ىـ Day 188
موقع DistroWatch لعشاق لينكس وتوزيعاته🐧
تخيلوا إنه موجود من 2001 (يعني 25 سنة) ويتحدث بشكل يومي
الموقع فكرته رهيبة:
✅اي توزيعة جديدة ينزل عنها أول بأول
✅ و يعلمك مبنية على إيش بالضبط
✅وفيه سجل لـ التحدي��ات عن وش تغير
و تقييمات الناس⭐
(تفاعلك يساعد غيرك)🤎
الرابط :
https://t.co/bYzj3Fd7ZE
و اتمنى من الله انكم استفدتم وعسى الله ينفع بنا جميعاً
🔒How to recover the PIN before first unlock? We found a new path and talked at #POC2025 and #QPSS26 .
📒Here is the detailed blog: https://t.co/NzVBvHUxJ7
Many companies are vulnerable to these attacks and it opens the gate to their entire local network. It's good to test your security from time to time
We've also covered different tools to monitor who's on your network
Ever wondered how HTTPS actually keeps your data safe?
Here’s what happens behind the scenes every time you visit a secure website
1️⃣ TCP Handshake – Your device and the server agree to communicate.
2️⃣ Certificate Check – The server proves its identity with a trusted certificate.
3️⃣ Key Exchange – Using asymmetric encryption, both sides create a secure session key.
4️⃣ Data Transmission – The connection switches to symmetric encryption for faster, private communication.
In short:
Asymmetric = secure key exchange
Symmetric = fast data encryption
A great month of bug hunting. @Bugcrowd
Reported multiple vulnerabilities across different programs, including:
• Information Disclosure
• Open Redirects
• Multiple XSS
More to come. 🎯
#BugBounty#CyberSecurity#InfoSec
The Header No One Was Watching: Leaking sensitive data (quitely) by sin99xx 🤯🔥
👨💻 sin99xx
🔗 https://t.co/L9iKSSpFFR
🔗 Join team 👉https://t.co/FeMz53HSN0
🚀 My First Bug Bounty: DOM-based XSS Discovery
After diving into web application security, I discovered a DOM-based
XSS vulnerability and successfully reported it
through responsible disclosure.
#HackerOne#BugBounty#WebSecurity#CyberSecurity#InfoSec
Three 0-Day Vulnerabilities in Adminer by Voorivex Team 🤯🔥
Pre-Auth RCE via MSSQL DSN Injection, Stored XSS via Rogue MySQL Server (CSP Nonce Bypass), and Authenticated RCE via SQLite VACUUM INTO
🔗 https://t.co/zWNu3nAHLR
Join team 👉 https://t.co/FeMz53HSN0
10-Year-Old RCE Found in Linux PDF Viewers 🤯🔥
CVE-2026-46529 affects XReader, Evince, and Atril, allowing code execution through a malicious PDF.
Huge find by N1et 👏
🔗 https://t.co/gf99UTM5fX
#CyberSecurity#Linux#RCE#CVE
Join team 👉https://t.co/FeMz53HSN0