Olivia
Online
Chackal (Esdras DAGO)
@Chackal__
"Vulnerability researcher" doing Bug Bounty on free time ( Also doing some Reverse on many targets but find no vuln 😒
Limoges, France
Joined March 2018
974 Following
1.3K Followers
2.3K Posts
Pinned Tweet
Had the chance to be part of a great Live Hacking Event organised by @yeswehack
Amazing event where I had the chance to collaborate & discuss with other skilled hunters
big s/o to @myst404_ with his incredible recon game that helped us shoot the first critical vuln of the event
Dang! that was fast as usual!
OffensiveCon 2026 talks: https://t.co/Y0kDcMgAa2
/goal find access control bugs on this SaaS.
Claude: testing access control by purchasing a special 100€ access. OMG, it works without paying
Me: No no no you used my card to pay, it wasn't free ...
Claude: oops sorry, I misplay
Claude is great but fucking dumb sometimes, I'm talking about it in the new article:
https://t.co/WrcRfLdhcF
I'm never buying a calculator from the UK again 😭
Who to follow
Kaluche 
@kaluche_
Red Team 🎯 at @QuarksLab | Windows & Active Directory 💗 | @BreizhCTF co-founder 🚩
BreizhCTF 2026
@BreizhCTF
#CTF 100% beurre salé.
Ouvert à tous, mais les places sont très prisées !
#BreizhCTF2026
Discord ➡️ https://t.co/MAZ16Vd6kg
Geluchat
@Geluchat
Baptiste Devigne | Bug Bounty Hunter | Most Impactful Team H1-0131 (AWS) | Eradicator H1-6102 (Salesforce)
everyone, i need your help, anyone can hook us up with the "ESXi version 9.1.0.0"?
your RT is really appreciated, this is Urgent AF.
wtf. the tanstack attack just went live.
we flagged this exact chain 25 days ago. april 16. All Depi clients were alerted.
if you're using @tan_stack check your manifest files right now 1.166.12, 1.166.15, 1.169.5, 1.169.8 are malicious. clean your cache. rebuild.
I had to change plans - I likely won't be able to attend #OffensiveCon 2026 in Berlin. I have a ticket available for sale + even a hotel reservation near the venue that may possibly be transferred to your name. DM me if interested 🙏
@_mccaulay That's sad but at least you got an answer. We (with a friend) found 2 entries but 1 got fixed so we submitted only one entry and received no response.
@ryotkak Thanks for the feedback.
I’d be curious to know what category your entries were in. I feel like they have limited spots per category, and some fill up super fast (Like AI coding agent and Local inference server).
🔐 Releasing LUKSbox: encrypted vaults that survive the next decade.
Drop sensitive files on any cloud or USB. The provider gets one random-looking blob they can't read, even under subpoena.
✅ FIDO2 (YubiKey, Titan, Nitrokey, Windows Hello)
✅ TPM 2.0 keyslots
✅ Post-quantum hybrid (ML-KEM-768/1024 - FIPS 203)
✅ Detached header → zero metadata on the container
✅ Linux / macOS / Windows
✅ Rust, Apache-2.0, 30M+ fuzz iterations
v0.1.0 is out!
👉 https://t.co/ZtlL2ygPFx
#infosec #encryption #postquantum #FIDO2 #rust #opensource #cryptography #penthertz
Coinbase’s CEO lays off a ton of employees and says:
“Non-technical teams are now pushing code to production with AI”
less than 24 hours later:
coinbase’s trading engine goes down and somehow even the status page breaks too
Create a folder called (calc). Shift+Right click « Open PowerShell Window here » and boom you have a command injection.
@podalirius_ found two command injection vulnerabilities in Windows Explorer's context menus, both exploitable since 9 years. https://t.co/LNNTpKeDnJ
👇👇👇
@frycos @VinchinSoftware Im afraid they are not very interesting in vulnerability discourse and stuff.
(Shameless plug) I wrote this https://t.co/EftiRy20Ni based on what @Chocapikk_ found
"we had a good thing, you stupid son of a bitch! we had Lows. we had Mediums. we had renderer RCE bonuses, and it all ran like clockwork! you could have shut your mouth, let your fuzzers run, and made as much money as you ever needed! it was perfect! but no, you just HAD to go and flood the team with your AI-hallucinated slop reports"
Running a Figma plugin is enough to land cross-platform zero-click RCE on Figma Desktop...
Read the writeup on the Critical Research Lab https://t.co/16w1iiWEmF
And thanks @Dav3nn for the incredible post, what an amazing chain! =)
We are back! Hope the bug will survive! Still looking for additional leads too.
#p2o
Q: Is RPC in scope?
A: No. RPC is not in scope.
Well !(not see you in Berlin)
Q: Is RPC in scope?
A: No. RPC is not in scope.
Well !(not see you in Berlin)
Last Seen Users on Sotwe
Angela
paahcantekk
Seen from Malaysia
Asia_nicoleatl
Seen from Oman
Glory Holes / Public / Cruising - Gay & Bi
Seen from Spain
kashmiri larki
Seen from Egypt
Sex Korea
Seen from Turkey
U g h t e a Ngeunah
Seen from Indonesia
medo
Seen from Egypt
dhaiaixbd
Seen from Canada
Miss Medusa 👩🏻💻✨Prime
Seen from Turkey
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers