Olivia
Online
BB
@Basi_cally
Do all lovers feel like they're inventing something?
BLR / HYD
Joined October 2009
767 Following
2.5K Followers
79.1K Posts
Workers of the hotel trying to make a living would be arrested but not the officers who turned a blind eye when illegal construction was going on.
I'm going mad, I'm losing my fucking mind
So an Indian investor has to pay tax on capital gains on govt bonds but a foreigner doesn't have to?
Waah 👏
@Kenn321705 I’ve never stolen an erection in my life.
Had seen somebody tweet "who would be good enough to replace him once he leaves?"
If you’ve ever applied for a Schengen visa, you deserve to get your pussy ate. What kind of humiliation ritual is this lmao.
Dharmendra Pradhan won’t resign because accountability is contagious. If he goes, Hardeep Singh Puri is next. Then Ashwini Vaishnaw. Then Nirmala Sitharaman. Pull one domino and the entire chain of manufactured invincibility comes crashing down.
One man eating an entire nation and still having citizens who defend these blood suckers is insane. Incredible india
be @ni5arga
→ 19 years old, from West Bengal, studied in Delhi for a few years
→ just finished his own Class 12 exams in 2026
→ calls himself a hobbyist cybersecurity researcher
→ says he is an engineer, not a hacker
→ built an OSINT engine, a stock-tracking TUI, a pastebin in Rust
→ once found bugs in FOSS United and disclosed them quietly
→ just another CBSE student watching his own board roll out a new digital marking system
then he opened the portal
→ CBSE moves Class 12 evaluation to On-Screen Marking, 1.8 million students affected
→ Nisarga sees the portal link is fully public, gets curious
→ opens DevTools, downloads the Angular JavaScript bundle
→ first vulnerability found in 30 minutes
→ a literal master password sitting in plain text inside the frontend code
→ enter it, the OTP field auto-fills, the entire login flow gets bypassed
→ OTP validation happens in the user's browser, not on the server
→ no route guards, every internal page reachable by editing browser storage
→ password reset API never checks the old password
→ systemic IDOR across the entire API, change one value in sessionStorage, become any examiner
→ outcome: take over any teacher account, view answer sheets, edit marks
25 February 2026. He reports everything to CERT-In the same day.
→ CERT-In asks for a screen recording, he sends a full walkthrough
→ acknowledgement comes back as a boilerplate reply
→ reference number assigned: CERTIn-16590126
→ he follows up multiple times. no response.
→ three months pass. portal still live. Class 12 results released. vulnerabilities still there.
→ 22 May: publishes the blog post and a thread on X
→ Deedy Das, Satish Acharya, Internet Freedom Foundation amplify it
→ the post goes viral
→ CBSE issues a clarification: that was just a test portal, no breach
→ the URL CBSE cited in their own tweet was not even a registered domain
→ a friend buys the domain and points it at Nisarga's blog
→ CBSE quietly deletes the tweet
then it gets worse
→ 25 May: finds an SQL injection vulnerability on the live production portal
→ reports to CERT-In, gets a one-line thank you
→ gains admin access to the live https://t.co/1WpmNGsczK server
→ portal stays up for four more hours
→ he uploads anime videos and memes, links them publicly from CBSE servers
→ plays a viral Japanese song on a CBSE page, makes the news for it
→ CBSE finally takes the whole portal down
then he reads the database
→ master table accessed: 10 GB, 9.3 million records
→ examiner names, addresses, school names, bank account details
→ passwords stored in plain text
→ login tokens anyone can paste into a browser to log in as that user
→ 31 May: finds a second live CBSE production portal, 45,074 records of failed payments
→ emails, phone numbers, payment IDs, order IDs, all readable
→ 31 May, the bigger one: an AWS S3 bucket is misconfigured
→ ListObjectsV2 works without authentication, the bucket root is listable
→ samples pulled from 18 lakh scanned 2026 answer sheets, every subject
→ multiple institutions sharing the same bucket
→ also notices something strange in the scans: bedsheets visible in the background of answer sheets CBSE paid for proper scanners to handle
CBSE responds
→ posts an AI-generated image saying the system is robust and secure
→ three days later admits some vulnerabilities existed and have been contained
→ refuses to name the cybersecurity firm doing the audit
→ claims they tried contacting him. he says they have not.
→ Internet Freedom Foundation writes to the Ministry of Education and CERT-In
→ asks for an investigation into CBSE, a review of the contract with vendor Coempt EduTeck, a full audit
→ he points out he could have sold this data and made a lot of money
→ he did not. he is a CBSE student too.
→ his own analogy: the door wasn't just unlocked. the key was lying on the ground in front of everyone.
a 19-year-old with a anima pff broke a national exam evaluation system in 30 minutes with browser developer tools and the government is still pretending it was a test environment
Just got done with my favourite humiliation ritual (Schengen visa application)
#France #Schengen #Visa form is online, and the form id is mapped to the appointment
Post submission in case of some mistake you cannot edit nor change details. You need to fill in a new form and submit.
VFS does have edit rights and can edit it at their end but they push you towards Premium Lounge + scare you with this can lead to rejection, as it's mapped to appointment etc.
Don't worry or fall for the same. France Embassy website clearly states you can submit the new form and let the old form remain in system etc.
Link: https://t.co/OJfHRenM6v
Savdhan Rahe Satark Rahe
Amistoso de Brasil vs Panamá. Las cámaras enfocan la tribuna. Y encuentran juntos a 3 cracks inesperados.
Los hinchas brasileros son los mejores.
Yesterday’s refereeing was one of the best I’ve seen in a long time.
For the first 15 minutes, the ref fell for Arsenal’s shenanigans: blowing a foul for every slight fall and every little touch. Then, all of a sudden, he clocked their dirty antics and took complete control of the game.
He stopped buying their silly theatrics: Mosquera time wasting, Havertz falling at every slight touch, Saka wasting time for the corner, Arteta touchline tantrums, Madueke diving. I can go on and on
Arsenal have become so used to getting away with this cunning stuff from Premier League refs that they seemed genuinely shocked when it didn’t work.
I’m glad the referee refused to be intimidated and stood his ground. That’s how you referee a final.
You might con your way to a Premier League title, but you can’t do it in the UCL. Either you play like real men or go home
Gabriel has cheated ALL season
He has bullied players,fouled them consistently & conned other teams out of goals & decisions all year
That Gabriel is the reason Arsenal did not win the Champions League is karma and is a victory for football
Karma is a bitch. As is Gabriel.
There were so many instances where the players of a certain team were falling on their own and trying to win free kicks yesterday but the referee wasn't getting fooled.
One of the best performances from the ref in recent times.
Horrifying testimony of Australian woman raped by the IOF:
'They wrenched my trousers and underwear down and it felt like I was inserted with a hand..it wasn't a gun...other people had guns inserted inside them.'
- Juliet Lamont, documentary filmmaker.
Gabriel tears?
There is a god
Terrible penalty
This is one of the worst matches I've watched
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers