Loading profile...

Gray Hats (@the_yellow_fall) - Twitter Viewer

Gray Hats's banner

G

Gray Hats

@the_yellow_fall

Welcome to the Daily Cybersecurity site, your trusted source for cybersecurity news and insights since 2017!

Vnorovy, Česká republika

Joined January 2011

379Following

9KFollowers

Pinned

G

Gray Hats@the_yellow_fall · Apr 3

Every coffee keeps us one step ahead of attackers. Support now: buymeacoffee.com/ddos

the_yellow_fall's tweet card. We monitor threats 24/7. Your support keeps us alert!

0

0

8

0

5.0K

G

Gray Hats@the_yellow_fall · 4 h

CERN Scientists Create First Antimatter Qubit, Maintaining Quantum Coherence for Record 50 Seconds meterpreter.org/cern-scientist…

the_yellow_fall's tweet card. CERN's BASE experiment successfully created an antiproton quantum bit, maintaining its coherent state for a record 50 seconds, a breakthrough for antimatter research and testing fundamental physics.

0

0

1

0

202

G

Gray Hats@the_yellow_fall · 4 h

US Woman Jailed 8.5 Years for Running “Laptop Farm” That Enabled North Korean IT Spies to Infiltrate 300+ US Firms meterpreter.org/us-woman-jaile…

the_yellow_fall's tweet card. An Arizona woman was sentenced to 8.5 years for running a "laptop farm" that allowed North Korean IT operatives to impersonate US citizens and secure remote jobs at over 300 US companies, generating...

0

0

1

1

181

G

Gray Hats@the_yellow_fall · 4 h

Brave Browser Blocks Microsoft Recall by Default, Citing Major User Privacy Concerns meterpreter.org/brave-browser-…

the_yellow_fall's tweet card. Brave Software will block Microsoft's AI-powered Recall feature in Windows 11 by default in all windows, citing significant user privacy concerns over periodic screen captures.

0

0

1

0

174

G

Gray Hats@the_yellow_fall · 5 h

Google Accused of Hiding Uninstall Options for Pre-installed Android Apps, Violating EU DMA meterpreter.org/google-accused…

the_yellow_fall's tweet card. Six human rights organizations accuse Google of violating the EU's Digital Markets Act by making it difficult for users to uninstall pre-installed Android apps, filing a complaint with the European...

0

0

0

1

162

G

Gray Hats@the_yellow_fall · 5 h

Leak Zone Forum’s Own Elasticsearch Database Exposed, Revealing 22M+ User Records meterpreter.org/leak-zone-foru…

the_yellow_fall's tweet card. The Leak Zone forum, a hub for hacked data, ironically suffered its own breach. Its exposed Elasticsearch database leaked over 22 million user IP addresses and login timestamps.

0

0

3

2

171

G

Gray Hats@the_yellow_fall · 5 h

Google’s AI Overview: Just 1% of Clicks Go to Original Sources, Threatening the Digital Economy meterpreter.org/googles-ai-ove…

the_yellow_fall's tweet card. A Pew Research study reveals only 1% of AI Overview searches lead to clicks on original sources, threatening content creators and the digital economy as Google prioritizes AI summaries.

0

1

0

0

218

G

Gray Hats@the_yellow_fall · 5 h

TerraformGoat: “Vulnerable by Design” multi cloud deployment tool meterpreter.org/terraformgoat-…

the_yellow_fall's tweet card. TerraformGoat is HuoCorp research lab's "Vulnerable by Design" multi cloud deployment tool. supported cloud vendors include AWS, Azure, Google

0

0

0

0

165

G

Gray Hats@the_yellow_fall · 5 h

CastleLoader Unleashed: New Stealthy Malware Loader Leverages ClickFix & Fake GitHub for Widespread Infections meterpreter.org/castleloader-u…

the_yellow_fall's tweet card. CastleLoader, a sophisticated malware loader, is actively exploiting ClickFix phishing and fake GitHub repos to distribute infostealers and RATs, with a 29% infection rate.

0

2

1

0

225

G

Gray Hats@the_yellow_fall · 5 h

ropr: blazing fast multithreaded ROP Gadget finder meterpreter.org/ropr-blazing-f…

the_yellow_fall's tweet card. ropr is a blazing fast multithreaded ROP Gadget finder. These gadgets may be used for binary exploitation and to subvert vulnerable executables.

0

0

2

0

184

G

Gray Hats@the_yellow_fall · 5 h

GPT-5 is Coming: OpenAI’s Next-Gen Model Set for August Launch with “O3” Reasoning & Mini Variants meterpreter.org/gpt-5-is-comin…

the_yellow_fall's tweet card. OpenAI is set to release GPT-5 in August, featuring "O3" reasoning capabilities, with mini and nano variants also planned, signaling a major step towards AGI.

0

0

0

0

191

G

Gray Hats@the_yellow_fall · 5 h

Mozilla will cease all China-based Firefox operations through Beijing Mozilla Online by Sep 29, 2025, but the browser will remain accessible and updated in mainland China. #FirefoxChina #Mozilla #ChinaTech #BrowserNews #Restructuring securityonline.info/mozilla-ceases…

the_yellow_fall's tweet card. Mozilla will cease all China-based Firefox operations through Beijing Mozilla Online by Sep 29, 2025, but the browser will remain accessible and updated in mainland China.

0

0

0

0

155

G

Gray Hats@the_yellow_fall · 5 h

New Android Banking Malware Targets Indian Banks: Steals Credentials, Intercepts OTPs via Fake Apps meterpreter.org/new-android-ba…

the_yellow_fall's tweet card. CYFIRMA warns of a new Android malware campaign disguised as banking apps, aggressively targeting Indian bank customers to steal credentials, intercept OTPs, and perform unauthorized transactions.

0

2

2

2

238

G

Gray Hats@the_yellow_fall · 5 h

SharePoint Under Siege: China-Linked Storm-2603 Unleashes Warlock Ransomware After Zero-Day Exploitation meterpreter.org/sharepoint-und…

the_yellow_fall's tweet card. Microsoft confirms China-linked Storm-2603 is exploiting SharePoint zero-days (CVE-2025-49706, -49704) to deploy Warlock ransomware on unpatched on-premises servers.

0

2

3

1

202

G

Gray Hats@the_yellow_fall · 5 h

Operation Checkmate: BlackSuit Ransomware Sites Seized, But Is “Chaos” Their Next Rebrand? meterpreter.org/operation-chec…

the_yellow_fall's tweet card. An international law enforcement operation, "Operation Checkmate," has seized BlackSuit ransomware's dark web sites. However, intelligence suggests the prolific group may rebrand as "Chaos."

0

0

0

0

134

G

Gray Hats@the_yellow_fall · 5 h

Koske Malware: AI-Generated Cryptojacker Hides in Panda Images, Targets Linux Servers with Rootkit Stealth meterpreter.org/koske-malware-…

the_yellow_fall's tweet card. AquaSec uncovers Koske, a new cryptojacking malware potentially AI-generated, hiding in innocent-looking images to silently infect Linux servers and evade detection with rootkit stealth.

0

2

6

1

331

G

Gray Hats@the_yellow_fall · 13 h

A critical privilege escalation flaw (CVE-2025-6241) in Lakeside Software's SysTrack allows low-privileged local users to gain SYSTEM access via DLL hijacking. Patch immediately #SysTrack #PrivilegeEscalation #DLLHijacking #Cybersecurity #EndpointSecurity securityonline.info/cert-warns-of-…

the_yellow_fall's tweet card. A critical privilege escalation flaw (CVE-2025-6241) in Lakeside Software's SysTrack allows low-privileged local users to gain SYSTEM access via DLL hijacking. Patch immediately.

1

0

0

0

297

G

Gray Hats@the_yellow_fall · 13 h

A critical command injection flaw (CVE-2025-54416, CVSS 9.1) in tj-actions/branch-names GitHub Action allows arbitrary code execution in workflows, affecting over 5,000 public repositories. #GitHubActions #CommandInjection #CVE #Cybersecurity #CI_CD securityonline.info/critical-comma…

the_yellow_fall's tweet card. A critical command injection flaw (CVE-2025-54416) in tj-actions/branch-names GitHub Action allows arbitrary code execution in workflows, affecting over 5,000 public repositories.

1

5

17

1

842

G

Gray Hats@the_yellow_fall · 13 h

Unit 42 reveals homograph phishing attacks exploiting visually similar characters to bypass defenses and deceive users. AI is amplifying this threat, making malicious emails highly convincing. #HomographPhishing #AIAmplified #Cybersecurity #PhishingAttack securityonline.info/the-homograph-…

the_yellow_fall's tweet card. Unit 42 reveals homograph phishing attacks exploiting visually similar characters to bypass defenses and deceive users. AI is amplifying this threat, making malicious emails highly convincing.

1

1

7

2

352

G

Gray Hats@the_yellow_fall · 13 h

OT-ISAC warns that China-linked APT group UNC3886 is actively targeting Singapore's critical infrastructure, exploiting zero-day vulnerabilities for stealthy, long-term access. #Singapore #UNC3886 #CriticalInfrastructure #Cyberespionage #OTSecurity securityonline.info/singapores-cri…

the_yellow_fall's tweet card. OT-ISAC warns that China-linked APT group UNC3886 is actively targeting Singapore's critical infrastructure, exploiting zero-day vulnerabilities for stealthy, long-term access.

0

1

0

0

284

G

Gray Hats@the_yellow_fall · 13 h

Salesforce patched eight critical flaws in Tableau Server, including RCE, database exposure, and SSRF vulnerabilities, urging users to update immediately. #TableauServer #SalesforceSecurity #RCE #SSRF #CybersecurityAlert securityonline.info/rce-ssrf-data-…

the_yellow_fall's tweet card. Salesforce patched eight critical flaws in Tableau Server, including RCE, database exposure, and SSRF vulnerabilities, urging users to update immediately.

0

0

0

0

211