Brady Bloxham @bradybloxham - Twitter Profile

about 1 month ago

‼️🚨 Pwn2Own Berlin 2026 just hit a wall. For the first time in 19-years, ZDI rejected dozens of working zero-day RCE submissions because organizers ran out of contest slots. Rejected hackers are now going public with PoC demos and direct vendor disclosures, breaking Pwn2Own's usual secrecy. ▪️ AI surfaces a massive wave of 0-day RCEs. ▪️ Submissions overwhelm ZDI past max capacity. ▪️ Slots run out. Researchers with working chains get rejected. ▪️ "Revenge disclosures" begin. ← we are here. Confirmed casualties so far: ▪️ @xchglabs : 86 vulnerabilities prepared (PyTorch, NVIDIA, Linux KVM, Oracle, Docker, Ollama, Chroma, LiteLLM, llama.cpp). All rejected. Now reporting directly to vendors with writeups dropping as patches land. ▪️ @ggwhyp : full-chain Firefox RCE on Windows. Rejected. Publicly demoed (HTML page → cmd.exe → calc.exe). Responsibly disclosed to Mozilla. ▪️ @yunsu_dev : working RCE chain, rejected. Submitting elsewhere. ▪️ @ryotkak : tried to register for 3+ weeks. ZDI confirmed "at maximum capacity, can't add extra contest days." Considered canceling flight and hotel. ▪️ @anzuukino2802 : Claude Code RCE PoC. Rejected. ▪️ @desckimh : 0-day RCEs in Ollama and LM Studio. Rejected. Reported impact: a community-estimated 150+ researchers tried to register. Accepted contestants are now being warned about collisions. Rejected vulnerabilities going to bug bounty programs may trigger pre-event patches that invalidate the work of those who got in. ZDI has not publicly addressed the capacity issue. The event still runs May 14-16 in Berlin.

IntCyberDigest's tweet photo. ‼️🚨 Pwn2Own Berlin 2026 just hit a wall. For the first time in 19-years, ZDI rejected dozens of working zero-day RCE submissions because organizers ran out of contest slots.

Rejected hackers are now going public with PoC demos and direct vendor disclosures, breaking Pwn2Own's usual secrecy.

▪️ AI surfaces a massive wave of 0-day RCEs.
▪️ Submissions overwhelm ZDI past max capacity.
▪️ Slots run out. Researchers with working chains get rejected.
▪️ "Revenge disclosures" begin. ← we are here.

Confirmed casualties so far:
▪️ @xchglabs : 86 vulnerabilities prepared (PyTorch, NVIDIA, Linux KVM, Oracle, Docker, Ollama, Chroma, LiteLLM, llama.cpp). All rejected. Now reporting directly to vendors with writeups dropping as patches land.
▪️ @ggwhyp : full-chain Firefox RCE on Windows. Rejected. Publicly demoed (HTML page → cmd.exe → calc.exe). Responsibly disclosed to Mozilla.
▪️ @yunsu_dev : working RCE chain, rejected. Submitting elsewhere.
▪️ @ryotkak : tried to register for 3+ weeks. ZDI confirmed "at maximum capacity, can't add extra contest days." Considered canceling flight and hotel.
▪️ @anzuukino2802 : Claude Code RCE PoC. Rejected.
▪️ @desckimh : 0-day RCEs in Ollama and LM Studio. Rejected.

Reported impact: a community-estimated 150+ researchers tried to register. Accepted contestants are now being warned about collisions. Rejected vulnerabilities going to bug bounty programs may trigger pre-event patches that invalidate the work of those who got in.

ZDI has not publicly addressed the capacity issue. The event still runs May 14-16 in Berlin.

31

2K

379

641

414K

bradybloxham retweeted

BlackSnufkin @BlackSnufkin42

about 1 month ago

shipping v5 of LitterBox after way too many late nights real EDR in the loop now. drop an agent on your VM, fire payloads at it, alerts land back with full call stacks. Elastic Defend + Fibratus work. new UI + better performance — notes in the release. https://t.co/NWCd3KIxXh

4

260

67

181

15K

Brady Bloxham

@bradybloxham

about 2 months ago

@therealshodan I don’t think this is a hot take. I think it’s spot on and will happen across all skilled industries, not just cyber. AI is going to eat the skills gap.

0

48

bradybloxham retweeted

Asuka Nakajima | 中島明日香 @AsuNa_jp

about 2 months ago

BlackHatAsiaの発表スライドをSpeaker Deckに公開しました！(I’ve published my Black Hat Asia presentation slides on Speaker Deck!) https://t.co/stoM9qXDYA

0

60

13

21

6K

Who to follow

MDSec

@MDSecLabs

Consultancy and Training for offensive security by trusted experts | https://t.co/HtHSYcDxoK | https://t.co/UvOhGA5xe2 | @nighthawk_c2

Lee Chagolla-Christensen

@tifkin_

I like making computers misbehave. Does stuff at https://t.co/YsrVyTjOY7. https://t.co/UsRIholZ3M

SpecterOps

@SpecterOps

Creators of BloodHound | Experts in Adversary Tradecraft | Leaders in Identity Attack Path Management

bradybloxham retweeted

Cipher007 @xCipher007

3 months ago

SysWhispers4 just dropped !!! https://t.co/dCGboy3rwQ

3

295

82

248

17K

bradybloxham retweeted

HackerRalf @hacker_ralf

4 months ago

AdaptixC2 v1.2 is out! * New UI cross platform styles * Server side AxScript Engine * Async BOFs Full update info: https://t.co/01pE4jxZ83

2

130

21

59

7K

bradybloxham retweeted

Panos Gkatziroulis 🦄

@ipurple

4 months ago

Stuck Without Coercion options? Why not just Coerce MDE? https://t.co/527byZfAjZ

2

107

30

67

10K

bradybloxham retweeted

Anthony Morris ツ

@amorriscode

4 months ago

SSH support is now available for Claude Code on desktop Connect to your remote machines and let Claude cook, TMUX optional.

345

4K

319

3K

2M

bradybloxham retweeted

Lost Isle

@playlostisle

4 months ago

The Lost Isle OPEN PLAYTEST is available now! 🎮 Join by downloading the Demo: https://t.co/yGU3ap6EpQ 🏆 Win exclusive prizes 📅 Play until February 16 #demomonday #survivalgame #playtest #indiedev #gamedev

0

5

1

280

bradybloxham retweeted

Elon Musk

@elonmusk

4 months ago

@cb_doge Doing what I can for justice. It’s messed up that so many people are getting away with hurting minors. The prosecution counter for Epstein clients can’t be zero.

1K

48K

3K

488

983K

bradybloxham retweeted

Lost Isle

@playlostisle

4 months ago

You asked for it, and here we are: A new Lost Isle OPEN PLAYTEST is coming during the Steam PvP Fest! 🏝️☠️ 📅 February 9-16 🏆 Join our Discord and win exclusive skins 🎮 Download the demo and play for free 🔗 https://t.co/yGU3ap6EpQ #demo #playtest #indiegame #survivalgame

playlostisle's tweet photo. You asked for it, and here we are: A new Lost Isle OPEN PLAYTEST is coming during the Steam PvP Fest! 🏝️☠️

📅 February 9-16
🏆 Join our Discord and win exclusive skins
🎮 Download the demo and play for free
🔗 https://t.co/yGU3ap6EpQ

#demo #playtest #indiegame #survivalgame https://t.co/flDPVnD2Eh

0

2

1

246

bradybloxham retweeted

Claude Code Changelog

@ClaudeCodeLog

5 months ago

1/3: Claude now supports authorized security testing, CTFs, and educational security work (not just defensive). It still refuses harmful use: destructive techniques, DoS, mass targeting, supply chain compromise, and malicious detection evasion. Dual-use tools require explicit authorization context. Diff: https://t.co/oTMNVRdIWb

ClaudeCodeLog's tweet photo. 1/3: Claude now supports authorized security testing, CTFs, and educational security work (not just defensive). It still refuses harmful use: destructive techniques, DoS, mass targeting, supply chain compromise, and malicious detection evasion. Dual-use tools require explicit authorization context.

Diff: https://t.co/oTMNVRdIWb

4

284

53

161

44K

bradybloxham retweeted

Romern @Romerrn

5 months ago

@Defte_ I just installed a clean version of Server 2022 (20348.169), setup it up as a DC, and tried to create a keycredential. That worked. Than I installed the latest cumulative update (KB5073457) and now it does not work anymore. So it seems to be a recent change.

Romerrn's tweet photo. @Defte_ I just installed a clean version of Server 2022 (20348.169), setup it up as a DC, and tried to create a keycredential. That worked. Than I installed the latest cumulative update (KB5073457) and now it does not work anymore. So it seems to be a recent change. https://t.co/YT2kLs87Dt

2

14

4

3

2K

bradybloxham retweeted

MagicSword

@magicswordio

5 months ago

Attackers don’t need stolen certificates. They only need 8 bytes. By flipping 4 bytes in the PE checksum and 4 in the certificate padding, they generate 2⁶⁴ unique driver hashes while keeping Microsoft’s digital signature valid. Why it matters: - Those 8 bytes sit outside the region Windows verifies. - Every variant looks “signed and trusted.” - Hash-based blocking becomes useless overnight. That’s how TrueSightKiller evolved into 2,500+ signed variants. All trusted by Windows, all capable of killing EDRs in seconds. Check out: https://t.co/8ldbtHVJBa

magicswordio's tweet photo. Attackers don’t need stolen certificates. They only need 8 bytes. By flipping 4 bytes in the PE checksum and 4 in the certificate padding, they generate 2⁶⁴ unique driver hashes while keeping Microsoft’s digital signature valid.

Why it matters:
- Those 8 bytes sit outside the region Windows verifies.
- Every variant looks “signed and trusted.”
- Hash-based blocking becomes useless overnight.

That’s how TrueSightKiller evolved into 2,500+ signed variants. All trusted by Windows, all capable of killing EDRs in seconds.

Check out: https://t.co/8ldbtHVJBa

15

817

170

620

74K

bradybloxham retweeted

Panos Gkatziroulis 🦄

@ipurple

5 months ago

Bypassing Windows Administrator Protection https://t.co/jUk6Nv26Mw

0

82

25

62

6K

bradybloxham retweeted

Secorizon

@secorizon

5 months ago

Responder 3.2.2.0 is out! This new version comes with two new poisoners: RDNSS and DNSSL. Inject an IPv6 DNS server on all workstation present on your subnet. 2 new options were added: --rdnss and --dnssl https://t.co/W1ZkLo6Gj3 These two new poisoners are highly effective :) For more info about DNSSL attack, refresh your memory here: https://t.co/bGi1mctJzK

secorizon's tweet photo. Responder 3.2.2.0 is out!
This new version comes with two new poisoners: RDNSS and DNSSL.
Inject an IPv6 DNS server on all workstation present on your subnet.
2 new options were added: --rdnss and --dnssl https://t.co/W1ZkLo6Gj3
These two new poisoners are highly effective :)
For more info about DNSSL attack, refresh your memory here:
https://t.co/bGi1mctJzK

5

231

60

101

15K

Brady Bloxham

@bradybloxham

5 months ago

Not gonna lie, this looks amazing.

Amazon MGM Studios

@AmazonMGMStudio

5 months ago

Discover your true power. Watch the Teaser Trailer for Masters Of The Universe now, and see the movie only in theaters June 5.

621

8K

1K

7M

0

1

0

142

Brady Bloxham

@bradybloxham

5 months ago

@w3bd3vil So true, it’s become worthless.

0

40

bradybloxham retweeted

Binni Shah

@binitamshah

5 months ago

Lock picking robot : https://t.co/0UMH8Shcyl

0

38

6

14

8K

bradybloxham retweeted

Nic Losby @Blurbdust

5 months ago

The blog with how to use the rainbow tables for Net-NTLMv1 is finally live! https://t.co/LjN9y6PHXA My slides from presenting at BRCC are still available if you're curious about how crazy of a three year journey it was to get them created. https://t.co/NfFotEh7ah

6

223

87

137

38K

Brady Bloxham

@bradybloxham

Who to follow

Last Seen Users on Sotwe

Trends for you

Most Popular Users