Login
You're viewing the mstdn.social public feed.

Replies

  • Apr 10, 2026, 5:59 PM

    @fellows
    Depends on the sandbox, I suppose.
    The vulnerability being exploited merely reads files like ntdll.dll to get version infromation. But the subsequent polling of a remote C2 host is a touch out of the ordinary. At least to me.

    💬 0🔄 0⭐ 0