Olivia
Online
Michaela Stranovská
@Michelle_Stran
Posts and views are my own
Joined October 2011
759 Following
115 Followers
169 Posts
🚨 BREAKING: Hackers are now exploiting the cPanel authentication bypass flaw (CVE-2026-41940) to deploy "Sorry" ransomware on compromised websites.
Numerous sources say attacks began Thursday, with threat actors breaching servers and deploying a Go-based Linux encryptor that appends the .sorry extension to files.
What the ransomware does:
🔴 Encrypts files and appends the ".sorry" extension.
🔴 Protects the encryption key with an embedded RSA-2048 public key
🔴 Drops a README.md ransom note in every folder
🔴 Uses a fixed Tox ID for ransom negotiations
Victims are being instructed to contact the attacker via Tox to pay for decryption.
This is not related to the older 2018 HiddenTear ".sorry" ransomware. This is a new, Linux-targeting encryptor tied directly to active cPanel exploitation.
If you're running cPanel or WHM, patch immediately.
CISOs should consider taking 30 minutes and reading a few random reports from @TheDFIRReport
https://t.co/IsUG5tv2Q2
Let me blow your mind real quick:
When you use Remote Desktop (RDP), Windows secretly takes screenshots of what you are doing.
It’s called the RDP Bitmap Cache.
To make the connection faster, Windows saves small tiles (images) of the remote screen to your hard drive in a bin file.
Even if the session is over and the remote server is destroyed... your laptop still holds the cache files.
Forensics teams use tools like BMCViewer to stitch those tiles back together.
They won't just see logs but the literal email, document, or picture you were looking at.
💀
@d0nutptr This would give me anxiety AF, I remove notification s if it is an option and for email, periodically make rules to Archive or skip inbox XD It is still there, unread, but no pop up about it.
Who to follow
BSides Bratislava
@BSidesBA
Security BSides Bratislava, Slovakia.
BSides Bratislava is back! March 15th, 2025
Stay Tuned for 2026!
https://t.co/Aozl6mYAGX
Ralph Echemendia
@RalphR3m1X
The Ethical Hacker/Entrepreneur/Keynote Speaker/Executive Advisor
kaijern (xwings) 
@onlyxwings
Chief of Tools @CertiK, Founder @qiling_io, Coder @signalensradio, Crew @unicorn_engine @capstone_engine @keystone_engine
You've probably seen this SQL Injection payload before... 🧐
But how does it exactly work?
Let's break it down and also craft a few variants for bypassing WAFs! 🤑👇
Yep, https://t.co/U2dSXAZkqT tools are awesome. Here's a Guide created on how to implement Nuclei into your CI/CD pipeline! https://t.co/3815rjY2CK
If you're looking to take your @pdnuclei skills to the next level, we have the ultimate guide for you! Level up: https://t.co/jzBHJofogB
🚀 picoCTF 2024 Has Officially Started! 🎉
The wait is over – picoCTF 2024 is underway! @CarnegieMellon @TCMSecurity @crl_official @CyLabAfrica @CyLab https://t.co/BYRHyel0nx
CVE-2024-21378 — Remote Code Execution in Microsoft Outlook https://t.co/usVxdegKJw
@thegamerzden19 @JezCorden Could be reasoned that some people take it as pure bloatware, instead the programs they want to use. 🤷♀️
Fun with Joomla CVE-2023–23752 vulnerability and priv escalation (CVE-2023–1326) in apport-cli < 2.26.0 https://t.co/AOU9DfYXpJ #hackthebox #htb #cybersecurity
Let me show you how to leverage curlconverter to write API exploits in Python using payloads generated in Burp Suite.
https://t.co/gaYFEHuURU
New issue of Executive Offense!
"Mobile Hacking Part 2" in which I have an exclusive interview with @0xteknogeek on methodology++
This one is JAM PACKED. imo a must read. (subscribe to see the video, otherwise it doesnt show up)
https://t.co/RFjiobn2me
Woah. Wtf.
All anchors in this 21min news clip and numerous other things are AI powered.
Holy smokes, things are going to get wild
A few tests later and you've noticed that the following bypasses all worked as well:
You were surprised because you thought it validated your input by parsing the domain
Instead, it was just a loosely-scoped regex that allowed you to get the SSO token
OWASP Amass v4.2 has been released with removal of the db subcommand. Typical #bugbounty usage looking like the following:
amass enum -d https://t.co/9iBNQ5A4ju
oam_subs -names -d https://t.co/9iBNQ5A4ju > subs.txt
https://t.co/S7BuD8bZJ7
#owasp #osint #recon #attacksurface
👀
OR 1=1 should not be the go-to example for SQL injection. I understand why it is, but using it without mentioning the risks is teaching bad practice.
OWASP, Portswigger, Wikipedia, Rapid7, Snyk etc. are all doing it.
I'm gonna die on this hill. 🤬
AI helps greatly translating JavaScript to "Human Readable Language", here's how I found a very straight forward DOM Based XSS in 2 minutes.
#BugBounty
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.3M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
87M followers
Taylor Swift
@taylorswift13
80.8M followers
Lady Gaga
@ladygaga
72.4M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
68.8M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.4M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.1M followers