#news ⚡ Unions-Arbeitnehmer fordern Nationalen Rat für Soziale Sicherheit: Angesichts der vielstimmigen Debatte über Reformen verlangt die Arbeitnehmergruppe in der Unionsfraktion eine zentrale Steuerung der S... https://hubu.de/?p=314668 | #nationalen #rat #sicherheit #sozi

2023 #femoralsketch 19 for a person called nibbins of a creature who seems to be auditioning to present prizes on a terrible game show

#respelia #mastoart #anthropomorphicart #furryart #furry #anthropoorphic #anthroart #anthro #rat #mouse #anthrorat #anthromouse #ratgirl #mousegirl #dork

壁ﾓﾌ #ラット #ファンシーラット #rat #rats #rodents #ratsOfFediverse

he z

#rat #rats #ratsOfMastodon #ratsOfFediverse #rodents #petRats #petRat #pets #petArt #cute #cuteArt

Mit Aussetzung der #Wehrpflicht ist die #Kriegsdienstverweigerung aus der Mode gekommen. Seit dem Ukraine-#Krieg – spätestens mit der #Musterungspflicht für 18-Jährige wächst die Unsicherheit: Menschen suchen #Rat
https://shorturl.at/KZ9kU
Q: mdr.de, F: Pixabay CC

Morning, cyber pros! ☕ It's been a slightly quieter 24 hours, but we've still got some critical updates to chew on, from a dominant threat actor exploiting Ivanti RCEs to North Korean fake recruiters and a low-tech crypto phishing scam. Let's dive in:

Ivanti RCE Exploitation Dominance ⚠️
- A single threat actor, using bulletproof infrastructure from IP 193.24.123.42, is behind 83% of recent active exploitation attempts targeting two critical Ivanti EPMM RCE vulnerabilities (CVE-2026-21962 and CVE-2026-24061).
- This IP address is not widely published in IOC lists, meaning many defenders might be missing the primary source of these automated attacks, which also target Oracle WebLogic and GNU Inetutils Telnetd.
- Ivanti has released hotfixes and recommends using specific RPM packages or, for the most conservative approach, rebuilding EPMM instances and migrating data until full patches are available in Q1.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/one-threat-actor-responsible-for-83-percent-of-recent-ivanti-rce-attacks/

Lazarus Group's Fake Job Scams 🕵️
- North Korean threat actors, likely the Lazarus Group, are targeting JavaScript and Python developers with fake job offers that include malicious coding challenges.
- These challenges trick developers into installing compromised packages from npm and PyPi (dubbed 'Graphalgo'), which then deploy a sophisticated Remote Access Trojan (RAT) capable of exfiltrating files and checking for MetaMask installations.
- Developers who may have installed packages like 'bigmathutils' or those with 'graph' or 'big' in their name from suspicious sources should immediately rotate all credentials, tokens, and consider a full OS reinstall.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/fake-job-recruiters-hide-malware-in-developer-coding-challenges/

Crypto Wallet Phishing via Snail Mail ✉️
- Threat actors are employing a rare physical phishing tactic, sending fake letters impersonating Trezor and Ledger to trick hardware wallet users into revealing their recovery phrases.
- The letters create urgency, claiming mandatory "Authentication Checks" or "Transaction Checks" and directing users to scan QR codes that lead to sophisticated phishing websites designed to steal 12-, 20-, or 24-word seed phrases.
- Remember: reputable hardware wallet manufacturers will NEVER ask you to enter your recovery phrase on a website or computer; it should only be entered directly on the device itself during restoration.

🤖 Bleeping Computer | https://www.bleepingcomputer.com/news/security/snail-mail-letters-target-trezor-and-ledger-users-in-crypto-theft-attacks/

#CyberSecurity #ThreatIntelligence #Vulnerability #RCE #Ivanti #LazarusGroup #APT #Malware #RAT #Phishing #SocialEngineering #CryptoSecurity #InfoSec #IncidentResponse

have some good news :D

https://eonmakes.etsy.com

#rat #rats #ratsOfMastodon #ratsOfFediverse #rodents #shop #etsyShop #stickerShop #stickers #smallBusiness

love is stored in the rat

happy valentine's :)

#rat #rats #ratsOfMastodon #ratsOfFediverse #rodents #cute #cuteArt #petRat #petRats #pets #petArt #valentinesDay

The “Graphalgo” campaign represents a modular software supply-chain intrusion targeting developers directly.

Per ReversingLabs findings:
• 192 malicious npm/PyPI packages
• Delayed payload activation (post-version change)
• GitHub repos clean — malicious logic introduced via dependency chain
• RAT variants in JS, Python, VBS
• MetaMask wallet targeting
• Token-protected C2 channels
• GMT+9 commit indicators

Attribution aligns with historical tradecraft associated with Lazarus Group:
Crypto-focused targeting
Recruitment vector infection
Patience-based staged activation

This is a direct developer-layer attack bypassing enterprise perimeter defenses.

Source: https://www.bleepingcomputer.com/news/security/fake-job-recruiters-hide-malware-in-developer-coding-challenges/

Are dependency registries the new primary attack surface?
Engage below.

Follow @technadu for advanced threat analysis.

