fa
Feedback
Xpykerz

Xpykerz

رفتن به کانال در Telegram
1 044
مشترکین
-124 ساعت
-37 روز
-730 روز

در حال بارگیری داده...

جذب مشترکین
ژوئیه '26
ژوئیه '26
+11
در 0 کانال‌ها
ژوئن '26
+7
در 0 کانال‌ها
Get PRO
مه '26
+7
در 0 کانال‌ها
Get PRO
آوریل '26
+8
در 0 کانال‌ها
Get PRO
مارس '26
+5
در 0 کانال‌ها
Get PRO
فوریه '26
+3
در 0 کانال‌ها
Get PRO
ژانویه '26
+8
در 0 کانال‌ها
Get PRO
دسامبر '25
+7
در 0 کانال‌ها
Get PRO
نوامبر '25
+8
در 0 کانال‌ها
Get PRO
اکتبر '25
+5
در 0 کانال‌ها
Get PRO
سپتامبر '25
+3
در 0 کانال‌ها
Get PRO
اوت '25
+5
در 0 کانال‌ها
Get PRO
ژوئیه '25
+7
در 0 کانال‌ها
Get PRO
ژوئن '25
+9
در 0 کانال‌ها
Get PRO
مه '25
+8
در 0 کانال‌ها
Get PRO
آوریل '25
+7
در 0 کانال‌ها
Get PRO
مارس '25
+6
در 0 کانال‌ها
Get PRO
فوریه '25
+9
در 0 کانال‌ها
Get PRO
ژانویه '25
+17
در 0 کانال‌ها
Get PRO
دسامبر '24
+9
در 0 کانال‌ها
Get PRO
نوامبر '24
+12
در 0 کانال‌ها
Get PRO
اکتبر '24
+13
در 0 کانال‌ها
Get PRO
سپتامبر '24
+6
در 0 کانال‌ها
Get PRO
اوت '24
+4
در 0 کانال‌ها
Get PRO
ژوئیه '24
+8
در 0 کانال‌ها
Get PRO
ژوئن '24
+14
در 0 کانال‌ها
Get PRO
مه '24
+4
در 0 کانال‌ها
Get PRO
آوریل '24
+8
در 0 کانال‌ها
Get PRO
مارس '24
+2
در 0 کانال‌ها
Get PRO
فوریه '24
+22
در 0 کانال‌ها
Get PRO
ژانویه '24
+16
در 0 کانال‌ها
Get PRO
دسامبر '23
+25
در 0 کانال‌ها
Get PRO
نوامبر '23
+10
در 0 کانال‌ها
Get PRO
اکتبر '23
+14
در 0 کانال‌ها
Get PRO
سپتامبر '23
+17
در 0 کانال‌ها
Get PRO
اوت '23
+32
در 0 کانال‌ها
Get PRO
ژوئیه '23
+13
در 0 کانال‌ها
Get PRO
ژوئن '23
+21
در 0 کانال‌ها
Get PRO
مه '23
+12
در 0 کانال‌ها
Get PRO
آوریل '23
+8
در 0 کانال‌ها
Get PRO
مارس '23
+9
در 0 کانال‌ها
Get PRO
فوریه '23
+4
در 0 کانال‌ها
Get PRO
ژانویه '23
+12
در 0 کانال‌ها
Get PRO
دسامبر '22
+5
در 0 کانال‌ها
Get PRO
نوامبر '22
+8
در 0 کانال‌ها
Get PRO
اکتبر '22
+7
در 0 کانال‌ها
Get PRO
سپتامبر '22
+8
در 0 کانال‌ها
Get PRO
اوت '22
+15
در 0 کانال‌ها
Get PRO
ژوئیه '22
+16
در 0 کانال‌ها
Get PRO
ژوئن '22
+17
در 0 کانال‌ها
Get PRO
مه '22
+22
در 0 کانال‌ها
Get PRO
آوریل '22
+18
در 0 کانال‌ها
Get PRO
مارس '22
+18
در 0 کانال‌ها
Get PRO
فوریه '22
+12
در 0 کانال‌ها
Get PRO
ژانویه '22
+33
در 0 کانال‌ها
Get PRO
دسامبر '21
+16
در 0 کانال‌ها
Get PRO
نوامبر '21
+9
در 0 کانال‌ها
Get PRO
اکتبر '21
+14
در 0 کانال‌ها
Get PRO
سپتامبر '21
+23
در 0 کانال‌ها
Get PRO
اوت '21
+33
در 0 کانال‌ها
Get PRO
ژوئیه '21
+36
در 0 کانال‌ها
Get PRO
ژوئن '21
+25
در 0 کانال‌ها
Get PRO
مه '21
+21
در 0 کانال‌ها
Get PRO
آوریل '21
+43
در 0 کانال‌ها
Get PRO
مارس '21
+27
در 0 کانال‌ها
Get PRO
فوریه '21
+30
در 0 کانال‌ها
Get PRO
ژانویه '21
+37
در 0 کانال‌ها
Get PRO
دسامبر '20
+1 855
در 0 کانال‌ها
تاریخ
رشد مشترکین
اشارات
کانال‌ها
15 ژوئیه+1
14 ژوئیه0
13 ژوئیه0
12 ژوئیه0
11 ژوئیه+1
10 ژوئیه+1
09 ژوئیه0
08 ژوئیه0
07 ژوئیه+1
06 ژوئیه0
05 ژوئیه+1
04 ژوئیه+3
03 ژوئیه+1
02 ژوئیه+1
01 ژوئیه+1
پست‌های کانال
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days #News Posted On 📆 : Mon, 13 Jul 2026 11:06:02 +053
iCagenda and Balbooa Forms Joomla Flaws Reportedly Exploited as Zero-Days #News Posted On 📆 : Mon, 13 Jul 2026 11:06:02 +0530 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two maximum-severity security flaws impacting iCagenda and Balbooa extensions for Joomla to its Known Exploited Vulnerabilities (KEV) catalog, following reports of zero-day exploitation in the wild. The vulnerabilities, both rated 10.0 on the CVSS scoring system, are below - CVE-2026-48939 - A vulnerability in the 😍Share And Support😍 ➖@Xpykerz

2
Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365 #News Posted On 📆 : Mon, 13 Jul 2026
Misconfigured Server Reveals Three Evilginx Phishing Operations Targeting Microsoft 365 #News Posted On 📆 : Mon, 13 Jul 2026 13:00:00 +0530 An attacker running a live Microsoft 365 phishing operation left a Python web server listening on a public port with directory listing switched on. The command that did it: python3 -m http.server 8080, was still sitting in the readable .bash_history. From that one lapse, French security firm Lexfo lifted the operator's entire toolkit and pivoted through it to two more 😍Share And Support😍 ➖@Xpykerz➖
