[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:a-well-known-initial-access-broker-is-selling-root-level-remote-code-execution-a-mnq4jkqg":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":12,"action_required":13,"article_ids":14,"ioc_summary":16,"source_urls":17,"status":19,"expires_at":20,"created_at":21,"updated_at":22,"articles":23},"683ead5e-c919-4f88-a7bf-99699b3d24d0","‼️🇺🇸 A well-known initial access broker is selling root-level remote code execution access to a...","a-well-known-initial-access-broker-is-selling-root-level-remote-code-execution-a-mnq4jkqg","An initial access broker is actively selling root-level RCE access to a compromised firewall at a major US aerospace and defense contractor ($20B+ valuation). The $1,000 price point indicates commodity-level access, suggesting multiple buyers may already have control. This represents direct compromise of critical infrastructure with immediate risk of lateral movement into defense supply chain networks.","critical","advisory",[],[],"Immediately hunt for indicators of compromise on all firewall management interfaces, VPNs, and network edge devices. Prioritize: review firewall logs for suspicious admin access, check for persistence mechanisms, audit all outbound connections from perimeter devices, and assume lateral movement has occurred until proven otherwise.",[15],"de62a997-751f-42f8-879a-769fa0a4bb22",null,[18],"https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2041678716590305560","archived","2026-04-10T14:09:00.77+00:00","2026-04-08T14:09:16.345889+00:00","2026-04-10T14:09:20.855454+00:00",[24],{"id":15,"title":6,"url":18}]