Leviathan (@leviathan_hell) 's Twitter Profile
Leviathan

@leviathan_hell

Security 🎩

ID: 1508540164297175042

calendar_today28-03-2022 20:23:35

85 Tweet

164 Followers

2,2K Following

Crocodyli (@crocodylii) 's Twitter Profile Photo

After 261 days. CVE-2023-29360 was made "exploitable" by actors seeking to gain privileges in the operating system. There is already a PoC for use.

Hunter (@huntermapping) 's Twitter Profile Photo

🚨Alert🚨CVE-2024-21899 (CVSS 9.8): Critical QNAP Flaw opens the door to Hackers ⚠An improper authentication vulnerability has been reported to affect several QNAP operating system versions. It could allow attackers to slither into your NAS without a username or password. 📊

🚨Alert🚨CVE-2024-21899 (CVSS 9.8): Critical QNAP Flaw opens the door to Hackers
⚠An improper authentication vulnerability has been reported to affect several QNAP operating system versions. It could allow attackers to slither into your NAS without a username or password.
📊
ANY.RUN (@anyrun_app) 's Twitter Profile Photo

#FakeJami 🔺 (T1218.005) Adversaries use mshta.exe to run malicious .hta files and scripts by exploiting a trusted Windows utility. Various threats employ mshta.exe for initial compromise and code execution. 🔺 (T1027.004) Adversaries can obfuscate #payloads by delivering

#FakeJami

🔺  (T1218.005) Adversaries use mshta.exe to run malicious .hta files and scripts by exploiting a trusted Windows utility. Various threats employ mshta.exe for initial compromise and code execution.

🔺 (T1027.004) Adversaries can obfuscate #payloads by delivering
Kali Linux (@kalilinux) 's Twitter Profile Photo

The xz package, starting from version 5.6.0 to 5.6.1, was found to contain a backdoor. The impact of this vulnerability affected Kali between March 26th to March 29th. If you updated your Kali installation on or after March 26th, it is crucial to apply the latest updates today.

vx-underground (@vxunderground) 's Twitter Profile Photo

The xz situation is absolutely insane and almost certainly state sponsored. This is an excellent example of a widely used software being maintained by basically one person. Read this web article and then frown and become sad. boehs.org/node/everythin…

vx-underground (@vxunderground) 's Twitter Profile Photo

Hello, how are you? Next week we have hundreds of malware reverse engineering papers to add, some malware development papers, and thousands of malware samples. But, today is the day of rest. We will see all of you on Monday Please don't do anything crazy. Love you

H2HC (@h2hconference) 's Twitter Profile Photo

Are you, like us, anxiously waiting for the new Phrack Zine release this week? Cant you wait to read something? Well, meanwhile enjoy a couple of articles from H2HC magazine, special online release: github.com/h2hconference/… Gabriel Negreira Barbosa Rodrigo Branco Pawel Wieczorkiewicz

Robel Campbell (@robelcampbell) 's Twitter Profile Photo

Regarding CVE-2024-38063 IPV6 RCE in Windows... After reading RFCs about optional headers in IPv6 packets, I managed to create POC to cause a crash. The bug check in this case isn't too detailed, but essentially the underflow creates a large value used in a loop which eventually

Regarding CVE-2024-38063 IPV6 RCE in Windows...

After reading RFCs about optional headers in IPv6 packets, I managed to create POC to cause a crash. The bug check in this case isn't too detailed, but essentially the underflow creates a large value used in a loop which eventually
Phrack Zine (@phrack) 's Twitter Profile Photo

The time has come, and with it your reading material for the week. Phrack #71 is officially released ONLINE! Let us know what you think! phrack.org/issues/71/1.ht…

The time has come, and with it your reading material for the week.

Phrack #71 is officially released ONLINE! Let us know what you think!

phrack.org/issues/71/1.ht…
Clandestine (@akaclandestine) 's Twitter Profile Photo

GitHub - nil0x42/phpsploit: Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor github.com/nil0x42/phpspl…

Rishi (@rxerium) 's Twitter Profile Photo

🚨 Critical zero-day tagged as CVE-2025-61882 (CVSS 9.8) affecting Oracle E-Business Suite I've created a vulnerability detection script here: github.com/rxerium/CVE-20… This vulnerability is remotely exploitable without authentication. Patches are available as per Oracle's

🚨 Critical zero-day tagged as CVE-2025-61882 (CVSS 9.8) affecting Oracle E-Business Suite

I've created a vulnerability detection script here:
github.com/rxerium/CVE-20…

This vulnerability is remotely exploitable without authentication.

Patches are available as per Oracle's