10
3
Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory #News Posted On 📆 : Mon, 13 Jul 2026 16:32:33
Attacker Uses Suspected AI-Generated PowerShell Script to Map Active Directory #News Posted On 📆 : Mon, 13 Jul 2026 16:32:33 +0530 Cybersecurity researchers have flagged an intrusion in which an unknown threat actor leveraged a vibe-coded PowerShell script for Active Directory (AD) enumeration. "The script looked for the Domain Controller (DC) and mapped users, computers, and domains, before creating a directory and exporting out a number of files, and finally creating AD_Report.html to measure the success of the 😍Share And Support😍 ➖@Xpykerz➖
5
4
Thinking Fast and Slow in the SOC: The Case for Combining Autonomous AI with Analyst Copilots #News Posted On 📆 : Mon, 13 Ju
Thinking Fast and Slow in the SOC: The Case for Combining Autonomous AI with Analyst Copilots #News Posted On 📆 : Mon, 13 Jul 2026 17:07:05 +0530 A few days ago, I was sitting with the CISO of a Fortune 50 company, walking through how his security team was thinking about AI agents in the SOC. Smart team. Serious program. They had already connected Claude to a few detection tools and were seeing real value in specific investigations. But as we mapped out the broader architecture, something kept nagging at me. The design they were building 😍Share And Support😍 ➖@Xpykerz➖
5
5
Meta Files Patent for AI That Can Listen All Day and Track How You're Feeling #News Posted On 📆 : Mon, 13 Jul 2026 17:24:46
Meta Files Patent for AI That Can Listen All Day and Track How You're Feeling #News Posted On 📆 : Mon, 13 Jul 2026 17:24:46 +0530 Meta has filed a patent application for an AI that listens to your voice throughout the day, works out how it thinks you are feeling from the way you sound, and keeps a timestamped log of every read. Each read gets pinned to the moment it happened: the time, your location, what you were doing, even how you were using your phone. Some versions in the filing would listen all day; others would 😍Share And Support😍 ➖@Xpykerz➖
4
6
Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft #News Posted On 📆 : Mon, 13 Jul 2026 18:33:33 +0
Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft #News Posted On 📆 : Mon, 13 Jul 2026 18:33:33 +0530 A new phishing-as-a-service (PhaaS) operation called Forg365 is using a combination of device code phishing, adversary-in-the-middle (AitM) tactics, antibot evasion, artificial intelligence (AI)-assisted lure creation, and post-compromise mailbox operations targeting Microsoft 365 accounts. Distributed via Telegram and costing $400 a month (or $3,800 per year), attack chains leverage phishing 😍Share And Support😍 ➖@Xpykerz➖
4
7
New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email #News Posted On 📆 : Mon, 13 Jul 2026 19:
New MemGhost Attack Plants Persistent False Memories in AI Agents Through One Email #News Posted On 📆 : Mon, 13 Jul 2026 19:19:48 +0530 Give an AI assistant a memory and access to your inbox, and you hand an attacker a way to rewrite what it thinks it knows about you. A single email can trick that agent into saving a false "fact" about the user, hide the change, and quietly steer its answers in later sessions. When it works, the person reads an ordinary-looking reply and never learns their assistant was tampered with. The 😍Share And Support😍 ➖@Xpykerz➖
4
8
⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More #News Posted On 📆 : Mon, 13 Jul 202
⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More #News Posted On 📆 : Mon, 13 Jul 2026 20:35:57 +0530 Somewhere right now, a security tool is quietly finding bugs faster than any human can fix them. That's supposed to be the good news. The catch is that the attackers have the same tools, pointed the other way, and they don't file tickets. That's the shape of this week. Trusted code turns on the people who installed it. Old bugs from last year are still landing because the fix sat in a queue too 😍Share And Support😍 ➖@Xpykerz➖
