Olivia
Online
Pinned Tweet
THIS is how you learn. It’s one thing to read books about hacking, and it’s quite another thing to learn by doing. This right here 👇 is how you learn by doing.
🚨 We've released a 4th network room
After all that enumeration, we are finally ready to start exploitation of the TryHackMe domain!
Exploits in store:
🔴 ACL exploits
🔴 Kerberos Delegation
🔴 AD Certificates, Golden Tickets & many more!
https://t.co/oRbJYWVbvz
Yeah, so pretty much this guy is releasing an exploit in solidarity with Nightmare Eclipse guy. He said he notified GitHub about the exploit 60 minutes before releasing this paper.
I don't do web stuff, and I'm not a VSCode nerd, so I'm confused by the underlying technologies.
If you're a stinky GitHub and VSCode nerd maybe you'll understand.
tl;dr click github dev, github dev opens editor, in github dev editor have javascript, javascript does shortcuts automatically. github treats javascript shortcuts as real human input, or something. use javascript shortcut stuff to automatically install vscode extension. the vscode extension steals your data
tl;dr tl;dr user clicks 1 link, 1 click steals all data from your github
https://t.co/uh17usZeEH
@anton_chuvakin “Of course I know SIEM… and he doesn’t like you!”
@lennyzeltser I’ve played around with this. It’s quite easy to set up, and cheap to use.
Who to follow
Sean Metcalf 
@PyroTek3
Identity Security Architect @ TrustedSec. Microsoft Certified Master #ActiveDirectory & former Microsoft MVP. Co-Host @ Enterprise Security Weekly. He/Him. #BLM
𝙽𝙴𝚃𝚁𝙴𝚂𝙴𝙲
@netresec
Creators of #NetworkMiner, #CapLoader, #PolarProxy, #FlowCarp and #RawCap.
https://t.co/CZliuI7uGK
https://t.co/vC5XlufvIJ
Tom Brennan
@brennantom
Founder & Managing Principal | Managed Cyber Risk Reduction for Regulated Organizations | SDVOSB https://t.co/VUUPOr8zts
@mattjay MATT!!! That’s awesome!! Some day you gotta go to Maui and go explore the ocean there. If you can, investigate when the whales are active. I can’t tell you how amazing it is to hear whales talking in all directions around you. It’s beautiful
I feel like this isn’t getting the attention it should. We shall see towards the end of June.
🖥️Monitoring Secure Boot Certificates with KQL
Windows devices that rely on Secure Boot certificates issued in 2011 will reach their expiration in June 2026. The clock is ticking — defenders need to act now to avoid surprises when certificates lapse.
With the KQL query below, you can quickly identify your fleet of Microsoft Defender for Endpoint (MDE) devices whose Secure Boot certificates are set to expire, giving you visibility and time to plan remediation before the deadline hits.
DeviceTvmSecureConfigurationAssessmentKB
| where ConfigurationName == @"Ensure devices are updated to Secure Boot 2023 certificates and boot manager"
| join DeviceTvmSecureConfigurationAssessment on ConfigurationId
| where IsCompliant == false
#Cybersecurity #DefenderXDR #SecureBootCertificates
@infosec_fox https://t.co/WP0U4kVdAa
Saw CVE-2026-41096 pop up on X and the description immediately caught my attention: a heap overflow in the Windows DNS client, triggered by a single UDP response. No interaction, no auth. I wanted to understand how it works, so I pulled the DLLs and started digging.
@HackingDave Go to the year 65535 💻 🤓
This album. That’s all. Just go listen to it. Mmkay?
PoCs for Apache Tomcat Unauth RCE (CVE-2026-34486) and Apache httpd Pre-auth RCE (CVE-2026-23918) are now public on our Github.
Tomcat exploit is fully reliable. httpd chain works in a controlled lab setup with a known info leak.
https://t.co/D3dg5iTuwP
https://t.co/2zyr1ds4Mo
@vxunderground The DANCING tho. 🤣🤣🤣
Dirty Frag Linux kernel local privilege escalation vulnerability (CVE-2026-43284) mitigations are now available.
Read the blog for details: https://t.co/h13u1l5YCy
💥 Introducing "Dirty Frag"
A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail.
No race, no panic on failure, fully deterministic. ~9 years latent.
Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more.
Even if you've applied the "Copy Fail" mitigation, your Linux is still vulnerable to "Dirty Frag". Apply the Dirty Frag mitigation.
Details:
https://t.co/9nqku4svkY
Hey everyone. We’ve seen the discussions around Copy Fail (CVE-2026-31431) and the disclosure process. We appreciate the passion from distro maintainers, defenders, and the broader Linux community. This is a serious issue, and we want to share some context on our side in good faith. 🧵
I too woke up and choose violence today as the fail-copy POC dropped.
Made a clean exploit including fixing the UID post exploitation without rebooting the target server. Smoke those CTF’s in hack the box.
https://t.co/nRiFyXQzRe
CVE-2026-31431 a/k/a CopyFail
> Linux LPE
> Description sounds like AI slop
> Exploit is legit
> Impacts every Linux kernel from 2017 - Now
> Proof-of-concept released
> It's Wednesday?
https://t.co/FXgjWW7lOV
@gabsmashh Make it a SONG 🎵
OWASP has released their Autonomous Penetration Testing Standard.
I have not read it yet. Anyone else look at this?
https://t.co/MewKPc1syG
Last Seen Users on Sotwe
Türk ifṣ̌a
Seen from Turkey
Tatar Ramazan11
Seen from Turkey
فحل عراقي
Seen from Norway
Rüzgar
Seen from Turkey
Pandaside
Seen from Italy
Cesar Morales
Seen from United States
suka ngintip
Seen from Indonesia
Crot didalam
Seen from Indonesia
Natthaaporn. 58🐍
Seen from Thailand
🍆EL Kahlouch🍆
Seen from Algeria
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers