mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Server stats:

9.5K
active users

#scriptkiddies

0 posts0 participants0 posts today
Aral Balkan<p><span class="h-card" translate="no"><a href="https://social.anoxinon.de/@Codeberg" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Codeberg</span></a></span> In later issue titles (not shown) they’ve foregone the AI and just default to the same racial slur. (So you know what kind of lowlife scum are behind the attack.) It’s not just my repositories either so I wouldn’t visit Codeberg until this is dealt with if I were you unless you want to subject yourself to that crap. I’ll let you all know when it’s been dealt with.</p><p><a href="https://mastodon.ar.al/tags/codeberg" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>codeberg</span></a> <a href="https://mastodon.ar.al/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AI</span></a> <a href="https://mastodon.ar.al/tags/spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spam</span></a> <a href="https://mastodon.ar.al/tags/technofascism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>technofascism</span></a> <a href="https://mastodon.ar.al/tags/bigots" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bigots</span></a> <a href="https://mastodon.ar.al/tags/scriptKiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scriptKiddies</span></a></p>
Peter N. M. Hansteen<p>And following the result of the poll, here is the whole thing in the raw: <a href="https://nxdomain.no/~peter/bugbounty/20250401_ahmedraslanco@gmail.com_bugbounty_plz_drift@nuug.no.txt" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nxdomain.no/~peter/bugbounty/2</span><span class="invisible">0250401_ahmedraslanco@gmail.com_bugbounty_plz_drift@nuug.no.txt</span></a> <a href="https://mastodon.social/tags/bugbounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbounty</span></a> <a href="https://mastodon.social/tags/bugbunnies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbunnies</span></a> <a href="https://mastodon.social/tags/scriptkiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scriptkiddies</span></a> <a href="https://mastodon.social/tags/scammers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scammers</span></a> <a href="https://mastodon.social/tags/spammers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spammers</span></a> <a href="https://mastodon.social/tags/scambunnies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scambunnies</span></a></p>
Peter N. M. Hansteen<p>A message just inboxed here with</p><p>"To: undisclosed-recipients: ;<br>Subject: Request to Join Your Private Bug Bounty Program"</p><p>Should I put the entire message on display somewhere and post the link to the fediverse?</p><p><a href="https://mastodon.social/tags/scriptkiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scriptkiddies</span></a> <a href="https://mastodon.social/tags/bugbunnies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbunnies</span></a> <a href="https://mastodon.social/tags/bugbounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bugbounty</span></a> <a href="https://mastodon.social/tags/scammers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scammers</span></a> <a href="https://mastodon.social/tags/spammers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spammers</span></a> <a href="https://mastodon.social/tags/scambunnies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scambunnies</span></a></p>
Jordan (has moved)<p>Currently over 1k incoming IPs banned in the last 72 hours from my firewall for malicious activity. A new record - Winning! 😂</p><p><a href="https://fosstodon.org/tags/firewall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>firewall</span></a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://fosstodon.org/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hacking</span></a> <a href="https://fosstodon.org/tags/scriptkiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scriptkiddies</span></a> <a href="https://fosstodon.org/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>botnet</span></a> <a href="https://fosstodon.org/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> <a href="https://fosstodon.org/tags/wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wordpress</span></a> <a href="https://fosstodon.org/tags/lamers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lamers</span></a> <a href="https://fosstodon.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://fosstodon.org/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a></p>
Geekmaster 👽:system76:<p><a href="https://ioc.exchange/tags/BOLO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BOLO</span></a> Another <a href="https://ioc.exchange/tags/DarkAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DarkAI</span></a> chatbot has been born <a href="https://ioc.exchange/tags/GhostGPT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GhostGPT</span></a>. Similar to <a href="https://ioc.exchange/tags/WormGPT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WormGPT</span></a> I started discussing at my company over a year ago, it is an unrestricted AI with zero guardrails. DO NOT USE THESE CHATBOTS! THEY ARE DANGEROUS!</p><p>Expect another increase in <a href="https://ioc.exchange/tags/novel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>novel</span></a> <a href="https://ioc.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> and <a href="https://ioc.exchange/tags/scriptkiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scriptkiddies</span></a> "playing around".<br>&nbsp;<br><a href="https://www.darkreading.com/cloud-security/cyberattackers-ghostgpt-write-malicious-code" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">darkreading.com/cloud-security</span><span class="invisible">/cyberattackers-ghostgpt-write-malicious-code</span></a></p>
Anonymous 🐈️🐾☕🍵🏴🇵🇸 :af:<p>A threat actor targeted low-skilled hackers, known as " <a href="https://kolektiva.social/tags/scriptkiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scriptkiddies</span></a>, " with a fake malware builder that secretly infected them with a backdoor to steal data and take over computers. <br><a href="https://kolektiva.social/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://kolektiva.social/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberAttacks</span></a> <br><a href="https://www.bleepingcomputer.com/news/security/hacker-infects-18-000-script-kiddies-with-fake-malware-builder/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/hacker-infects-18-000-script-kiddies-with-fake-malware-builder/</span></a></p>
