Ben @polygonben
Threat Research - https://t.co/ZoRAd6zMGy in ur c2 😬 Joined November 2022-
Tweets786
-
Followers2K
-
Following1K
-
Likes3K
@ctrlaltintel @L_Lgde This was known since the day he was arrested. Also, Yutek-NN & IAC MChS is basically a cover for Rostech-affiliated threat actors which I believe is Void Blizzard.
Ладно, раз уже написали про это, рассказываю: Арестованный в Таиланде российский хакер Денис Обрезко работал в ЮТЕК-НН и Информационно-Аналитическом Центре МЧС. Знаете, кто ещё работал в ЮТЕК-НН и ИАЦ МЧС и занимался «хакерством» в пользу РФ? Антон Листаров – человек, который
Full analysis & writeup here: ctrlaltintel.com/research/VoidB…
9 McNuggets & a McChicken burger helped us link a Russian hacker to 🇷🇺 government😅 Denis Obrezko was put on the international wanted listed by Russia, following an FBI arrest in Phuket last November. Our independent investigation shows Obrezko has closes ties to the Moscow👇
kb.cert.org/vuls/id/213560 I can confirm this also exists in an another Tenda router. This one is more of an enterprise offering, the G300. Firmware download: tendacn.com/us/material/sh… Thanks Tenda for not stripping your binaries :) @ctrlaltintel @rootsecdev
Attribution Matters. Impose Cost: Angelo Martino, 41, of Land O’Lakes, Florida, formerly employed as a ransomware negotiator, was sentenced today to 70 months for his role in conspiring with Blackcat/ALPHV (BlackCat) actors to extort multiple victims, as well as conspiring with other former cybersecurity professionals to attack additional victims in 2023. justice.gov/opa/pr/florida…
If you have spare change, I mean literal spare change, money you can genuinely afford to part with, I'd appreciate a donation. If not, like and follow and boost my work. That helps just as much. This post is very much a last resort and I appreciate any support given. Thank you for reading this far. Genuinely. linkedin.com/in/foilman gofundme.com/f/jason-needs-…
Squats, Backdoors, ClickFix and Blockchain. As part of a Have I Been Squatted & @ctrlaltintel researcher traced a typosquatted domain through a ClickFix lure, persistent macOS backdoor, and blockchain-based command-and-control infrastructure. haveibeensquatted.com/blog/from-typo…
One of our researchers has published a blog for @beensquatted exposing an ongoing macOS stealer & backdoor campaign 🔥 Originating from typosquatted domains, a threat actor is using ClickFix lures to deliver a persistent macOS loader hat hosts C2 using Polygon smart contracts👇
There are so many people who deserve their roses but rarely get them. It would literally be impossible to name them all. But here are just some of the many, many people who stood by me. If your name isn't here, don't think I don't appreciate you. Here's just one of each of their many attributes: @khanjicyber: a guide and a beacon of hope @notbrvnd0n: always there with steady support @loop0420: never fails to check in on me @rickcsong: a big business guy who still makes time to call and check in @NetAskari: always sending me cool cyber stuff @nattyfried: like an older brother to me @Crimeonadime: selfless to the core @AidanOsint: someone I owe a genuine thank you @abdo_mhanni: genuine through and through @IntCyberDigest: forgiving and empathetic Now rapid fire: @Alph4betSoup, @IntelOpsV3, @0x686967, @polygonben, @urharmless, @kimmydotzip, @dutch_osintguy, @BashBunny, @NotNordgaren, @Harrris0n, @maybeitsjayy And to Kirwin, thank you. And to the rest, I simply don't have enough chars to type. And last but certainly not least, the most important of all, my Mum. Who has handled all the messy paperwork. Who has sleepless nights from the trauma of the crash. Who came in even when I was stinky, smelly, and vomiting. Who spent as much as she could afford trying to make me eat when my stomach wasn't working. Who fights for me when I am too weak to fight for myself. And to the rest of my friends and family, thank you.
@foilmanhacks Thank you man ❤️ Never forget the words from the Lifesaver: “Don’t bend to the mental strain … against all odds we must strive for essential gain” You don’t realize how much you’ve done to keep me sane 🫶
Thrilled to announce our (@spontiroli & me) from @Acronis TRU Team, new & in-depth research, where we saw Mustang Panda targeting India's Hydropower Sector, government sector and many more, using implants which we call as SHARDLOADER v1.0, v1.1, MINIRECON, ZOHOMURK. We worked with Indian Computer Emergency Response Team, @IndianCERT on data-sharing and multiple other purposes leading to disruption of a live campaign, which had been targeting Philippines as well. While, we had been already tracking the first campaign, we saw a second campaign using @Zoho as a C2(exfil mechanism) widely adopted across Indian Government. Another interesting feature, which we found that the threat actor went slightly offensive causing issues inside the analyst's VMs, while leaving a bunch of OPSEC issues inside the implants and using similar launcher binaries. Read our research here: The implant was also seen and reported by @smica83 🐐& thanks to @IndianCERT on working with us to disrupt the ongoing and live campaigns.
