Log inSign up
Ax Sharma
3,628 posts
user avatar
Ax Sharma
@Ax_Sharma
Security Researcher | Tech Journalist | 📰 Bylines + seen on: BBC, BleepingComputer, Channel 5, TechCrunch | ✉️ [email protected]
🇨🇦🇬🇧
axsharma.com
Joined April 2016
1,399
Following
5,309
Followers
  • Pinned
    user avatar
    Ax Sharma
    @Ax_Sharma
    Nov 18, 2024
    Am also on 🦋BlueSky ⏬
    Ax Sharma (@axsharma.com)
    From bsky.app
    2.1K
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Apr 20, 2024
    A GitHub flaw lets attackers upload executables that appear to be hosted on a company's official repo, such as Microsoft's—without the repo owner knowing anything about it. The following URLs, for example, make it seem like these ZIPs are present on Microsoft's source code repo:
    792K
  • user avatar
    Ax Sharma
    @Ax_Sharma
    May 29, 2024
    A threat actor is now advising StackOverflow devs seeking debugging help to install a 'pytoileur' #Python package as a "solution" to their code troubles. 🛑DO NOT fall for this, it's a trap—the package has encoded code hidden on line 17 via whitespaces and infects Windows users
    186K
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Dec 21, 2022
    EXCLUSIVE: #Okta says its GitHub source code repositories were stolen this December in a 'confidential' security notification sent to 'security contacts' that include IT managers at various organizations.
    237K
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Oct 5, 2021
    🚨 Apache has disclosed an *actively exploited* Path traversal flaw in the #opensource "httpd" server. Over 112,000 exposed Apache servers run version 2.4.49, and should be upgraded now! New fix checks for encoded path traversal characters e.g. /../.%2E/ blog.sonatype.com/apache-servers…
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Jan 2, 2022
    Uber won't fix the vulnerability that lets anyone email as "Uber"—this isn't a spoofed email but sent from Uber via an exposed endpoint. Researcher @0x21SAFE states threat actors could abuse this to phish 57 million victims of the 2016 Uber data breach. bleepingcomputer.com/news/security/…
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Sep 15, 2021
    Anonymous altered the official knowledgebase of Epik after the alt-right web hosting provider denied that any breach had occurred. Epik has provided services for the Texas GOP, 8chan, Parler, and Gab, among others. arstechnica.com/information-te… #EpikFail
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Sep 28, 2021
    EXCLUSIVE: Newly discovered #Azure flaw lets attackers brute-force Active Directory credentials in an undetected manner. At this time, there's no way to easily block the endpoints used by Seamless SSO. #Microsoft seems to consider this a "design" choice.
    New Azure Active Directory password brute-forcing flaw has no fix
    From arstechnica.com
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Apr 20, 2024
    Replying to @Ax_Sharma
    Turns out, this flaw or a deliberate design choice has been known for a while too, but remains unresolved.
    GitHub comments abused to push malware via Microsoft repo URLs
    From bleepingcomputer.com
    49K
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Apr 20, 2024
    Replying to @Ax_Sharma
    GitHub calls these "anonymized URLs" but I'm not sure if that's accurate—considering they appear to be associated with a repo. By contrast, Discord CDN URLs to "attachments" are truly anonymized and look like: https://cdn.discordapp[.]com/attachments/XXXXX/XXXX/virus.exe
    59K
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Apr 4, 2023
    BREAKING: eFile[.]com, an IRS-authorized U.S. tax return software provider, was caught serving #JavaScript malware for weeks—as early as March 17th, and up until at least April 1st. bleepingcomputer.com/news/security/… h/t @malwrhunterteam @johullrich
    52K
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Mar 17, 2022
    Dev behind popular #npm library 'node-ipc' released sabotaged versions that DELETE all data of Russian/Belarusian users by overwriting their files with '❤️' bleepingcomputer.com/news/security/… #opensource
    BIG sabotage: Famous npm package deletes files to protest Ukraine war
    From bleepingcomputer.com
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Jan 1, 2023
    PyTorch reveals malicious dependency chain compromise between Dec 25th & 30th. The counterfeit 'tortchtrion' stole SSH keys, first 1000 files in $HOME, .gitconfig and other secrets. 2,300+ downloads seen so far on PyPI. Uninstall now 👇👇👇 bleepingcomputer.com/news/security/… #opensource
    PyTorch discloses malicious dependency chain compromise over holidays
    From bleepingcomputer.com
    68K
  • user avatar
    Ax Sharma
    @Ax_Sharma
    Mar 29, 2021
    BREAKING: #PHP Git server is the latest victim of a software supply chain attack in which attackers planted a remote code execution #backdoor in the PHP source code. PHP powers almost 8 out of 10 sites on the internet, making this upstream attack noteworthy. #opensource #git
    user avatar
    BleepingComputer
    @BleepinComputer
    Mar 29, 2021
    PHP's Git server hacked to add backdoors to PHP source code - @Ax_Sharma bleepingcomputer.com/news/security/…

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up