We are excited to announce the launch of our latest project: https://t.co/eU7leJu9DQ. The inception of this project was sparked by the emergence of the BlackLotus bootkit. Bootloaders/kits - a subject I had never delved into before. My explorations into bootloaders and bootkits

Looks interesting. Mouse without borders. https://t.co/lzuCMmqWtJ

The latest msInvader released @BlackHatEvents simulates Storm-2372 post-compromise techniques and introduces Azure attack paths like Key Vault lateral movement. Turn realistic attack telemetry into better detections Check it out ! 📺 https://t.co/OjleJuQZ9q #EntraID #Azure #M365

Vendors realizing customers now know their data is being monitored by the EDR/MDR/XDR/NDR service they bought:

All out of coffee today. What we drinking?

Relive HOOD Summit '25: Enter the Mainframe. Watch the livestream now: https://t.co/cLhiCw7bpH

Actor mass exploiting CVE-2025-31324 (SAP Netweaver RCE) from 45.15.140.117 ( Pq Hosting Plus S.r.l. ) 🇳🇿 VirusTotal Detections: 0/94 🟢 Payload contains an obfuscated webshell 📷

Lua: still pulling strings behind the scenes in gaming. • Chrollo - Lua script hook for Garry’s Mod; lets you capture/edit scripts on the fly. https://t.co/RNIFJ3xkZr • Script-Enforcer Bypass - Patch that re-enables lua_openscript_cl, running scripts undetected.

Quantum Cloud-native Zero-trust Elastic Autonomous Multiverse Blockchain Neural Synergistic DeFi LLM

Also wow that is crazy

💀 lol

Polymorphic AI agentic Blockchain LLM

Make America Fentanyl Free supports President Trump’s efforts to end the fentanyl crisis.

Lua: Watching Since the Beginning. 🌙👁️ 2024–2025 reminded us that Lua isn’t just nostalgia: Redis - CVE-2024-46981 & CVE-2024-31449 let authenticated users abuse the embedded Lua VM for RCE. 📎 https://t.co/MflCE2Mseh OpenWrt LuCI - CVE-2024-51240 turned a Lua-driven web UI

While I’m frantically debugging last issues of the upcoming @DefusedCyber Research tier, a sneak peak from the cutting room floor showcasing some new features: - live mode - exploit tracking - new and more broad detection capabilities and vulnerability tagging almost ready to

iykyk

Lua: still stealthy, still relevant. In 2025, we saw Line Runner - a Lua webshell embedded in Cisco ASA firewalls by the ArcaneDoor crew, executed via WebVPN customization (CVE-2024-20359) to run arbitrary Lua tasks. https://t.co/UQZeZPVkyd And remember 2024? Gamers chasing

AppLocker can be your best friend or your worst enemy. If you use broad path rules, permissive publisher rules, or allow “Everyone”… Might as well not even use AppLocker 👉Audit your rules with AppLocker Inspector https://t.co/MVFz0PS0qx

My job is done here. :)

We hired Care Bears to run the 5050 AI Safety incubator. They went all in.

People forget sometimes how old skool the power of Lua really is. 🌙💻 Back in 2012, researchers dissected Flame - one of the most sophisticated cyber-espionage tools ever discovered. 🕵️🔥 It wasn’t just massive in size (20MB+ modular framework) or sneaky in capability

Everyone’s hyped on the first "AI-powered ransomware" 📰🤖 (PromptLock)… but no one’s talking about the real cosmic truth: it was LUA-powered. 🐪✨ LLMs may be the headline… but Lua is the engine running beneath the machine. The hidden script of creation strikes again. 🔮💻Ω

I hope you all know how restrained I am…. Daily…. From posting about Lua lol

Top things I learned while analyzing fake CAPTCHA sites 🧩🔍 1️⃣ You can build a page in under 100 lines of HTML/JS that quietly drops commands into the clipboard 🖱️📋 2️⃣ Most security layers focus on network traffic 🌐 …but these tricks live in the presentation layer 🎭 3️⃣