Possible MINIRECON implant used to target India🇮🇳 FileName: Letter to His Excellency the President[.]zip SHA-256: 6c8784885506b0fa3b0543be3c5caec1a4b3c689331d1012847505c61440b2be
Thrilled to announce our (@spontiroli & me) from @Acronis TRU Team, new & in-depth research, where we saw Mustang Panda targeting India's Hydropower Sector, government sector and many more, using implants which we call as SHARDLOADER v1.0, v1.1, MINIRECON, ZOHOMURK. We worked
This isn't secret, it's not a weapon either... the kid was fucking stupid and used a machine to do crime in config that is insanely stupid (if we consider they probably didn't want to get caught) they used edge in its default config, hey had opted in to telemerty. The takes online and articles like this are fucking ridiclous
Microsoft's secret weapon exposed. The FBI used a Windows Global Device Identifier (GDID)—a persistent, OS-level hardware fingerprint—to completely unmask a high-profile hacker despite them using a VPN. If you're on Windows, telemetry is always watching.
I dumped NetNut's frontend source code for their global and Chinese portals. Anyone can now see how it worked internally. They claim to be ethical and to not route through real people's devices, their schema tells a different story. (Source code link at the end)
#Mandarin-speaking threat actor is targeting Vietnam by impersonating the Vietnam Government's Tax Public Service Portal to distribute a malicious Fake eTaxMobile APK vn-dichvucong[.com 398db8ea60f9249bf902bb10e21de621 @malwrhunterteam @skocherhan @smica83 #Vietnam #Malware
The OPSWAT Academy Cyber Challenge 2026 @OPSWATAcademy #cyber #ctf #London
London, you're first. 🎯 The OPSWAT Academy Cyber Challenge 2026 kicks off in the capital on 4 July - and if cybersecurity is your world, or you want it to be, this is the day that changes how you think about it. 🙌 One full day at Queen Mary University of London. A documentary
Another banger dammmm open.spotify.com/track/6pvd8OBn… @foilmanhacks <3
I never post about music, but I’ve always been a big hip-hop head @foilmanhacks recommend this banger, first time hearing it. It homes hard n helped me reflect ❤️ open.spotify.com/track/1fotoYON…
Mike Eckel @Mike_Eckel
19K Followers 10K Following Opponent of Quiet Desperation. Contains Multitudes. In Search Of Meanness Or Sublimity. Ex-Moscow Correspondent. Vladivostok Fanboy. @RFERL Signal: MikeEckel.16
Aashvi Nagendra @AashviNagendra0
2 Followers 44 Following
Tarek @tarekeleter
142 Followers 2K Following Security Engineer - Incident Response @StarknetFndn | All views here are my own. #DFIR Ex - @Mozilla, @Livenation, @Ticketmaster
jano @1yk33
17 Followers 406 Following
honey badger @pillowyell89083
0 Followers 7 Following
h12 @HeriansyahDeco
1 Followers 261 Following
nad @Nadsec11
495 Followers 1K Following Systems Administrator | Cybersecurity Nerd | Weird Robot Enthusiast https://t.co/bjecckpTqC https://t.co/AJrYkXmZRx https://t.co/7rxfMeri1U https://t.co/x33pgl5XzG
AlucarDCyb @AlucarDub
15 Followers 612 Following
The Cracker @thecracker44
7 Followers 302 Following Born to Hack / Crack...🦂 ☼ ‿̩‿‿̩𓊝‿‿̩‿‿̩‿‿̩𓂁‿‿̩‿ . ˖ ₊ ⋆ ₊ ⊹ ଳ ݁ . 𓆝
Chris Sotak @ChrisSotak
114 Followers 1K Following
𝙳𝚛𝚊𝚔𝚎 @portslug
277 Followers 2K Following 🤹♂️ Entrepreneur 🧙♂️ Cybersecurity Consultant 🎯 AI Security 🗝️ Locksport Practitioner 🐙𝗣𝗼𝘀𝘁𝘀 𝗮𝗿𝗲 𝗺𝘆 𝗼𝘄𝗻! 🇺🇸🍍🍕
Jose @eltofurioso
0 Followers 31 Following
Jav @javvvx
205 Followers 859 Following
Richard Batty @PoorHaven
10 Followers 250 Following
MrBill // wardrive ev... @SecureThisNow
6K Followers 5K Following Dislike cyber__ terms | @HardHatBrigade | Perpetual Newb | Meyers-Briggs: IDGAF | !Serious Account | ex-Payphone Purveyor | on infosec exchange | views my own
Bytegeist @_bytegeist
1 Followers 674 Following
MarkusSyvanen @MkusSEC
0 Followers 31 Following
Tobias @tobiasomiller
288 Followers 651 Following
whoamix302 @whoamix302
127 Followers 125 Following Cybersecurity | Adversarial Infrastructure Hunting | Threat intelligence
Matt Zorich @reprise_99
15K Followers 2K Following @Microsoft Security | https://t.co/HWozKuixTi | Tweets are my own | 🇦🇺
Antonio Calderón @l0rdmalware
266 Followers 1K Following
SIMMO @derrynsimmons
239 Followers 2K Following "If it ain't broke, keep messin with it" An Aussie who has had a GUTFULL of the lies and corruption.
T33j @t33j_sec
19 Followers 143 Following
Dark Web Informer @DarkWebInformer
223K Followers 90 Following One guy. Global cybercrime. Tracked so you don't have to. Ransomware, data breaches, dark web activity, darknet markets, IOCs & emerging threats. Stay informed!
ROXCS @BordeiRobert
29 Followers 1K Following
L @L_XRP123
964 Followers 2K Following
b4n1shed @b4n1shed
1K Followers 1K Following Security Research, Threat Intelligence, Malware Analysis, Embedded Systems, Misc. Hackery and Shenanigans.
Chuong Dong @cPeterr
5K Followers 714 Following MSTIC RE @MsftSecIntel | Ex FLARE RE @Mandiant | @CuratedIntel
gemma @gemma_2026_
2 Followers 524 Following
wqe @wqe1dvdx
0 Followers 148 FollowingMatt @Jeffery_Nohmer
136 Followers 668 Following Internet Researcher, infosec professional and all around strange dude
NexusFuzzy 💩 @NexusFuzzy
2K Followers 323 Following Infostealer hunter by night, threat actors’ headache 24/7. I track C2s, ruin botnets, and make cybercriminals rethink their life choices
BeijingJoe @FDjoes
518 Followers 406 Following
Malfors @MalforsHQ
988 Followers 66 Following Making an investigation platform the right way. Used & loved by threat intel, SOC, and OSINT analysts at leading cybersecurity companies.
CTICON @CTIC0N
14 Followers 0 Following An invite-only community for people interested in cyber threat intelligence.
Demon @volrant136
1K Followers 59 Following Threat Researcher at @Huntio DM me for Collaboration on Threat Intel & Hunting 🤝 All Views are my Own⚠️
Mark Kelly @markkelly0x
729 Followers 424 Following Threat research @Proofpoint 🇨🇳 | Member @CuratedIntel | former @RecordedFuture
pam @pamoutaf
318 Followers 152 Following Host of chITchat by pamoutaf, you can listen on most platforms. I also write blogposts 😊
Maybe:Tator @imafkntator
284 Followers 25 Following I'm a potato posting potato things. Enjoy it or not, I don't care.
CTI Updates @CTI__Updates
1K Followers 2K Following Updates about all things threat intelligence & updates about stuffs going on in the cybersec, ransomware, OSINT, SOCMINT, and hacking communities #threatintel
OnionTortoise @Onion_Tortoise
102 Followers 223 Following Threat Hunting | Threat Intelligence | Intrusion Response | InfoSec Tea Time What do you call a turtle that surfs the dark web?
International Cyber D... @IntCyberDigest
188K Followers 255 Following Independent reporting on cybersecurity, tech, AI & digital policy.
Askar Dyussekeyev @askardyuss
409 Followers 187 Following A malware researcher from Kazakhstan | All views are my own
U.S. National Intelli... @ODNIgov
370K Followers 145 Following U.S. National Intelligence oversees the U.S. Intelligence Community & serves as principal adviser to the President of the United States on intelligence issues.
