0x2A Security @0x2asec
Security: the answer to the ultimate question of life, the universe, and everything. Joined July 2025-
Tweets496
-
Followers48
-
Following1K
-
Likes669
🚨 𝗪𝗲'𝘃𝗲 𝘂𝗻𝗰𝗼𝘃𝗲𝗿𝗲𝗱 𝘁𝗵𝗲 𝗳𝗶𝗿𝘀𝘁 𝗺𝗮𝗹𝗶𝗰𝗶𝗼𝘂𝘀 𝗠𝗖𝗣 𝘀𝗲𝗿𝘃𝗲𝗿 𝗶𝗻 𝘁𝗵𝗲 𝘄𝗶𝗹𝗱. It was only a matter of time. The postmark-mcp npm package (1,500+ weekly downloads) has been backdoored since v1.0.16 - silently BCCing every email to the attacker's…
Updated post from GreyNoise about Cisco ASA vuln greynoise.io/blog/scanning-…
@ttakvam @roo7cause @cyb3rops @MicrosoftTeams Hello! This is, unfortunately, not a new campaign. But one that doesn't get enough attention. We track the first stage as "Oyster", it is also known as "BroomStick/CleanupLoader" rapid7.com/blog/post/2024… We've been tracking it due to the code-signing certificates 1/2
Join me at 2:30PM PT for an @offby1security stream on introductory Windows stack overflow exploitation. If you're new to Windows exploit dev this is good foundational information before moving to more advanced bug classes like we often cover on stream. youtube.com/watch?v=_I9bSS…
Super cool potential ASLR leak via dictionary hashing by @tehjh! googleprojectzero.blogspot.com/2025/09/pointe…
I love this wise mental frame about bugbounty/pentesting from @MrJoeyMelo: "I like to think 'the hacking part is for fun, I get paid to write reports'."
Cisco ASA/FP - Be on the lookout for calls to these URLs 👇 GET /+CSCOU+/MacTunnelStart.jar GET /+CSCOL+/csvrloader64.cab GET /+CSCOL+/csvrloader.jar - Contain the Cisco SSL VPN Relay Loader - Likely used for version fingerprinting (CVE-2025-20333 / CVE-2025-20362)
Curious how to safely simulate a Shai-Hulud-style NPM attack and validate detection coverage? 🐛🔍 I just released NPM Threat Emulation - lightweight, safe scenarios to exercise NPM supply-chain TTPs and confirm your detections actually fire. 🚨✅ 📺 Showcasing live on…
How safe is your browser? Our ninja, Riadh Bouchahoua, uncovers how attackers can exploit Chromium extension loading to steal data, maintain persistent access, and breach confidentiality on Chromium-based browsers. Read more here ⬇️ synacktiv.com/en/publication…
Cisco just confirmed that multiple zero-days against ASA/FTD VPN web services were exploited in the wild. CISA followed up with an Emergency Directive ordering federal agencies to inventory, patch, or disconnect affected devices. The last 3 Cisco advisories are directly tied to…
LolRMM.io is a great great resource
Rootkitting appliances, you say? There's a common refrain that attack is always evolving, but I was compromising Linux-based appliances in network penetration tests in the 2000's. Middleboxes with late 90's vulns that have privileged positions and access are the anti-pattern.
Rootkitting appliances, you say? There's a common refrain that attack is always evolving, but I was compromising Linux-based appliances in network penetration tests in the 2000's. Middleboxes with late 90's vulns that have privileged positions and access are the anti-pattern.
This may save someone else a few minutes. I've compiled a few random vibecoded tools for generating/analyzing SVGs commonly found in many phishing emails that exploit Microsoft Direct Send. github.com/HackingLZ/svg_…
Devious new attack class defined by @wunderwuzzi23: "Cross-Agent Privilege Escalation" If someone has both Claude Code and GitHub Copilot on their machine you can prompt inject one and have it edit the config for the other in order to further escalate your attack's privileges!
Time's running out to get our bundle: Pay what you want for up to 21 electronics books worth $500+. Expert guides that teach you to build LEDs, bots, and Raspberry Pi projects that actually work + defend digital rights by supporting @EFF. bit.ly/4gILb0O
Active Directory hardening is free…outside of your time. Overall - PingCastle Passwords - FGPP, LAPS, Lithnet Permissions - ADeleg/ADeleginator Applocker - Applocker Inspector/Applocker gen ADCS - Locksmith Logon scripts - ScriptSentry GPO - GPOZaurr Baselines - CIS/Microsoft…
Great way to remember tar command options😂
Great way to remember tar command options😂 https://t.co/GdSn7PUlSs
Hey all, here's my latest blog post: g3tsyst3m.com/fileless%20tec… We'll get to have some fun coding a custom PE loader that downloads and executes our PE in-memory. We'll also take a stab at sneaking past Defender XDR and Sophos XDR. 😸
New blog post: Laptop froze on hibernate, because an Intel driver bailed during power transition and left a power IRP hanging. This can be an interesting one for those that are interested in how I maneuver through a crash dump and how I think, etc. medium.com/@Debugger/hibe…
🚨 A self-replicating worm known as Shai-Hulud has compromised over 500 packages in the world’s largest JavaScript registry npm—causing widespread supply chain issues. Review detection and remediation recommendations in our alert 👉 go.dhs.gov/iAY
HilaryMackintosh @5At4m7UCnxqespS
11 Followers 476 Following
Anna @MarquardtE87519
95 Followers 5K Following
Michele @michele_morrow7
258 Followers 3K Following
Donya @b_donya97
175 Followers 3K Following
7WzIRosemary Lamontag... @7wzirosema87842
19 Followers 380 Following
Cindy @cindyocasio29
399 Followers 3K Following
Kimberly @kimberly98kraus
304 Followers 3K Following
Brenda @walker42brenda
326 Followers 3K Following
Barbara @barbaralasater9
1K Followers 3K Following
Ines @gimbel88ines
243 Followers 3K Following
Amanda @owen78amanda
313 Followers 3K Following
Elizabeth @lasalle_elizabe
229 Followers 3K Following
Chelsey @smithchelsey35
284 Followers 3K Following
Nancy @hicks_nancy20
226 Followers 3K Following
Amy @buchanan_amy12
274 Followers 3K Following
Evelyn @e_weller34
293 Followers 3K Following
Walter Koch @WalterKoch18719
108 Followers 4K Following
Mildred @mildreddietzel3
245 Followers 3K Following
Judy @Judy1754263
386 Followers 3K Following
Baeetieh @Baeetieh380460
34 Followers 997 Following
Daudalg @Daudalg8782
143 Followers 3K Following
Constance @Bkh3hp5M733qWC
18 Followers 852 Following
Susan @3t2c9hZeikh2F
24 Followers 1K Following
Ray [REDACTED] @RayRedacted
64K Followers 8K Following Hacker, Researcher, Podcast Producer (Tribe of Hackers, Darknet Diaries). Proud dad of the fastest climber in the world. Ever. “Ut scandis, alios subleva”
StarShine @Star14682249
0 Followers 3 Following
Courtney @H9eDiJtpkY30Yl
46 Followers 1K Following
0x4143 @0x4143
2K Followers 5K Following Purple Teaming by day, Malware Hunter by night 🏴 (All opinions are my own, not of my employer)
Jim Nitterauer 🇺�... @JNitterauer
9K Followers 9K Following Husband, Dad, Director of Information Security @graylog2. InfoSec enthusiast. CISSP, CISM, Speaker. Ethical Hacker. @BSidesLV Staff @ITENWired Guitarist
pirate.moo @apiratemoo
7K Followers 3K Following \x6d\x6f\x6f\x62\x69\x74\x63\x68 I break things for a living. Opinions are my own.
Austin Aranda @AustinAran3106
0 Followers 3 Following
Jan Blick @JanBlick76125
106 Followers 2K Following
scsideath @cybersyrupblog
2K Followers 4K Following COO https://t.co/5v2a20mGMs | DC541 | DC416 | DC604 | DFIR | Malmons trainer gotta catch em all | My opinions are my own
Cleveland Sports Talk... @CSTsports_2
43K Followers 47K Following Follow CLE Sports Talk FB Page! CLICK: https://t.co/7mL7uMMKI2 We do not own photos. Contact: [email protected] 🇺🇸
Cleveland Sports Talk @CLEsportsTalk
143K Followers 133K Following Now additionally following Ohio State Football! OH... *We do not own photos. Contact: [email protected] 🇺🇸 #DawgCheck #GoGuards #ComeOnCavs #HolyBuckeye
Freddie Rodriguez @FreddieRod82360
0 Followers 7 Following
Two Seven One Three @TwoSevenOneT
3K Followers 2K Following Chief Security Officer (CSO) || Security Researcher at https://t.co/YsorB5YEAu || Penetration Tester || Red Teamer || Social Engineering Awareness Trainer
YieldCurveEdge🇺�... @Ernarfou592
74 Followers 2K Following 15-30% Monthly | 2 High-Conviction Stocks.Short-Term Gains: 15-20% in Days/Weeks.DM "JOIN" for WhatsApp Alerts. Live Trade Signals • Market Analysis
Elma @spitlerelma29
290 Followers 3K Following
Mohammed Aiyaz @MoAI786
1 Followers 13 Following
Alysha Bartell @AlyshaBart75891
34 Followers 3K Following
Kevin Healy @KHealy2812
0 Followers 8 Following
Charles Shirer @bsdbandit
25K Followers 26K Following A Hacker who is A Lover of People, and Life @RetroTwinz @Secbsd, @GrumpyHackers, @NovaHackers, @deadpixelsec @hacknotcrime Advocate @PositivelyBlue_ OSCP, OSWP
Kate Brew @securitybrew
28K Followers 16K Following Mom, Moderate common sense engineer #owasp #lasconatx @GeorgiaTech alum. Funemployed. No one knows what I’m up to.
