Hackers' Pub

Syntax	Description	Examples
`"` keyword `"`	Finds the string within quotes, including spaces. Case-insensitive. (Escape quotes inside with `\"`)	`"Hackers' Pub"`
`from:` handle	Finds content written by the specified user.	`from:hongminhee` `from:hongminhee@hollo.social`
`lang:` ISO 639-1	Finds content written in the specified language.	`lang:en`
`#` tag	Finds content with the specified tag. Case-insensitive.	`#HackersPub`
condition condition	Finds content that satisfies both conditions on either side of the space (logical AND).	`"Hackers' Pub" lang:en`
condition `OR` condition	Finds content that satisfies at least one of the conditions on either side of the OR operator (logical OR).	`#HackersPub OR "Hackers' Pub" lang:en`
`(` condition `)`	Combines the operators within the parentheses first.	`(#HackersPub OR "Hackers' Pub" OR "Hackers Pub") lang:en`

Taggart @mttaggart@infosec.exchange

11/24/2025, 3:23:12 PM

Public

This attack uses web push notifications to send legit-looking alerts to users, sending them to phishing pages. The push notification API gives attackers significant visibility into the target's web browser.

Probably should have notifications disabled by default anyway.

https://www.blackfog.com/new-matrix-push-c2-deliver-malware/

New Matrix Push C2 Abuses Push Notifications to Deliver Malware | BlackFog

Investigating Matrix Push C2, using push notifications to deliver malware, run phishing campaigns, and steal data across platforms.

www.blackfog.com · BlackFog

If you have a fediverse account, you can quote this note from your own instance. Search https://infosec.exchange/users/mttaggart/statuses/115605359349090196 on your instance and quote it. (Note that quoting is not supported in Mastodon.)