Nguyễn @Nguyn2172228932
1 Followers 83 Following
Hi! I'm Don. @ethicalhacker
19K Followers 1K Following #Dad & #CyberSecurity OG! Co-Founder @justhackinghq w/ @_JohnHammond. Founder of The Ethical Hacker Network and ChicagoCon. Fun project = @diySTEAM #LifeIsGrand
Keir Starmer @Keir_Starmer
2.6M Followers 386 Following Prime Minister of the United Kingdom. Labour MP for Holborn and St Pancras and Leader of the Labour Party. Former Director of Public Prosecutions.
Ethan kelly @EthanUCTV
518 Followers 113 Following THẰNG ÚCVIỆT OFFICIAL Rap bơ , yang ho, uy tín nhất thế giới
Clint Gibler @clintgibler
26K Followers 573 Following 🛡️ Leading Cyber at @OpenAI 📚 Creator of https://t.co/xwtIAI0CuJ newsletter
box turtle @xploitrsturtle2
2K Followers 19 Following I follow ToS Box turtle / canisterturtle / shai huturtle email service is down - uwu underground / icesolst has a safeword with me mum look Im on the news.
Yashraj Solanki @RustyNoob619
1K Followers 358 Following Threat Intel @bridewellsec (All tweets are my views) Build | Track | YARA #100DaysofYARA 2026
Alexander Browder @Alexbrowder_
5K Followers 382 Following Founder of Global Cryptocurrency Laundering Database. ——— https://t.co/brih1CzSax - [email protected]
VnExpress @vietnamenglish
650K Followers 682 Following VnExpress International covers politics, economy, social issues, sports, travel and culture in Vietnam and Southeast Asia.
Gameel Ali 🤘 @MalGamy12
7K Followers 966 Following Threat Researcher @nextronsystems All opinions are my own
Tuoi Tre News @VietNewsGateway
277K Followers 26 Following Tuoi Tre News, an English publication of Tuoi Tre Newspaper, serves as a news gateway to Vietnam.
Censys @censysio
13K Followers 1K Following Censys is the source for real-time Internet intelligence and actionable threat insights for governments, F500 companies, and leading threat intel providers
Sean Lyngaas @snlyngaas
15K Followers 5K Following @CNN cybersecurity reporter | Tips: Signal 202-355-8471 or SNLyng.11 | [email protected] | [email protected]| @DukeU/@FletcherSchool alum | Proud Dad | @LFC
FBI Cyber Division @FBICyberDiv
13K Followers 69 Following Official FBI Cyber Division X. Submit tips at https://t.co/YZeSVuoxZI. Public info may be used for authorized purposes: https://t.co/is3HGZcnHx
Sh4dowExe @Sh4dow3x3
623 Followers 756 Following Threat Intel Analyst | Adversary Hunter | Security Researcher
AkatsukiLegion @_AkatsukiLegion
86 Followers 111 Following 🏴☠️ Akatsuki Research 🎯Threat Hunters | 🦠Malware Researchers |🔍 Intelligence Analysts |
Tiesun 👨💻�... @TIE__SUN
491 Followers 2K Following CTI-Analyst @_AkatsukiLegion | Adversary Hunter | Security Researcher 🗡️ | AS Warrior 🪖
Jon Myers @jonmyers
8K Followers 3K Following Crypto focused designer. Head of product/ Yodl. Former chief design officer/ Liquid.
Tatsiana Ashurkevich @tashurkevich
1K Followers 185 Following Undercover Investigative Journalist — POLITICO | The Guardian | Tagesspiegel | The Christo Files — 📩 [email protected]
John W. @johnwSEAP
4K Followers 4K Following Cyber disruption @TRMlabs // security researcher & fmr. @UNODC official // Interests in all things #AI #threatintel, #privacytech & the @Arsenal 🏆 // @UCDCCI
Đỗ Hùng Việt @dohungviet
104K Followers 310 Following Vietnamese diplomat. UN enthusiast. Views are my own.
Hieu Minh Ngo (Hieupc... @HHieupc
3K Followers 1K Following Convicted Hacker and Former Cybercriminal
Eyal Sela @eyalsela
2K Followers 417 Following Director of Threat Intelligence at Gambit Security. Signal: eyalsela.10 , Keybase: eyals
Alex. Turing @TuringAlex
1K Followers 380 Following Kernel Developer | Security REsearcher | Basketball Fan {Botconf | VirusBulletin | Kaspersky SAS} Speaker Current: @Xlab_qax EX: @360Netlab @Kaspersky AKA 渣兔
Recorded Future @RecordedFuture
108K Followers 2K Following Recorded Future. Know what matters. Act first.








































