Hi
I've added another 550,000+ malwares to the malware library. Please download the malware and share it with your friends and family.
https://t.co/HDTpR7UxxK
⚠️⚠️ CVE-2026-21962 (CVSS 10.0): Oracle Fusion Middleware to unauthenticated remote total takeover via HTTP
🔗FOFA Link: https://t.co/0uFCu6nkz7
🎯5.3k+ Results are found on the https://t.co/uLIbgJcaq5 nearly year.
FOFA Query: app="Oracle-Fusion-Middleware"
🔖Refer: https://t.co/Z9BC8XWXud
#OSINT #FOFA #CyberSecurity #Vulnerability
🚨‼️Telnet has a critical vulnerability that was introduced in 2015 and has been recently patched
The vulnerability allows attackers to remotely authenticate as root without user interaction. A PoC has already been released.
Nice. @Jhaddix is a legend.
He just published a treasure trove of context to feed your agents to help them produce more secure code.
https://t.co/vzFRUIkOz8
Want to see what top-notch security research looks like?
Look no further than @j_domeracki's latest research, a standout contributor to the Google Cloud VRP! 🪲💪
https://t.co/lEsYWZuQMf
New @trailofbits Skill: firebase-apk-scanner
> Scan Android APKs for Firebase security misconfigurations
This one is going to be a blood bath. 🫠
https://t.co/yM4JD1q1Xa
Blog post: On the Coming Industrialisation of Exploit Generation with LLMs https://t.co/aK4pysY1wD
TL;DR: I ran an experiment with GPT-5.2 and Opus 4.5 based agents to generate exploits for a zeroday QuickJS bug. They're pretty good at it.
Code: https://t.co/47xHRObhRy
Web cache vulnerabilities can lead to mass XSS, credential theft, and DoS, affecting thousands of users at once 🤠
But manually testing cache behavior across different layers is time-consuming... 😓
Web-Cache-Vulnerability-Scanner by @Hackmanit automates the detection of cache poisoning, cache deception, and DoS vectors across your web infrastructure.
Check it out! 👇
🔗 https://t.co/H85vSyOJNt
Me and a friend just landed a bounty for an RCE using a technique I addict it earlier and have kept refining ever since. Grateful for the results. Alhamdulillah.
More here:
https://t.co/rcXoFYE8r7 or https://t.co/1uaYDcSjFb
We @wiz_io responsibly disclosed this to @AWSSecurityInfo, who promptly fixed the issue in under 48 hours! They also implemented new safeguards in CodeBuild to prevent similar attacks.
For the full story, check out our blog >>> https://t.co/T1IHfjy4B8
CVE-2025-54068 is the #React2Shell of the Laravel world.🚩
Just like Next.js Server Actions, Livewire bridges the frontend/backend gap automatically. But blindly deserializing state from the client? That leads to RCE.
👇Try the exploit via Vulhub: https://t.co/dWjH6HTcif
#Vulhub