🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Found an SSRF in Sliver C2 (CVE-2025-27090), allowing an attacker to read and write TCP traffic through affected teamservers. Demo shows leaking the IP of a Sliver teamserver hidden behind redirectors Writeup and PoC in replies

Also, big thanks to ACE Responder for their work on RogueSliver - it was massively helpful while writing the PoC. Do check it out: github.com/ACE-Responder/…

記憶の中の東京

Regarding the BlackBasta leaks: we haven't reviewed them in totality yet. It's quite a bit of messages in JSON format. It also has some Russian slang which makes it difficult to translate accurately. Thankfully there are some native Russian speakers who have made some interesting

BREAKING: BYBIT $1 BILLION HACK BOUNTY SOLVED BY ZACHXBT At 19:09 UTC today, ZachXBT submitted definitive proof that this attack on Bybit was performed by the LAZARUS GROUP. His submission included a detailed analysis of test transactions and connected wallets used ahead of

The Bybit hack has been exposed And Park Jin Hyok might be behind it. This is the story behind the biggest crypto heist ever🧵 (1/7)

Breaking Update on the ByBit Hack 🚨🚨🚨🚨 It has been confirmed that the Lazarus Group compromised Safe{Wallet}’s AWS S3 bucket and injected malicious javascript code that resulted in a $1,400,000,000 loss. If you report this to Safe, you might get a $500 bounty.

🇫🇷 Aujourd'hui, "on constate une innovation qui explose aux deux bords : par la haute technologie, mais aussi par la rusticité. Récemment, on a intercepté un drone en mer Rouge dont le réservoir était une simple bouteille d'eau minérale !" Chef d'état-major armée de l'Air et de l'Espace lefigaro.fr/international/…

THREAD : TikTok a mis en place 8 protections pour éviter de fuiter 750GB de données par jour sur leur appli. Je vais vous détailler comment contourner chacune de ces sécurités, et pourquoi j'ai besoin des données de plusieurs millions de créateurs de contenus.

NEW TOOL: Chirp Uses sound to transfer data between machines. Details and link below.

Chinese Great Firewall (website access blockade and. content filter for internet traffic) was leaking data! It's a fascinating discovery of security and privacy vulnerability in a large-scale technical censorship system. "Traffic with no relation to China could be leaked".

France 🇫🇷 : La Russie attaque la France🧵 Le Kremlin menace la France, que cela soit du feu nucléaire ou de l’extermination de son armée. Moscou multiplie la désinformation afin d'accroître les tensions afin de générer du chaos. Nous sommes à l’ère de la guerre hybride⤵️ 1/24

ESP32 “backdoor”? Not so fast. Yes, hidden HCI commands allow deep access to memory, flash, and Bluetooth internals. BUT: ❌ Not remotely exploitable via Bluetooth ❌ Not an OTA attack ✔ Requires wired HCI access ✔ Requires high privileges on controller It’s a

What a day!

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program securityaffairs.com/176608/securit…

CVE Program Stays Online as CISA Backs Temporary MITRE Extension hackread.com/cve-program-on…

🚨The LockBit onion site has been breached. Their database has been leaked, which includes Bitcoin wallet addresses, private keys, chat logs, and information on their affiliates. The hacker left a note “Don’t do crime, crime is bad xoxo from Prague”

#LockBit announcement

theregister.com/2025/05/11/cpu…

x.com/i/article/1928…