Español
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#xcodeattack resultados de búsqueda

TweetThreatNews's profile picture. 🔍 ThreatResearch 📰 CybersecurityNews 🖥️ RansomMonitor 📂 Cyber Attack 📂 Data Breach 🎥 Youtube
Cybersecurity News Everyday
 @TweetThreatNews
26 sept

Microsoft reveals a new XCSSET macOS malware targeting Xcode developers, adding Firefox data theft, clipboard hijacking to alter crypto addresses, and persistence features. Limited attacks spotted so far. #macOSMalware #XcodeAttack #USA ift.tt/tc3Aq1W

TweetThreatNews's tweet card. Microsoft reports a new XCSSET malware variant targeting macOS, adding features like enhanced browser data theft, clipboard hijacking, and persistence. The malware primarily infects Xcode projects...
Microsoft warns of new XCSSET macOS malware variant targeting Xcode devs
Fuente: hendryadrian.com
0
0
0
0
101
jr_major's profile picture. Fractional CISO | GRC | Security Architect | | Cloud Engineering | SIEM Architect | SOC 2 • NIST CSF • ISO 27001 42001 | Building Secure, Scalable Solutions
Jonathan Major
@jr_major
5 h

2. VS Code agent assistants as a command‑execution layer (CVE‑2025‑55319) ZeroPath’s write‑up on CVE‑2025‑55319 is basically "prompt injection → RCE in your IDE": - Malicious content in README / comments / docs seeds instructions - Agentic AI in VS Code happily "helps" by…

1
0
0
0
6
SCMagazine's profile picture. The official Twitter feed for all things IT security. A CyberRisk Alliance Resource.
SC Media
 @SCMagazine
12 h

Exploitation of an XWiki bug has intensified as @VulnCheckAI reported that a diverse set of threat actors are actively targeting the flaw. #cybersecurity #infosec #CISO #ITsecurity bit.ly/3JUk1Iq

SCMagazine's tweet card. CVE-2025-24893 could let attackers perform remote code execution to facilitate cryptomining.
XWiki bug actively exploited by multiple threat actors
Fuente: scworld.com
0
0
1
0
308
cedric_chee's profile picture. SWE, Logorhythms | @fastdotai alumni, Independent LLM researcher | Code: https://t.co/KwpQnH7gRo | ex-entrepreneur @AntlerGlobal | genuinely curious
cedric
@cedric_chee
19 nov

Not a cyberattack, just a permissions change that blew up a feature file and pushed the oversized version across their network. x.com/eastdakota/sta…

eastdakota's profile picture. A little bit geek, wonk, and nerd. Repeat entrepreneur, recovering lawyer, and former ski instructor. Co-founder & CEO of Cloudflare (NYSE: NET).
Matthew Prince 🌥
@eastdakota
18 nov

We let the Internet down today. Here’s our technical post mortem on what happened. On behalf of the entire @Cloudflare team, I’m sorry. blog.cloudflare.com/18-november-20…

eastdakota's tweet card. Cloudflare suffered a service outage on November 18, 2025. The outage was triggered by a bug in generation logic for a Bot Management feature file causing many Cloudflare services to be affected.
Cloudflare outage on November 18, 2025
Fuente: blog.cloudflare.com
544
1K
9K
3K
1.8M
0
0
0
0
83
CCBalert's profile picture. CCB Alert is the advisory page of the Centre for Cybersecurity Belgium @CCBbelgium. Use info@ccb.belgium.be for interaction.
CCB Alert
 @CCBalert
18 nov

Warning: Critical RCE in #XWikiPlatform. #CVE-2025-24893 CVSS: 9.8. Any guest can trigger remote code execution via SolrSearchMacros. Affecting confidentiality, integrity & availability. Threat actors actively exploit CVE-2025-24893. #RCE #Patch #Patch #Patch

0
0
1
0
250
SCMagazine's profile picture. The official Twitter feed for all things IT security. A CyberRisk Alliance Resource.
SC Media
 @SCMagazine
18 nov

Exploitation of an XWiki bug has intensified as @VulnCheckAI reported that a diverse set of threat actors are actively targeting the flaw. #cybersecurity #infosec #CISO #ITsecurity bit.ly/3JUk1Iq

SCMagazine's tweet card. CVE-2025-24893 could let attackers perform remote code execution to facilitate cryptomining.
XWiki bug actively exploited by multiple threat actors
Fuente: scworld.com
1
0
5
0
1K
CSIRTFinanciero's profile picture. Programa de colaboración e intercambio de información del sector financiero Colombiano y centro de excelencia para la ciberseguridad.
CSIRT Financiero Asobancaria
@CSIRTFinanciero
18 nov