#ThreatIntel #SupplyChainSecurity #MalwareAnalysis #RAT #OpenSourceSecurity #DevSecOps #LazarusGroup #PackageSecurity #AppSec #BlueTeam #CyberThreats #IoC #Infosec

Mehrheit aus #SPD und #CDU steht - #Grüne enthalten sich - #Linke dagegen: Spaltung im #Rat – Kultur wird zur Chefsache – die Opposition spricht von „Erpressung“ https://www.nordstadtblogger.de/spaltung-im-rat-kultur-wird-zur-chefsache-die-opposition-spricht-von-erpressung/

またひっくり返ってる #ラット #ファンシーラット #rat #rats #rodents #ratsOfFediverse

Rat Breeders in Utah: Complete Guide to Costs, Questions, and Finding Reputable Sources

https://animalofthings.com/rat-breeders-in-utah/

Fileless XWorm RAT Campaign Exploiting Legacy Office Vulnerability

The XWorm Remote Access Trojan through multi themed phishing emails that exploit the legacy Microsoft Office vulnerability CVE-2018-0802.

Pulse ID: 698f641c48c5c35cb17319cf
Pulse Link: https://otx.alienvault.com/pulse/698f641c48c5c35cb17319cf
Pulse Author: cryptocti
Created: 2026-02-13 17:49:16

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Email #InfoSec #Microsoft #MicrosoftOffice #OTX #Office #OpenThreatExchange #Phishing #RAT #RemoteAccessTrojan #Trojan #Vulnerability #Worm #XWorm #bot #cryptocti

Alles voor Jettens pluche, zoals al eerder gememoreerd.

"Jetten betaalt premierschap met VVD-beleid"

-> "het bonusplafond in de financiële sector wordt fors verhoogd."

-> "Volgens de VVD moeten hoogbetaalden immers nog hoger betaald worden om te zorgen dat ze bereid zijn hun werk te doen, en laagbetaalden juist lager."

-> "Het is veelzeggend dat de VVD als spreekbuis van het grootkapitaal wegbleef bij het bezoek van Gabriël Zucman"

(Via #dekanttekening op BS) #rat
https://dekanttekening.nl/columns/jetten-betaalt-premierschap-met-vvd-beleid/

Vom Azubi zum Stadtdirektor: Christian Uhr übernimmt eine Schlüsselrolle im Rathaus. Einstimmige Wiederwahl und neue Funktion: „Es wird ein Teamplay sein“ #Dortmund #Politik #Rat
https://www.nordstadtblogger.de/vom-azubi-zum-stadtdirektor-christian-uhr-uebernimmt-eine-schluesselrolle-im-rathaus/

The man that put #Rat into #Ratcliffe He was branded hypocritical for his racist rant—he moved his business to #Monaco to save £4 billion in tax in 2020 He is was ranked the 7th wealthiest person in UK in the Sunday Times rich list with a £12 billion fortune socialistworker.co.uk/anti-racism/...

Billionaire Jim Ratcliffe who ...

Attackers Weaponize RMM Tools via Zoom, Meet, & Teams Lures

Netskope Threat Labs has identified multiple phishing campaigns exploiting video conference invitations from Zoom, Microsoft Teams, and Google Meet. The attackers use fake meeting invites to trick users into downloading malicious payloads disguised as software updates. These payloads are actually legitimate, digitally signed remote monitoring and management (RMM) tools like Datto RMM, LogMeIn, or ScreenConnect. By leveraging these tools, attackers gain administrative remote access to victims' machines, potentially leading to data theft or further malware deployment. The campaigns use convincing phishing pages that mimic legitimate video conferencing platforms, exploiting users' urgency to join scheduled calls. This sophisticated approach allows attackers to bypass traditional security measures and establish a persistent foothold in corporate networks.

Pulse ID: 698eed8fcb4bdfed81d88a45
Pulse Link: https://otx.alienvault.com/pulse/698eed8fcb4bdfed81d88a45
Pulse Author: AlienVault
Created: 2026-02-13 09:23:27

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #DataTheft #Google #GoogleMeet #InfoSec #Mac #Malware #Microsoft #MicrosoftTeams #Mimic #Netskope #OTX #OpenThreatExchange #Phishing #RAT #ScreenConnect #Zoom #bot #AlienVault

Multiple Threat Actors Rapidly Exploit React2Shell: A Case Study of Active Compromise

A critical vulnerability in React Server Components, dubbed React2Shell, was disclosed on December 3, 2025. Within days, multiple threat actors exploited this flaw, leading to simultaneous compromises of affected systems. The case study reveals a rapid progression from initial coin miner installations to the deployment of various malware types, including RATs and backdoors. The timeline shows attacks beginning on December 5, with website defacement occurring by December 7. Notably, the incident involved the use of SNOWLIGHT, HISONIC backdoor, CrossC2 RAT, and the abuse of Global Socket tool. The study emphasizes the speed at which attackers exploit new vulnerabilities and the importance of swift patching and thorough post-compromise investigations.

Pulse ID: 698eed8d19e5d9aa7ceb75fd
Pulse Link: https://otx.alienvault.com/pulse/698eed8d19e5d9aa7ceb75fd
Pulse Author: AlienVault
Created: 2026-02-13 09:23:25

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RAT #Vulnerability #bot #AlienVault

Fur-lined rat for your cold finger's comfort during winter gaming. #rat

CDU und SPD fällen Entscheidung zu Aufklebern im Dortmunder Stadtrat – Neue Regelung kommt direkt zum Zug. #Dortmund #Rat #Politik
https://www.nordstadtblogger.de/cdu-und-spd-faellen-entscheidung-zu-aufklebern-im-rat-neue-regelung-kommt-direkt-zum-zug/