Olivia
Online
Matthew Kienow
@HacksForProfit
hacks for fun and profit / software engineer / security researcher
PGP: 9DCD 23A2 0181 B684 C21C 0ED2 9903 D880 6069 F788
Joined August 2014
559 Following
470 Followers
803 Posts
🚨 New runZero 4.9: We got you, defenders!
📈 Attack path mapping
👁️ Multi-homed detection
🗺️ 2D/3D topology maps
🧠 Deep OT intel + field-level discovery
✅ Protocol exposures
🔥 Risk prioritization
💻 UI/UX updates
👉️ Release info: https://t.co/mGPx7WJynr
#OTsecurity
GNU Inetutils telnetd pre-auth RCE within LINEMODE suboption SLC (Set Local Characters) handling
https://t.co/CX6IVEeCbO
Veeam Backup & Replication authenticated domain user multiple RCE
https://t.co/7SFne75GYX
HPE Aruba Networking AOS-CX authentication bypass (CVE-2026-23813) and more.
https://t.co/NgykQOrYOG
Tracking unsupported edge devices just got easier!
CISA’s BOD 26-02 requires agencies to identify internet-exposed EOS edge devices by May 5, 2026.
Our new Findings tab surfaces them automatically.
👉 Read more from @todb & @HacksForProfit
https://t.co/HXITuQol0e
EOS edge devices exposed to the internet = a 'please hack me' sign on your front door. CISA agrees. And that's what BOD 26-02 is all about.
In our latest blog, @todb, @HacksForProfit & Colin Dupreay break down how runZero customers can get ahead.
👉 https://t.co/WODNt7x3tN
An unauthenticated RCE PoC for the React vuln (CVE-2025-55182) is now public. Confirmed to work on my test setup (Next.js 16.0.6 with React 19.2.0).
@SipeedIO Thank you
@SipeedIO Thanks for the quick reply. Hopefully there is better engagement from upstream soon. Are you able to provide sample rates that are possible when using the device in a Linux VM?
@UjlakiMarci It appears the initial CVSS score for CVE-2025-36636 doesn't align with the description. "Authenticated user" yet the CVSS vector has privileges required (PR) none. The initial CVSS record went through as a 10 for some reason and has not been updated yet.
🎥 Missed runZero Hour live? Catch it on demand!
We recap Hacker Summer Camp highlights:
✅ @hdmoore on SSH vulns + SSHamble updates
✅ Akheron Proxy w/ @HacksForProfit & @Percent_X
✅ @todb unveils EPSS Pulse
✅ OT protocol insights from Rob King
👉 https://t.co/eytRgoTcou
🎙 Hacker Summer Camp recap drops today on runZero Hour!
✅ @hdmoore on SSH vulns + SSHamble
✅ Akheron Proxy w/ @HacksForProfit & @Percent_X
✅ @todb unveils EPSS Pulse
✅ Rob King on OT detection across protocol gateways.
📅 Aug 20 | 10AM PT
🔗 https://t.co/DzJoUdjF4q
🗣️ Happening today at Black Hat Arsenal!
Join @HacksForProfit & @Percent_X at 11am PDT for a live demo of Akheron Proxy, a tool for bridging, capturing, replaying, and manipulating UART inter-chip communications.
📍 Business Hall, Arsenal Station 9
🔗 https://t.co/MSLRhZ6RlU
I'm excited to announce our "Out-of-Band" series; focused on the security risks of management devices like BMCs, serial servers, and KVMs. "Out-of-Band, Part 1: The new generation of IP KVMs and how to find them" is now live at:
https://t.co/aiRRT8k54a
A PSA for why you should probably not use Postman (it can leak secrets to them): https://t.co/9gV3bt0eU0
I spoke with @robertvamosi on ErrodCode podcast
awhile back on "Hacking Cellular-Enabled IoT Devices" We had a fun conversation. The podcast was just published so please check it out - https://t.co/PlkTmIF4KY
We have just published our AttackerKB @rapid7 Analysis for CVE-2024-47575, the recent FortiManager 0day, aka FortiJump 🔥 Read our full technical analysis; detailing firmware decryption, protocol analysis, and unauthenticated RCE 🚀 https://t.co/axuhj0kMuN
CVE and vendor advisory now available on the #FortiManager 0day that's been knocking around the rumor mill (and evidently some Fortinet customers' email inboxes) for a while. Mitigate immediately, but IOCs need investigating, too. https://t.co/3DfN94S78O
@evilsocket Open Source is Magic!
Last Seen Users on Sotwe
龍脈のアナザーエイドスR(アナドスR) 
Seen from Germany
Uncle lover🔞 (21K)
Seen from Pakistan
CALL ME . Beauty 🇻🇳🇻🇳
Seen from Vietnam
❌Xxสาวไทยบ้านๆxX❌
Seen from Thailand
Türkçe Altyazılı Porno
Seen from Turkey
ครั้งแรก กับน้าสาวแท้ๆ(แนวครอบครัวน้าสาวหลานชาย)
Seen from Thailand
Micihiti
Seen from Singapore
porn (+18)
Seen from Turkey
Handjob HD
Seen from Italy
Islamabad Bull
Seen from United States
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers