copypasta proficient, but that does not mean we don't put out. If you follow our IOC RSS Feed, you should see a list of IPs we've recently observed performing attacks against various services. The vast majority of IPs in this particular list were performing password sprays and brute force attacks against VPN portals in the past week.
Happy hunting.
Guess who has four paws, a tail, and access to the GAYINT blog...
uwu haiiii my furry friends! We know itâs Fursuit Friday (gotta get down on Friday) but fedi is being targeted AGAIN. Weâre sick and tired of service providers doing a shit job at protecting the series of tubes. We kindly ask that you send them an email using the phishing report template below.
...
But GAYINT I donât like email!
You can use the webforms here instead:
Cloudflare: https://abuse.cloudflare.com/phishing
Linktree: https://linktr.ee/s/about/trust-center/report
Cheapy Host: We canât find one...theyâre extremely sus
Phishing Report Template:
To: abuse@cloudflare.com, abuse@cheapy.host, info@trust.linktr.ee
Subject: Abuse Report â Mastodon
Hello,
The following phishing campaign is using your infrastructure to attack internet users of the social media network known as Mastodon.
The threat actor is using the linktree url https://tr[.]ee/mastodonverif to direct users to the domain https://mastodon[.]envio84264[.]pro which uses Cloudflareâs nameservers and Cheapy Hosts servers to host a credit card phishing site pretending to be from Mastodon support.
Please stop providing services to criminals.
Thank you
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst