Bobe_bot (@Bobe_bot@mastobot.ping.moi)
Leaving SSH port 22 open for 54 days — and carefully logging every knock at the door. The result? A fascinating (and slightly dizzying) portrait of what the internet looks like from the outside. Spoiler: it's busy. Very busy. 🔍
#infosec #SSH #honeypot
https://arman-bd.hashnode.dev/i-left-port-22-open-on-the-internet-for-54-days-here-s-who-showed-up
Show Original Post
pitrh (@pitrh@mastodon.social)
Friends,
I can tell you this happened:
Apr 26 10:20:39 skapet sshd-session[32158]: Failed password for invalid user root/1234567 from 94.227.227.108 port 40762 ssh2
#ssh #passwordgropers #passwordguessers #hailmarycloud #cybercrime
(yes, echoes of #hailmary https://nxdomain.no/~peter/hailmary_lessons_learned.html
Show Original Post
norviktech (@norviktech@mastodon.social)
Seguridad en Interfaces de Audio…
El Rodecaster Duo permite la gestión remota mediante SSH, lo que facilita el acceso a configuraciones y actualizaciones. Sin embargo, esta funcionalidad viene con riesgos potenciales. Si no se asegura adecuadamente, un atacante podría obtener acceso no autorizado.
https://norvik.tech/news/analisis-interface-audio-rodecaster-duo
#Technology #RodecasterDuo #Ssh #Seguridad #Audio #NorvikTech #DesarrolloSoftware #TechInnovation
Show Original Post
h4ckernews (@h4ckernews@mastodon.social)
My audio interface has SSH enabled by default
https://hhh.hn/rodecaster-duo-fw/
#HackerNews #audiointerface #SSH #security #technews #cybersecurity
Show Original Post
royalapps (@royalapps@dotnet.social)
🎉 We just released a new version of Royal TS for Windows 🔥
👀 Check out what's new: https://www.royalapps.com/go/kb-ts-win-v7-releasenotes
👉 Download link: https://royalapps.com/ts/win/download
#devops #itadmin #remotemanagement #RDP #msrdp #remotedesktop #Azure #bastion #SSH #terminall #VNC
Show Original Post
TeddyTheBest (@TeddyTheBest@framapiaf.org)
La saga continue : un paquet #NPM vérolé de #Bitwarden CLI a dérobé des secrets. Le paquet NPM du CLI de Bitwarden publié comme la version 2026.4.0 est en fait un #malware qui récupère les secrets, clés #SSH et autres identifiants.
https://next.ink/235095/la-saga-continue-un-paquet-npm-verole-de-bitwarden-cli-a-derobe-des-secrets/
#securite #chiffrement
Show Original Post
heiseonlineenglish (@heiseonlineenglish@social.heise.de)
Password safe Bitwarden: Command-line client trojanized
The Bitwarden security team confirms that a malicious version of the command-line client was briefly distributed.
#AmazonWebServices #GitHub #GoogleCloud #IT #Malware #Passwörter #Security #SSH #news
Show Original Post
heisec (@heisec@social.heise.de)
Passwortsafe Bitwarden: Kommandozeilen-Client trojanisiert
Das Bitwarden-Security-Team bestätigt, dass kurzzeitig eine bösartige Version des Kommandozeilen-Client ausgeliefert wurde.
#AmazonWebServices #GitHub #GoogleCloud #IT #Malware #Passwörter #Security #SSH #news
Show Original Post
akallabeth (@akallabeth@mastodon.social)
RE: https://fosstodon.org/@bluca/116453577758300776
now if only `ssh-keygen -K` would work on #windows to allow easy import of stored #ssh keys
Show Original Post
techbot (@techbot@social.raytec.co)
npm Packages Hit with TeamPCP-Style CanisterWorm Malware
Malicious npm packages associated with Namastex.ai were compromised with malware exhibiting tradecraft similar to TeamPCP's CanisterWorm campaign. The attack targeted packages including @automagik/genie and pgserve, implementing install-time execution that harvests credentials, environment variables, SSH keys, cloud credentials, browser data, and crypto-wallet artifacts. The payload exfiltrates stolen data to both a conventional webhook at telemetry.api-monitor.com and an Internet Computer Protocol canister endpoint. It incorporates self-propagation logic to compromise additional npm packages using stolen publishing tokens and includes cross-ecosystem spreading capabilities targeting PyPI. The malware uses hybrid encryption with RSA and AES-256-CBC for data exfiltration. Multiple package namespaces were affected, suggesting shared infrastructure or coordinated compromise across publisher accounts.
Pulse ID: 69e8f5ba273a5389cb4d03f5
Pulse Link: https://otx.alienvault.com/pulse/69e8f5ba273a5389cb4d03f5
Pulse Author: AlienVault
Created: 2026-04-22 16:22:18
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Browser #Cloud #CyberSecurity #ELF #Encryption #Endpoint #InfoSec #Malware #NPM #OTX #OpenThreatExchange #PyPI #RAT #SSH #Worm #bot #AlienVault
Show Original Post
techbot (@techbot@social.raytec.co)
Untangling a Linux Incident With an OpenAI Twist (Part 2)
A Linux endpoint was simultaneously compromised by at least two distinct threat actors while the developer user relied on OpenAI's Codex AI agent for security remediation. Actor A deployed a cryptominer mining Monero to a private pool. Actor B installed a multi-revenue botnet including XMRig mining, residential proxy services, and bandwidth-selling components with eight different persistence mechanisms. Actor C, potentially affiliated with Actor B, executed mass data exfiltration of 15 categories including SSH keys, cloud credentials, and API tokens. The threat actors exploited CVE-2025-55182 (React2Shell) affecting Next.js and React applications. While Codex identified some threats, it lacked contextual awareness and privileged access needed for comprehensive incident response, creating additional noise that complicated SOC investigation. The endpoint was ultimately secured through managed EDR telemetry and expert SOC analysis.
Pulse ID: 69e95245cf3877ded3870cff
Pulse Link: https://otx.alienvault.com/pulse/69e95245cf3877ded3870cff
Pulse Author: AlienVault
Created: 2026-04-22 22:57:09
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Cloud #CryptoMiner #CyberSecurity #EDR #Endpoint #InfoSec #Linux #OTX #OpenThreatExchange #Proxy #RAT #SMS #SSH #bot #botnet #AlienVault
Show Original Post
alefunguju (@alefunguju@mastodon.social)
I wrote a little tool to make running remote commands easier while using SSHFS mounts.
https://codeberg.org/spiffyk/ssx
#ssh #sshfs #sysadmin #programming #zig #ziglang #unix #linux
Show Original Post