4
9
Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found #News Posted On 📆 : Mon, 13 Jul
Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found #News Posted On 📆 : Mon, 13 Jul 2026 22:47:24 +0530 Google and Microsoft have pulled ModHeader, a popular header-editing extension with roughly 1.6 million installs across Chrome and Edge, after researchers found a hidden browsing-history collector built into its official store version. The collector was dormant. An empty allow-list kept it switched off, and no proof has emerged that it ever gathered or sent a single browsing domain. The 😍Share And Support😍 ➖@Xpykerz➖
4
10
CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks #News Posted On 📆 : Mon, 13 Jul 2026 23:06:12 +0
CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks #News Posted On 📆 : Mon, 13 Jul 2026 23:06:12 +0530 Cybersecurity researchers have flagged a new macOS information stealer called CrashStealer that's capable of harvesting sensitive data from compromised systems. Unlike other information stealers that are built on AppleScript droppers or Objective-C-based wrappers, CrashStealer is implemented in native C++, according to Jamf Threat Labs. "It validates the victim's login password locally before 😍Share And Support😍 ➖@Xpykerz➖
6
11
Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions #News Posted On 📆 : Sat, 11 Jul 2026 12:15
Critical Zimbra Flaw Could Let Crafted Emails Run Malicious Code in User Sessions #News Posted On 📆 : Sat, 11 Jul 2026 12:15:55 +0530 Zimbra is urging customers to apply updates to address a critical security vulnerability impacting the Classic Web Client that could result in arbitrary code execution. The vulnerability has been described as a case of stored cross-site scripting (XSS) that could allow specially crafted emails to execute malicious scripts in a user's session. It has yet to be assigned a CVE identifier. "The 😍Share And Support😍 ➖@Xpykerz➖
29
12
Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns #News Posted On 📆 : Sat, 11 Jul 2026 23:19:31
Hackers Weaponize Balochistan Police Portal in Multi-Group Espionage Campaigns #News Posted On 📆 : Sat, 11 Jul 2026 23:19:31 +0530 Cybersecurity researchers have disclosed details of sustained cyber espionage activity against several Pakistani law enforcement organizations undertaken by suspected China- and India-aligned threat actors between February 2024 and April 2026. "At Balochistan Police, the compromised assets included servers hosting web applications that manage police and citizen data, such as criminal and 😍Share And Support😍 ➖@Xpykerz➖
22
13
Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install #News Posted On 📆 : Sat, 11 Jul 2026 23:29:2
Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install #News Posted On 📆 : Sat, 11 Jul 2026 23:29:26 +0530 The jscrambler npm package was compromised, and simply installing its 8.14.0 release runs an infostealer on your machine. Published on July 11, 2026, the malicious version carries a preinstall hook that drops and executes a native binary, one build each for Windows, macOS, and Linux. Socket flagged the release six minutes after it was published. If you or one of your 😍Share And Support😍 ➖@Xpykerz➖
19
14
Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs #News Posted On 📆 : Fri, 10 Jul 2026 00:08:49 +
Dormant GitHub Accounts Help Attackers Blend In While Mapping Corporate Orgs #News Posted On 📆 : Fri, 10 Jul 2026 00:08:49 +0530 Datadog Security Labs is warning of "several overlapping campaigns" that are systematically enumerating corporate GitHub organizations, repositories, and user accounts through the GitHub API. "Operators rely on automated scraping tooling with custom or legitimate-sounding user agents, leveraging GitHub 'ghost' accounts that are often years old, or compromised OAuth tokens and personal 😍Share And Support😍 ➖@Xpykerz➖