💥 Alerta CSIRT Financiero: actividad reciente del troyano XCSSET, con módulos y persistencia actualizados, apunta a infectar proyectos de Xcode en macOS, facilitando su propagación entre desarrolladores. 🔗 Fuente: Microsoft Security Blog

CSIRTFinanciero's tweet image. 💥 Alerta CSIRT Financiero: actividad reciente del troyano XCSSET, con módulos y persistencia actualizados, apunta a infectar proyectos de Xcode en macOS, facilitando su propagación entre desarrolladores. 🔗 Fuente: Microsoft Security Blog
0
1
0
0
44
CVEnew's profile picture. Official account maintained by the CVE™ Program to notify the community of new CVE IDs. Posts contain abbreviated details. Full CVE Records on https://t.co/ALn4YvUtom
CVE
 @CVEnew
17 nov

CVE-2025-63708 Cross-Site Scripting (XSS) vulnerability exists in SourceCodester AI Font Matcher (nid=18425, 2025-10-10) that allows remote attackers to execute arbitrary JavaScript… cve.org/CVERecord?id=C…

0
0
0
0
288
cybernewslive's profile picture. Welcome to Cyber News Live where our goal is to create a community and bring public awareness to the cyber industry. #cnl #cybernewslive #cyber #cybersecurity
Cyber News Live
@cybernewslive
17 nov

Multiple threat actors are actively exploiting a critical XWiki vulnerability (vulnerability (CVE-2025-24893)) to execute arbitrary code, enabling cryptocurrency mining and web shell deployment, exposing vulnerable servers to compromise. This rapid exploitation underscores the…

cybernewslive's tweet card. The exploitation of the recent XWiki vulnerability has expanded to botnets, cryptocurrency miners, scanners, and custom tools.
Widespread Exploitation of XWiki Vulnerability Observed
Fuente: securityweek.com
0
0
0
0
46
securitynews_de's profile picture. IT Sicherheitsnews ausgewählt von Cybersicherheitsexperte Sorin Mustaca @SMustaca
IT Security News DE
 @securitynews_de
17 nov

[UPDATE] [hoch] xwiki: Schwachstelle ermöglicht Codeausführung - itsicherheitnews.de/update-hoch-xw…

0
0
0
0
6
PoseidonTPA's profile picture. Poseidon is a SDVOSB Information Technology and Cyber Security solutions and services corporation headquartered in St. Petersburg, Florida.
Poseidon
 @PoseidonTPA
16 nov

Cisco IOS and IOS XE Software Smart Install Remote Code Execution Vulnerability: Update August 20, 2025: Cisco is aware of continued exploitation activity of the vulnerability that is described in this advisory and strongly… news.poseidon-us.com/TPHfl7 #Cisco #Cybersecurity

0
0
0
0
42
SCMagazine's profile picture. The official Twitter feed for all things IT security. A CyberRisk Alliance Resource.
SC Media
 @SCMagazine
16 nov

A @code (VS Code) extension with ransomware capabilities, believed to be “vibe coded” using generative AI, was discovered in the official Visual Studio Marketplace, according to @secureannex. #cybersecurity #CISO #AI #infosec bit.ly/49eOdIq

SCMagazine's tweet card. The “sloppy” malware includes basic ransomware functions and uses GitHub as C2 infrastructure.
AI-generated ransomware extension found on Visual Studio Marketplace
Fuente: scworld.com
0
1
8
1
4K
WhitXcode's profile picture. I bite back 💋.. I do not leave bad comments on anyone’s posts .. #identityfraud#smearcampaign#impersonator#corrupt#setup}liars#hacked#phone
Xcode
 @WhitXcode
15 nov

I am being stalked and harassed and terrorized by organized criminals hired by this men to set me up and cut me off trying to get me in an accident . This men are setting me up as mental

0
0
0
0
17
gothburz's profile picture. Sr. Threat Researcher @theZDI 🥷🏻🛡️👨🏼‍💻Threat hunter 🎯 Creator of @cybercronai 🤖📊 opinions my own 💭
Peter "Germanicus" Girnus
@gothburz
15 nov

CVE-2025-24893 patched Oct 2024, RondoDox exploitation started Nov 2024. That's a 30-day window where defenders had the patch before active exploitation. XWiki's enterprise wiki platform makes this particularly nasty - internal knowledge bases = credential goldmines. Crypto…

gothburz's tweet card. The Trend Zero Day Initiative™ (ZDI) and Trend™ Research teams have identified a large-scale RondoDox botnet campaign exploiting over 50 vulnerabilities across more than 30 vendors, including flaws...
RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits
Fuente: trendmicro.com
0
0
0
0
140
HanseSecure's profile picture. Erhöhe wirksam & nachhaltig die Cybersecurity in deinem Unternehmen
HanseSecure GmbH
 @HanseSecure
15 nov

𝗧𝗵𝗿𝗲𝗮𝘁 𝗥𝗮𝗱𝗮𝗿 – 𝗧𝗵𝗲 𝗛𝗼𝘁𝘁𝗲𝘀𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗜𝘀𝘀𝘂𝗲𝘀 #𝘐𝘛𝘚𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘕𝘦𝘸𝘴 – 𝘋𝘦𝘷𝘴 𝘪𝘮 𝘝𝘪𝘴𝘪𝘦𝘳: 𝘝𝘚 𝘊𝘰𝘥𝘦-𝘔𝘢𝘭𝘸𝘢𝘳𝘦 & 𝘊𝘰𝘯𝘵𝘢𝘪𝘯𝘦𝘳-𝘌𝘴𝘤𝘢𝘱𝘦𝘴 Angreifer verlagern Fokus stärker in Entwicklungs- & Build-Umgebungen

HanseSecure's tweet image. 𝗧𝗵𝗿𝗲𝗮𝘁 𝗥𝗮𝗱𝗮𝗿 – 𝗧𝗵𝗲 𝗛𝗼𝘁𝘁𝗲𝘀𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗜𝘀𝘀𝘂𝗲𝘀 #𝘐𝘛𝘚𝘦𝘤𝘶𝘳𝘪𝘵𝘺 𝘕𝘦𝘸𝘴 – 𝘋𝘦𝘷𝘴 𝘪𝘮 𝘝𝘪𝘴𝘪𝘦𝘳: 𝘝𝘚 𝘊𝘰𝘥𝘦-𝘔𝘢𝘭𝘸𝘢𝘳𝘦 & 𝘊𝘰𝘯𝘵𝘢𝘪𝘯𝘦𝘳-𝘌𝘴𝘤𝘢𝘱𝘦𝘴 Angreifer verlagern Fokus stärker in Entwicklungs- & Build-Umgebungen
0
0
0
0
87
vuln_u's profile picture. Exploring the intersection of cybersecurity, privacy, technology, and mental health.
Vulnerable U
 @vuln_u
14 nov

Someone pushed actual ransomware to the VS Code marketplace and it made it through. 🤦🏻 The extension was literally called “suspicious VSX” from “suspicious publisher,” yet Microsoft’s review process still missed it.

vuln_u's tweet image. Someone pushed actual ransomware to the VS Code marketplace and it made it through. 🤦🏻 The extension was literally called “suspicious VSX” from “suspicious publisher,” yet Microsoft’s review process still missed it.
1
0
0
1
44
blueteamsec1's profile picture. The cybersecurity home for the latest #BlueTeam, #DFIR, and #ThreatHunting news and tools.
Blue Team News
@blueteamsec1
14 nov

Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks dlvr.it/TPFsMK #VScode #SoftwareSecurity #SupplyChainRisk #CyberSecurity #Malware

blueteamsec1's tweet image. Over 100 VS Code Extensions Exposed Developers to Hidden Supply Chain Risks dlvr.it/TPFsMK #VScode #SoftwareSecurity #SupplyChainRisk #CyberSecurity #Malware
0
1
7
1
935
SCMagazine's profile picture. The official Twitter feed for all things IT security. A CyberRisk Alliance Resource.
SC Media
 @SCMagazine
13 nov

A @code (VS Code) extension with ransomware capabilities, believed to be “vibe coded” using generative AI, was discovered in the official Visual Studio Marketplace, according to @secureannex. #cybersecurity #CISO #AI #infosec bit.ly/49eOdIq

SCMagazine's tweet card. The “sloppy” malware includes basic ransomware functions and uses GitHub as C2 infrastructure.
AI-generated ransomware extension found on Visual Studio Marketplace
Fuente: scworld.com
0
1
1
0
500
No hay resultados para "#xcodeattack"
No hay resultados para "#xcodeattack"

Something went wrong.


Something went wrong.


United States Trends