So for my my fellow Arch linux users, as some AUR pkg have been compromised.
https://github.com/PicasoTheDeal/AUR-scanner
Here is my github repo for you to check if you have installed any of the npm atomic pkg or not and if the PKGBUILD have been affected
https://github.com/PicasoTheDeal/AUR-scanner
Here is my github repo for you to check if you have installed any of the npm atomic pkg or not and if the PKGBUILD have been affected
I think I know why my subscribers are not increasing that much, you all have some thing known as:
*(I named it)
It's a disease where you guys translate any link or app or even hello world code, into smthing I would use to hack you or put a backdoor or smth, I mean you are right to be paranoid and not trust someone online, the solution you check the link, but this happens only when they know you are into cyber security. And mainly why would I warn you if I am gonna hack you man.
MIS made you guys think what ever I send no matter what I send It's malicious, no matter how many proof I have. Maybe I will hide my cyber security stuff until atleast I reach 159 subs I guess.
⚠️ Please if you have any symptoms that shows you have MIS please go and watch a youtube video about it, or ask your AI.
Specially you Fuad, pandz.
Malware Illusion Syndrome (MIS)
*(I named it)
It's a disease where you guys translate any link or app or even hello world code, into smthing I would use to hack you or put a backdoor or smth, I mean you are right to be paranoid and not trust someone online, the solution you check the link, but this happens only when they know you are into cyber security. And mainly why would I warn you if I am gonna hack you man.
MIS made you guys think what ever I send no matter what I send It's malicious, no matter how many proof I have. Maybe I will hide my cyber security stuff until atleast I reach 159 subs I guess.
⚠️ Please if you have any symptoms that shows you have MIS please go and watch a youtube video about it, or ask your AI.
Specially you Fuad, pandz.
❤2😁2👍1🔥1🤣1
👾 Tetstack👾
I think I know why my subscribers are not increasing that much, you all have some thing known as: Malware Illusion Syndrome (MIS) *(I named it) It's a disease where you guys translate any link or app or even hello world code, into smthing I would use to…
You all have Malware Illusion Syndrome (MIS)
😭1
👾 Tetstack👾
So for my my fellow Arch linux users, as some AUR pkg have been compromised. https://github.com/PicasoTheDeal/AUR-scanner Here is my github repo for you to check if you have installed any of the npm atomic pkg or not and if the PKGBUILD have been affected
Thanks to one of my friends for testing it the tool actually works so if you still have Malware Illusion Syndrome (MIS). Check the source code. And can I get stars 🌟. If you guys like it.
🔥2
I forgot I had physics and chemistry final exam today. I mean the whole book is coming but mehhh I will just revise it when I go there lol.
😁1🙏1
👾 Tetstack👾
I forgot I had physics and chemistry final exam today. I mean the whole book is coming but mehhh I will just revise it when I go there lol.
This media is not supported in your browser
VIEW IN TELEGRAM
why is my portfolio cloned more than the AUR-threat-mitigator. You guys and MIS ...
Oh yeah the link has been changed too lol:
https://github.com/PicasoTheDeal/AUR-scannerGitHub
GitHub - PicasoTheDeal/AUR-scanner: A minimal, zero-dependency Python utility to audit local AUR packages and system artifacts…
A minimal, zero-dependency Python utility to audit local AUR packages and system artifacts against Sonatype and SafeDep threat intelligence feeds for the Atomic Arch malicious campaign. - PicasoThe...
👾 Tetstack👾
Just finished class today, atlast.
This media is not supported in your browser
VIEW IN TELEGRAM
So today's advice will be.
Advice 3:
Stop assuming a link or a webpage is safe just because your antivirus or a VirusTotal scan gave it a clean green checkmark. Out-of-the-box browser tools like stock BeEF get absolutely smoked by modern security engines today.
But here is the real catch: custom-coded, private variants slip right past defenses. High-tier threat actors and spyware groups cook up their own hidden JavaScript hooks from scratch that look exactly like harmless tracking pixels or standard site analytics. To your privacy extensions and local EDR, it looks like normal web traffic—but the exact second you load the page, you are silently being fingerprinted and sized up.
What gets compromised:
Your active browser session tokens, tab data, exact device specs, and potentially your entire OS if they chain it with a nasty exploit.
How it gets weaponized:
Attackers execute what’s known as a Watering Hole attack. They don’t even send you a sketchy link; they quietly hijack a 100% legit, highly trusted website that you use every single day, injecting their custom code directly into the backend. Advanced groups have been caught doing this on trusted sites to drop zero-day exploits directly into Chrome's V8 engine. The moment a target opened that normal-looking site, the exploit shattered the browser sandbox and manipulated memory—zero downloads, zero fake popups, completely invisible.
Conclusion:
No matter how legit a site looks on the surface, never assume the backend hasn't been secretly backdoored. Scanners will not save you from a custom-made setup. Treat your browser as a hostile perimeter: update your stuff the exact second a patch drops, and never mistake a familiar website layout for guaranteed safety.
Advice 3:
Stop assuming a link or a webpage is safe just because your antivirus or a VirusTotal scan gave it a clean green checkmark. Out-of-the-box browser tools like stock BeEF get absolutely smoked by modern security engines today.
But here is the real catch: custom-coded, private variants slip right past defenses. High-tier threat actors and spyware groups cook up their own hidden JavaScript hooks from scratch that look exactly like harmless tracking pixels or standard site analytics. To your privacy extensions and local EDR, it looks like normal web traffic—but the exact second you load the page, you are silently being fingerprinted and sized up.
What gets compromised:
Your active browser session tokens, tab data, exact device specs, and potentially your entire OS if they chain it with a nasty exploit.
How it gets weaponized:
Attackers execute what’s known as a Watering Hole attack. They don’t even send you a sketchy link; they quietly hijack a 100% legit, highly trusted website that you use every single day, injecting their custom code directly into the backend. Advanced groups have been caught doing this on trusted sites to drop zero-day exploits directly into Chrome's V8 engine. The moment a target opened that normal-looking site, the exploit shattered the browser sandbox and manipulated memory—zero downloads, zero fake popups, completely invisible.
Conclusion:
No matter how legit a site looks on the surface, never assume the backend hasn't been secretly backdoored. Scanners will not save you from a custom-made setup. Treat your browser as a hostile perimeter: update your stuff the exact second a patch drops, and never mistake a familiar website layout for guaranteed safety.
👾 Tetstack👾
So today's advice will be. Advice 3: Stop assuming a link or a webpage is safe just because your antivirus or a VirusTotal scan gave it a clean green checkmark. Out-of-the-box browser tools like stock BeEF get absolutely smoked by modern security engines…
Talk about a reason to stop using the internet fully.
👾 Tetstack👾
So today's advice will be. Advice 3: Stop assuming a link or a webpage is safe just because your antivirus or a VirusTotal scan gave it a clean green checkmark. Out-of-the-box browser tools like stock BeEF get absolutely smoked by modern security engines…
BeEF is already 20 years so, you just panic and hope for the best, the targets look like politicians journalist but this doesn't mean you will touch that link 😉. So take care or stop using the internet lol.