22
15
Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacks #News Posted On 📆 : Fri, 10 Jul 2026 13:40:12 +05
Ransomware Negotiator Gets 70 Months in Prison for Aiding BlackCat Attacks #News Posted On 📆 : Fri, 10 Jul 2026 13:40:12 +0530 A 41-year-old former ransomware negotiator has been sentenced to nearly six years (i.e., 70 months) in prison in the U.S. for their role in conspiring with the now-defunct BlackCat ransomware operators to extort multiple victims and working with two other cybersecurity professionals to target additional victims in 2023. In a sentencing memorandum, federal prosecutors described Martino as a " 😍Share And Support😍 ➖@Xpykerz➖
16
16
Attackers Exploit 'Ill Bloom' Vulnerability to Drain Over $5 Million From Cryptocurrency Wallets #News Posted On 📆 : Fri, 10
Attackers Exploit 'Ill Bloom' Vulnerability to Drain Over $5 Million From Cryptocurrency Wallets #News Posted On 📆 : Fri, 10 Jul 2026 14:30:05 +0530 Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software generated its recovery phrase, the words that control the money. When that phrase is made with weak randomness, an attacker can work it out and take everything it controls. The firm has confirmed one coordinated sweep on May 27 😍Share And Support😍 ➖@Xpykerz➖
10
17
Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access #News Posted On 📆 : Fri, 10 Jul 2026 16:00:
Hackers Use Fake Microsoft Entra Passkey Enrollment to Gain Microsoft 365 Access #News Posted On 📆 : Fri, 10 Jul 2026 16:00:20 +0530 A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365 users to enroll a new Entra passkey with an aim to carry out data extortion attacks. The threat actor, tracked by Okta under the moniker O-UNC-066, has deployed a panel-controlled phishing kit that's capable of targeting the passkey enrollment process. The 😍Share And Support😍 ➖@Xpykerz➖
7
18
Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking #News Posted On 📆 : Fri, 10 Jul 2026
Study of 281 Free Android VPN Apps Finds Traffic Leaks, Unencrypted Data, and Tracking #News Posted On 📆 : Fri, 10 Jul 2026 16:26:23 +0530 Researchers ran 281 of the most popular free VPN apps on the Google Play Store through a new testing system and found that many fail at the basics people install a VPN for, i.e., keeping their traffic private and secure. The apps flagged with at least one problem have been installed more than 2.4 billion times. The problems are basic, not sophisticated. 29 apps let user traffic leak outside 😍Share And Support😍 ➖@Xpykerz➖
4
19
Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites #News Posted On 📆 : Fri, 10 Jul 2026 17
Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites #News Posted On 📆 : Fri, 10 Jul 2026 17:00:02 +0530 A cybercrime crew left one of its own servers wide open on the internet for three weeks, and it exposed the operation's inner workings: the hacking tools, the activity logs, and target lists naming more than 1.4 million websites. Far fewer were actually broken into, but the exposed files showed researchers how a mass site-hacking operation runs from the inside. The operation, now tracked as 😍Share And Support😍 ➖@Xpykerz➖
5
20
From 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale #News Posted On 📆 : Fri, 10 J
From 17,000 to 1.1 Million Assets: How Lumen Technologies Rebuilt Exposure Management at Scale #News Posted On 📆 : Fri, 10 Jul 2026 17:09:40 +0530 Most enterprises assume their asset inventory is close enough to accurate. The evidence suggests otherwise. According to a survey of over 600 security leaders in the 2026 Axonius Actionability Report, only 45% of organizations consolidate their asset and exposure data into a single view, and every downstream security program inherits whatever the inventory gets wrong. Lumen Technologies, a 😍Share And Support😍 ➖@Xpykerz➖
4