Elastic Security Labs @elasticseclabs
4K Followers 598 Following Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.
Koidex @GetKoidex
149 Followers 4 Following Real-time intel on malicious extensions & packages across dev marketplaces. Governance + risk scoring for binary/non-binary software. By Koi.
Ciarán Cotter @monkehack
4K Followers 549 Following • Irish/Japanese web hacker living in Scotland. • Researcher for @ctbbpodcast Lab. I run https://t.co/Ja1P3vco1X | Newsletter weekly at https://t.co/KA5b2kY8ih
Defused @DefusedCyber
2K Followers 1 Following Real-Time Threat Intelligence via Cyber Deception. Start Building for Free: https://t.co/TTnxgi9Hv5
Evil Rabbit Security ... @EvilRabbitSec
4K Followers 519 Following I make sex offenders cry. What the hell do you do?
lmeyerov @lmeyerov
3K Followers 456 Following CEO @Graphistry @louie_ai Join https://t.co/uJAdxr0cWP @ RSAC 2025 for GenAI x Security Makers of https://t.co/fo6XK5JmgC, GFQL, GPU dataframes, PyGraphistry
John Lambert @JohnLaTwC
43K Followers 801 Following Corporate Vice President, Security Fellow, Microsoft Security Research, johnla(AT)https://t.co/3dGtq71Nby
AtomicsonaFriday @AtomicsonaFri
556 Followers 28 Following In the wild of cyberspace, 'Atomics on a Friday' is the El Camino of security testing. Guiding defenders with vital content to safeguard their organizations.
xssdoctor @xssdoctor
4K Followers 373 Following hacker and cardiologist… not necessarily in that order
Moritz @m_r_tz
2K Followers 388 Following
Aziz Farghly ☠ ∞ @FarghlyMal
912 Followers 801 Following Threat Researcher @nextronsystems (The thoughts and content I share are personal and not representative of my employer.)
Peter Kruse | Cybercr... @peterkruse
13K Followers 849 Following Peter Kruse is a cybersecurity researcher. Co-founder of CSIS Security Group, Kruse Industries, SIE-Europe & Heimdal. CARO member. CISO at Clever.
ReversingLabs @ReversingLabs
7K Followers 855 Following ReversingLabs is the trusted name in file and software security. RL - Trust Delivered.
Hunt.io @Huntio
4K Followers 920 Following https://t.co/9I6nRUiFjm is a service that provides threat intelligence data about observed network scanning and cyber attacks.
Mikhail Kasimov @500mk500
5K Followers 596 Following Malicious traffic detection system: @maltrail; Maltrail Demo Page: https://t.co/eimXdZvjWo; Maltrail FAQ: https://t.co/Kne9lewPHT
spencer @techspence
13K Followers 2K Following 🛡️Empowering defenders & dismantling threats | Ethical Threat | pentester @securit360 | host @cyberthreatpov | SWAG https://t.co/AFJtZQcti7
Magnet Forensics @MagnetForensics
17K Followers 997 Following Official Twitter feed for Magnet Forensics, a global leader in solutions for digital investigations since 2009.
Spy Collection @SpyCollection1
4K Followers 0 Following Videos/historical research on espionage, intelligence, counter-intelligence, and secure communications. Always seeking more spy gadgets and stories! Contact us!
Bsides Warsaw @BSidesWarsaw
842 Followers 70 Following BSidesWarsaw to jedna z największych niekomercyjnych konferencji na temat bezpieczeństwa IT w Polsce!
BSides Tallinn @bsidesTLL
402 Followers 160 Following DATE: 25.09.2025 ! EVENT: https://t.co/b6r5wYhtTz CFP: https://t.co/HjaLDSZrjw
Seth Jenkins @__sethJenkins
2K Followers 116 Following Project Zero Security Researcher - Hang glider pilot - Jesus Follower @[email protected]
InfoSecMap @InfoSecMap
942 Followers 14 Following Mapping out the best InfoSec events and groups! Sponsored by @C13Security.
RootSys @RootSysAt
127 Followers 8 Following We deliver top-tier security services, including penetration testing, code audits, security research, hardware hacking, and AppSec reviews.
Cyber_OSINT @Cyber_O51NT
19K Followers 297 Following #OSINT treasure hunter, investigator, #CyberThreatIntel analyst. Opinions are my own. Follow me on Telegram https://t.co/i6VBbeUXgd for cyber news.
