Rey Bango
@reybango.bsky.social
Advocate for AI & Security | I hack into things sometimes. Opinions are mine. Fortis fortuna adiuvat. It's a good time to cause a little chaos.
Seeking video camera advice for content creation.
I've gotten back to creating tutorial & teaching videos on YouTube. Currently using a Brio MX but interested in the @elgato Facecam 4K. It looks to offer a lot more software features.
Has anyone used it & can give their thoughts?
I've gotten back to creating tutorial & teaching videos on YouTube. Currently using a Brio MX but interested in the @elgato Facecam 4K. It looks to offer a lot more software features.
Has anyone used it & can give their thoughts?
a man is standing in front of a microphone with the words `` help me '' written on it .
ALT: a man is standing in front of a microphone with the words `` help me '' written on it .
media.tenor.com
October 5, 2025 at 8:31 PM
Seeking video camera advice for content creation.
I've gotten back to creating tutorial & teaching videos on YouTube. Currently using a Brio MX but interested in the @elgato Facecam 4K. It looks to offer a lot more software features.
Has anyone used it & can give their thoughts?
I've gotten back to creating tutorial & teaching videos on YouTube. Currently using a Brio MX but interested in the @elgato Facecam 4K. It looks to offer a lot more software features.
Has anyone used it & can give their thoughts?
After getting a scam email saying someone tried to access my Twitter account, I decided to look into it a little. The first of many new videos to come as I work to share more information with the community.
youtu.be/IFy_96Dg__E?...
youtu.be/IFy_96Dg__E?...
Did I Just Fall for a Phishing Attempt?
YouTube video by Rey Bango
youtu.be
September 26, 2025 at 5:09 PM
After getting a scam email saying someone tried to access my Twitter account, I decided to look into it a little. The first of many new videos to come as I work to share more information with the community.
youtu.be/IFy_96Dg__E?...
youtu.be/IFy_96Dg__E?...
Reposted by Rey Bango
RubyGems & PyPI under attack:
🔸 60 fake RubyGems stole social media logins (275K+ downloads)
🔸 PyPI fakes hijacked crypto staking wallets
Both hide credential-stealing code in legit-looking packages. #CyberAlerts thehackernews.com/2025/08/ruby...
🔸 60 fake RubyGems stole social media logins (275K+ downloads)
🔸 PyPI fakes hijacked crypto staking wallets
Both hide credential-stealing code in legit-looking packages. #CyberAlerts thehackernews.com/2025/08/ruby...
RubyGems, PyPI Hit by Malicious Packages Stealing Credentials, Crypto, Forcing Security Changes
RubyGems and PyPI hit by credential-stealing packages targeting automation and crypto users, prompting new security rules.
thehackernews.com
August 8, 2025 at 9:30 PM
RubyGems & PyPI under attack:
🔸 60 fake RubyGems stole social media logins (275K+ downloads)
🔸 PyPI fakes hijacked crypto staking wallets
Both hide credential-stealing code in legit-looking packages. #CyberAlerts thehackernews.com/2025/08/ruby...
🔸 60 fake RubyGems stole social media logins (275K+ downloads)
🔸 PyPI fakes hijacked crypto staking wallets
Both hide credential-stealing code in legit-looking packages. #CyberAlerts thehackernews.com/2025/08/ruby...
Reposted by Rey Bango
August 7, 2025 at 11:09 PM
Picked up this very cool @crowdstrike.com t-shirt for my son and the action figure that goes with it. He’s going to love it.
August 6, 2025 at 10:40 PM
Picked up this very cool @crowdstrike.com t-shirt for my son and the action figure that goes with it. He’s going to love it.
@crowdstrike.com says they’re seeing threat actors are targeting GenAI workloads to try poison the models. The inherent trust being built as we continue to use AI systems will lead to threat actors becoming an insider threat.
August 6, 2025 at 6:43 PM
@crowdstrike.com says they’re seeing threat actors are targeting GenAI workloads to try poison the models. The inherent trust being built as we continue to use AI systems will lead to threat actors becoming an insider threat.
Walking back to my room I passed the Google Cloud Security party at Blackhat and it looked jumping. Almost considered social engineering my way in. 😈😈
August 6, 2025 at 2:16 AM
Walking back to my room I passed the Google Cloud Security party at Blackhat and it looked jumping. Almost considered social engineering my way in. 😈😈
Great analysis by @SentinelOne on a threat actor working out of Vietnam to target users in 62 countries.
Starts with a phishing campaign that leads to DLL sideloading of legitimate and signed software, including Office 2013, for persistence.
www.sentinelone.com/labs/ghost-i...
Starts with a phishing campaign that leads to DLL sideloading of legitimate and signed software, including Office 2013, for persistence.
www.sentinelone.com/labs/ghost-i...
Ghost in the Zip | New PXA Stealer and Its Telegram-Powered Ecosystem
PXA Stealer uses advanced evasion and Telegram C2 to steal global victim data, fueling a thriving cybercrime market.
www.sentinelone.com
August 5, 2025 at 4:46 PM
Great analysis by @SentinelOne on a threat actor working out of Vietnam to target users in 62 countries.
Starts with a phishing campaign that leads to DLL sideloading of legitimate and signed software, including Office 2013, for persistence.
www.sentinelone.com/labs/ghost-i...
Starts with a phishing campaign that leads to DLL sideloading of legitimate and signed software, including Office 2013, for persistence.
www.sentinelone.com/labs/ghost-i...
😂😂kerberoasting 4eva amirite @timmedin.bsky.social
August 5, 2025 at 4:02 PM
😂😂kerberoasting 4eva amirite @timmedin.bsky.social
Reposted by Rey Bango
Unfortunately @broadcom.bsky.social still hasn't fixed the VMWare Workstation update server link so be sure to upgrade to 17.6.4 to fix a security issue found at Berlin Pwn2own
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
VMware fixes four ESXi zero-day bugs exploited at Pwn2Own Berlin
VMware fixed four vulnerabilities in VMware ESXi, Workstation, Fusion, and Tools that were exploited as zero-days during the Pwn2Own Berlin 2025 hacking contest in May 2025.
www.bleepingcomputer.com
July 18, 2025 at 4:34 PM
Unfortunately @broadcom.bsky.social still hasn't fixed the VMWare Workstation update server link so be sure to upgrade to 17.6.4 to fix a security issue found at Berlin Pwn2own
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
Reposted by Rey Bango
"Wo unto you rich men, that will not give your substance to the poor, for your riches will canker your souls; and this shall be your lamentation in the day of visitation, and of judgment, and of indignation: The harvest is past, the summer is ended, and my soul is not saved!"
June 2, 2025 at 1:19 AM
"Wo unto you rich men, that will not give your substance to the poor, for your riches will canker your souls; and this shall be your lamentation in the day of visitation, and of judgment, and of indignation: The harvest is past, the summer is ended, and my soul is not saved!"
“This isn’t 'The Hunger Games’ for immigrants,” Worsoff told the newspaper
This absolutely disgusting and a pathetic way of taking advantage of immigrants by this producer.
www.nytimes.com/2025/05/16/u...
This absolutely disgusting and a pathetic way of taking advantage of immigrants by this producer.
www.nytimes.com/2025/05/16/u...
A Reality Show Where Immigrants Compete for U.S. Citizenship? D.H.S. Is Considering It.
www.nytimes.com
May 17, 2025 at 10:57 PM
“This isn’t 'The Hunger Games’ for immigrants,” Worsoff told the newspaper
This absolutely disgusting and a pathetic way of taking advantage of immigrants by this producer.
www.nytimes.com/2025/05/16/u...
This absolutely disgusting and a pathetic way of taking advantage of immigrants by this producer.
www.nytimes.com/2025/05/16/u...
When you play an internal CTF against 10 other teams and win! Booyah! 😈
a pixelated image of a little girl in a red coat
ALT: a pixelated image of a little girl in a red coat
media.tenor.com
May 7, 2025 at 10:46 PM
When you play an internal CTF against 10 other teams and win! Booyah! 😈
"Malicious VSCode extensions infect Windows with cryptominers"
A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
www.bleepingcomputer.com/news/securit...
A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
www.bleepingcomputer.com/news/securit...
Malicious VSCode extensions infect Windows with cryptominers
Nine VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
www.bleepingcomputer.com
April 10, 2025 at 9:04 PM
"Malicious VSCode extensions infect Windows with cryptominers"
A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
www.bleepingcomputer.com/news/securit...
