"Webmin 0day remote code execution" Tl;Dr: Lack of input validation in the reset password function allows RCE (CVE-2019-15107). Over 13 0000 vulnerable on Shodan. PoC: /password_reset.cgi user=root&pam&expired&old=wrong | id https://t.co/kYKfq8v6Bb

CVE-2025-23282 is going to debut tomorrow at @hexacon_fr in our talk "CUDA de Grâce" w/ @chompie1337, but you can try CVE-2025-23332 now! Tweetable Python PoC: ``` import fcntl fcntl.ioctl(open('/dev/nvidiactl'),218,0) ```

We're looking for a full stack Go dev in any of the US timezones, if you're interested please DM me. Position is remote with good benefits. A background in security is preferable.

New post: @RelayProtocol’s contracts trusted Ed25519 verification without validating offsets, opening the door to forged allocator signatures and potential double-spends. @_fel1x details the bug, the risks it posed to cross-chain liquidity, and how the issue was addressed.

Meet Aero, a stake pool designed to empower and uplift Solana ecosystem contributors. Here's everything you need to know. 🧵

Threat Contained: marginfi Flash Loan Vulnerability by @_fel1x A new instruction broke the flash loan logic, creating a way to borrow without repaying and putting $160M at risk. We explain the vulnerability, potential impact, and how it was fixed. Full post below ↓

Verifying myself: I am hg8 on https://t.co/qWEAexQHz8. EKch8vJv9Y1TmJ_7OC6xVP_ASNvHltHQVNu4 /

"The NPM account of the popular developer qix was compromised, leading to malicious versions being published for dozens of packages, including chalk, strip-ansi, and color-convert." Recommended read. Interesting payload. https://t.co/IVR0FpH9MP #SupplyChain

article here: https://t.co/lXKrrT3nlc

End of Season 8 🎉 #hackthebox

Here's my research about Python dirty Arbitrary File Write to RCE via overwriting shared object files or overwriting bytecode files. Enjoy! https://t.co/P3V2y0yGH9 #Research #WebAppSec

"CVE-2025-32463: sudo local privilege escalation via chroot option" An attacker can leverage sudo's -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file. Sudo versions 1.9.14 to 1.9.17 affected. https://t.co/CIlFVA1GF5 #infosec

"TensorFlow Remote Code Execution with Malicious Model" Old technique but good writeup https://t.co/cTVCoaAYhT #ctf #tensorflow #ai #infosec

"Code injection or backdoor: A new look at Ivanti’s CVE-2021-44529" https://t.co/s2PUVfIdKk

"What the I-Soon Leak Tells Us About WiFi Hacking" https://t.co/8I9MDt0Kxk

Last year I discovered multiple bugs in virtio-net for VirtualBox (CVE-2023-22098, CVE-2023-22099, CVE-2023-22100) and wrote a 100% reliable VM escape using an out-of-bounds write (with ASLR defeat). Published the exploit code:

"Reverse engineered an ESP32-based smart home device to gain remote control access and integrate it with Home Assistant." Great write-up. Recommended read. https://t.co/li5LoSqYgG

"CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive" Tl;Dr: "/goanywhere/images/..;/wizard/InitialAccountSetup.xhtml" unauthenticated leads to the setup page, allowing you to create a new admin account. https://t.co/R83RtAkMq2 #cve #poc #exploit

Got an ethical pentest for a kiosk-esque environment, but you're stuck in a browser? Have access to websites, but have a need to go deeper? Look no further! With https://t.co/gSWLVmmkVq you have access to tools that enable lateral enum, calculator://, file browsing, and more!

In December, in macOS Sonoma, Apple fixed 15 video decoding vulnerabilities I reported. This is how these issues were found:

Supply Chain Security: How the Figma security engineering team leveraged commit signatures and Okta Device Trust certificates to protect GitHub release branches. https://t.co/xRVlt7kpwT #supplychain