Phil Venables @philvenables
14K Followers 591 Following All about cyber, resilience, risk, AI - at scale. Partner - Ballistic Ventures / Google - Strategic Advisor / 4 x CISO / Board Director / Chief Risk Officer
Ivan Krstić @radian
12K Followers 869 Following Head of Security Engineering+Architecture (SEAR) at Apple. I don’t speak for my employer.
ZachXBT @zachxbt
911K Followers 2K Following Scam survivor turned 2D investigator | Advisor @paradigm
Soroush Dalili @irsdl
20K Followers 910 Following Hacker (ethical), web appsec specialist, trainer, tools builder & apps breaker, @SecProjectLtd founder 🕸️https://t.co/YipuTcYnWc🥷 🍏A dad-joke maker🍐
M4lcode @M4lcode
651 Followers 313 Following Malware researcher exploring malware, APT groups, and their campaigns across the wild. | Threat Researcher @dexpose_io | Blog Author @anyrun_app & @cyber5w
Charlie Eriksen @CharlieEriksen
2K Followers 344 Following Security Researcher @AikidoSecurity. Founder @weaseljs. Previously @SecCodeWarrior, co-founder at Adversaryio & Principal Security Engineer/Partner @thesyndis
Timothy Peacock @_TimPeacock
845 Followers 52 Following Sr PM Google Cloud Security, co-host @cloudsecpodcast. Reducing info risk, increasing physical risk w/ motorcycles and skis. It should just work. (he/him)🏳️🌈
CloudSecurityPodcast @CloudSecPodcast
3K Followers 438 Following Cloud Security Podcast by Google hosted by @anton_chuvakin and @_TimPeacock - see more at https://t.co/xYsgwSz1ff
Dr. Anton Chuvakin @anton_chuvakin
41K Followers 9K Following Information security - #SIEM, #DFIR, #EDR formerly at Gartner! Now @GoogleCloud Office of the #CISO; host of @CloudSecPodcast https://t.co/VpKtfz8nXG
Nathan McNulty @NathanMcNulty
17K Followers 1K Following Loves Jesus, loves others | Husband, father of 4, security solutions architect, love to learn and teach | Microsoft MVP | @TribeOfHackers | 🦋@nathanmcnulty.com
Mei Danowski @MeiDanowski
567 Followers 410 Following Threat intelligence research from geopolitical perspectives. Co-founder of Natto Thoughts.
OtterHacker @OtterHacker
7K Followers 77 Following Professional redteamer and malware development enthusiast ! I will share some tips and experiences. Look at my work here : https://t.co/cxLBvW7pcI
Pietro Borrello @borrello_pietro
3K Followers 609 Following Security Researcher | PhD @SapienzaRoma | Pwner at @TheRomanXpl0it and @mhackeroni | https://t.co/g77o9Ojdjf | https://t.co/q5KZ4e8wkX
Tanner @wbmmfq
624 Followers 413 Following Senior Security Operations Analyst @HuntressLabs | @[email protected] | Views my own, obv.
Rem @sudo_Rem
647 Followers 336 Following Senior Hunt & Response Analyst @HuntressLabs | GPEN, GCFA, GCFE, GCIA, GCIH | Python Security Researcher
Decipher @DecipherSec
4K Followers 431 Following Security without fear. Cybersecurity news that informs and inspires. Editors: @DennisF & @lindseyOD123. https://t.co/jcYvCZ704o
Jeremy McHugh, DSc. @jer_mchugh
367 Followers 372 Following Co-founder & CEO @preambleAI. Securing increasingly capable AI. Owner @omniainnov. US Air Force Veteran. DSc AI security. @penn_state alum & hockey.
Security Alliance @_SEAL_Org
16K Followers 89 Following Securing the future of crypto | Cover art by @yueko__ | Emergencies: https://t.co/KT0Mzsidtc
Hacking is NOT a Crim... @hacknotcrime
24K Followers 0 Following A global organization advocating the decriminalization of hacking through policy reform. Privacy and security hacktivism. Hack, ergo sum. #HackingIsNotACrime
Aikido Security @AikidoSecurity
3K Followers 1K Following secure everything you build, host, and run with aikido get devs back to building.
The North Korean Comp... @dprkcert
3K Followers 472 Following Defend Tomorrow, Secure Today! Official Computer Emergency Response Team (CERT) for the Democratic People's Republic of Korea #NorthSide #NorthKoreaBestKorea
CYPHERCON @CypherCon
9K Followers 2K Following Wisconsin’s Largest Technology Conference - April 1-2, 2026 - 2500+ attendees meet downtown #Milwaukee at the Baird Center - #hackers #cybersecurity #InfoSecTrends for United States
You might like