A set of ten VSCode extensions on Microsoft's Visual Studio Code Marketplace pose as legitimate development tools while infecting users with the XMRig cryptominer for Monero.
www.bleepingcomputer.com/news/securit...
"Google and Mozilla on Tuesday announced the release of Chrome 135 and Firefox 137 to the stable channel with patches for nearly two dozen vulnerabilities, including high-severity memory safety bugs."
Time to update!
www.securityweek.com/chrome-135-f...
Time to update!
www.securityweek.com/chrome-135-f...
Chrome 135, Firefox 137 Patch High-Severity Vulnerabilities
Chrome 135 and Firefox 137 were released on Tuesday with fixes for several high-severity memory safety vulnerabilities.
www.securityweek.com
April 2, 2025 at 2:33 PM
"Google and Mozilla on Tuesday announced the release of Chrome 135 and Firefox 137 to the stable channel with patches for nearly two dozen vulnerabilities, including high-severity memory safety bugs."
Time to update!
www.securityweek.com/chrome-135-f...
Time to update!
www.securityweek.com/chrome-135-f...
"New Phishing Attack Combines Vishing and DLL Sideloading Techniques"
Initial access thru vishing on Teams, drop a signed TeamViewer binary and then DLL sideload that for persistent C2 access. I haven't seen JavaScript-based C2s. @hoodoer.bsky.social
www.infosecurity-magazine.com/news/phishin...
Initial access thru vishing on Teams, drop a signed TeamViewer binary and then DLL sideload that for persistent C2 access. I haven't seen JavaScript-based C2s. @hoodoer.bsky.social
www.infosecurity-magazine.com/news/phishin...
New Phishing Attack Combines Vishing and DLL Sideloading Techniques
A new attack targeting Microsoft Teams users used vishing, remote access tools and DLL sideloading to deploy a JavaScript backdoor
www.infosecurity-magazine.com
April 1, 2025 at 2:49 PM
"New Phishing Attack Combines Vishing and DLL Sideloading Techniques"
Initial access thru vishing on Teams, drop a signed TeamViewer binary and then DLL sideload that for persistent C2 access. I haven't seen JavaScript-based C2s. @hoodoer.bsky.social
www.infosecurity-magazine.com/news/phishin...
Initial access thru vishing on Teams, drop a signed TeamViewer binary and then DLL sideload that for persistent C2 access. I haven't seen JavaScript-based C2s. @hoodoer.bsky.social
www.infosecurity-magazine.com/news/phishin...
“Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service” by @GossiTheDog.cyberplace.social.ap.brid.gy
doublepulsar.com/oracle-attem...
doublepulsar.com/oracle-attem...
Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service
Being a provider of cloud SaaS (Software-as-a-service) solutions requires certain cybersecurity responsibilities — including being…
doublepulsar.com
April 1, 2025 at 1:18 PM
“Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service” by @GossiTheDog.cyberplace.social.ap.brid.gy
doublepulsar.com/oracle-attem...
doublepulsar.com/oracle-attem...
Nice find by @reversinglabs.com
"Malware found on npm infecting local package with reverse shell"
2 interesting packages were published on npm: ethers-provider2 & ethers-providerz. These were simple downloaders whose malicious payload was cleverly hidden
www.reversinglabs.com/blog/malicio...
"Malware found on npm infecting local package with reverse shell"
2 interesting packages were published on npm: ethers-provider2 & ethers-providerz. These were simple downloaders whose malicious payload was cleverly hidden
www.reversinglabs.com/blog/malicio...
Malware found on npm infecting local package with reverse shell
For the first time, RL researchers discover malicious locally-installed npm packages infecting other legitimate packages.
www.reversinglabs.com
March 26, 2025 at 2:48 PM
Nice find by @reversinglabs.com
"Malware found on npm infecting local package with reverse shell"
2 interesting packages were published on npm: ethers-provider2 & ethers-providerz. These were simple downloaders whose malicious payload was cleverly hidden
www.reversinglabs.com/blog/malicio...
"Malware found on npm infecting local package with reverse shell"
2 interesting packages were published on npm: ethers-provider2 & ethers-providerz. These were simple downloaders whose malicious payload was cleverly hidden
www.reversinglabs.com/blog/malicio...