Pyrzout :vm:<p>Hackers Use XWorm RAT to Exploit Script Kiddies, Pwning 18,000 Devices – Source:hackread.com <a href="https://ciso2ciso.com/hackers-use-xworm-rat-to-exploit-script-kiddies-pwning-18000-devices-sourcehackread-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/hackers-use-xwor</span><span class="invisible">m-rat-to-exploit-script-kiddies-pwning-18000-devices-sourcehackread-com/</span></a> <a href="https://social.skynetcloud.site/tags/1CyberSecurityNewsPost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>1CyberSecurityNewsPost</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/ScriptKiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ScriptKiddies</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberAttacks</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberAttack</span></a> <a href="https://social.skynetcloud.site/tags/Hackread" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hackread</span></a> <a href="https://social.skynetcloud.site/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://social.skynetcloud.site/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://social.skynetcloud.site/tags/trojan" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>trojan</span></a> <a href="https://social.skynetcloud.site/tags/XWorm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XWorm</span></a> <a href="https://social.skynetcloud.site/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a> <a href="https://social.skynetcloud.site/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RAT</span></a></p>
Pyrzout :vm:<p>Hackers Use XWorm RAT to Exploit Script Kiddies, Pwning 18,000 Devices <a href="https://hackread.com/hackers-script-kiddes-xworm-rat-compromise-devices/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/hackers-script-ki</span><span class="invisible">ddes-xworm-rat-compromise-devices/</span></a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/ScriptKiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ScriptKiddies</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberAttacks</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberAttack</span></a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.skynetcloud.site/tags/TROJAN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TROJAN</span></a> <a href="https://social.skynetcloud.site/tags/XWorm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>XWorm</span></a> <a href="https://social.skynetcloud.site/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Scam</span></a> <a href="https://social.skynetcloud.site/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RAT</span></a></p>
FinchHaven infosec<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@malwaretech" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>malwaretech</span></a></span> </p><p>"Someone has been flooding Bluesky with bots that use ChatGPT to respond to random posts, disagreeing with whatever the author says in a polite but annoying way."</p><p>A script kiddie (remember them?) coding project would be my first guess</p><p><a href="https://infosec.exchange/tags/Bluesky" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Bluesky</span></a> <a href="https://infosec.exchange/tags/ChatGPT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ChatGPT</span></a> <a href="https://infosec.exchange/tags/ScriptKiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ScriptKiddies</span></a></p>
Jordan (has moved)<p>Looks like a tenant of "Ace Data Centers" in Orem, Utah *really* doesn't like the subj.am servers. They tried real hard though 😂</p><p><a href="https://fosstodon.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://fosstodon.org/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>selfhosted</span></a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://fosstodon.org/tags/firewall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>firewall</span></a> <a href="https://fosstodon.org/tags/scriptkiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scriptkiddies</span></a> <a href="https://fosstodon.org/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://fosstodon.org/tags/haproxy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>haproxy</span></a> <a href="https://fosstodon.org/tags/fail2ban" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fail2ban</span></a> <a href="https://fosstodon.org/tags/subjam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>subjam</span></a> <a href="https://fosstodon.org/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://fosstodon.org/tags/botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>botnet</span></a> <a href="https://fosstodon.org/tags/hackers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hackers</span></a> <a href="https://fosstodon.org/tags/crackers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>crackers</span></a></p>
Jordan (has moved)<p>I see these URL attempts hit my servers multiple times a day. They're being used in web scanner scripts.</p><p>Don't store site backups in webroot at all, but if you do, definitely don't use these locations as they'll likely be found in a day or two max by the kiddies. And if, for some reason you have to (are these used in common software?), do lock permissions down so the web server user can't access them.</p><p><a href="https://fosstodon.org/tags/website" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>website</span></a> <a href="https://fosstodon.org/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://fosstodon.org/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Vulnerability</span></a> <a href="https://fosstodon.org/tags/scriptkiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scriptkiddies</span></a> <a href="https://fosstodon.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://fosstodon.org/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SelfHosting</span></a></p>
Xavier Mertens 🇧🇪<p>Some attackers look like <a href="https://infosec.exchange/tags/scriptkiddies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scriptkiddies</span></a> and need a GUI 😆 <a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ransomware</span></a></p>

I think a script kiddy made a really bizarre mistake in their script.

I've got requests hitting my server that include `%ADd+allow_url_include=1` in the query string.

Now, `-d allow_url_include=1` would set an INI value in PHP when calling the interpreter. But you might want to hide the obvious `-d` switch. So you URL encode it, right?

Only they've used the "shy hyphen" (U+00AD) that is normally invisible rather than a regular hyphen (U+002D)! 🤦

Mastodon Has A Serious SPAM Problem

"Over the past week or so there has been a serious spam problem hitting mastodon and rest of the fediverse especially misskey over on the japanese side of things and the story behind it is absolutely wild."

youtube.com/watch?v=_KCwq9e-H5

#Mastodon #Fediverse #Lemmy #spam #skid #scriptKiddies #DoS #security #openSocialNetworking #misskey #BrodieRobertson #YouTube

PS: if you like Brodie's content, he can also be found on Mastodon: @BrodieOnLinux