Olivia
Online
ooɹǝǝʌɐɔ
@caveeroo
Former CTF w @base64ctf
• MVO Black Badge @TraceLabs
• AppSec 💼
España
Joined August 2015
1.1K Following
346 Followers
864 Posts
Mullvad exit IPs are surprisingly identifying
https://t.co/JJzrTTG7Uc
The Google Threat Intelligence Group has detected the first known instance of a threat actor using an AI-developed zero-day exploit in the wild. While the attackers planned a wide-scale strike, our proactive counter-discovery may have prevented that from happening. This finding is part of our new report on AI-powered threats.
Perhaps the sharpest article I've read in a while on the current (and future) state of cybersecurity.
"We've been shielded from exploits not only by soundly engineered countermeasures but also by a scarcity of elite attention" ~ @tqbf
Brace for impact.
https://t.co/aujwCzxYbV
Who to follow
Ted James, SQL Agent Man
@deepeddyinfosec
Application Security Engineer, script adult, learner of things, drinker of pints, reader of books, player of guitars, feedback scientist. @hacknotcrime Advocate
Vay3t
@vay3t
~ V for Vay3t ~ | Web-locirraptor | He/him | Computer Engineer | hackish-dev | NCH
Rahul Maini
@iamnoooob
Research at @httpvoid0x2f @HacktronAI, before @pdiscoveryio
We became an admin in the Fédération Internationale de l'Automobile's driver categorisation system, which allowed us to access the PII and password hashes of any rated driver, including Max Verstappen. 🏎️
https://t.co/vdX7OegqmW
How the NSA (Equation Group) allegedly hacked into China's Polytechnical University 👀
I analysed intelligence reports from Chinese cyber firms (360, Pangu, CVERC) to aggregate TTPs attributed to Equation Group.
🔗https://t.co/2dQuwx0lxN
"XBOW reported 1092 vulnerabilities on HackerOne in just a few months, including RCE, XXE, SQLi, SSRF, exposed secrets, and XSS."
😲😲😲
@ITSecurityguard Elite ball knowledge required
This is the 3rd instance now of an AI product actually be Indians
A huge percentage of the Internet sits behind us, including small businesses and emergency resources in Spain. We've always been happy and willing to work with rights holders in conjunction with judicial bodies to protect their content. We have a clear process that works around the world to do that. The strategy of blocking broadly through ISPs based on IPs is bonkers because so much content, including emergency services content, can be behind any IP. The collateral damage is vast and is hurting Spanish citizens from accessing critical resources. It's only a matter of time before a Spanish citizen can't access a life-saving emergency resource because the rights holder in a football match refuses to send a limited request to block one resource versus a broad request to block a whole swath of the Internet. When that unfortunately and inevitably happens and harms lives, I'm confident policy makers and courts in Spain and elsewhere will make the right policy decision. Until then, it'll be up to users to make politicians clear on the risk. I pray no one dies.
Un gran porcentaje de Internet está respaldado por nosotros, incluyendo pequeñas empresas y recursos de emergencia en España. Siempre hemos estado dispuestos a colaborar con los titulares de derechos, junto con los organismos judiciales, para proteger su contenido. Contamos con un proceso claro y eficaz a nivel mundial para lograrlo. La estrategia de bloqueo generalizado a través de los ISP basados en IP es absurda, ya que gran parte del contenido, incluido el de los servicios de emergencia, puede estar protegido por cualquier IP. Los daños colaterales son cuantiosos y están impidiendo que los ciudadanos españoles accedan a recursos críticos. Es solo cuestión de tiempo antes de que un ciudadano español no pueda acceder a un recurso de emergencia vital porque el titular de los derechos en un partido de fútbol se niega a enviar una solicitud limitada para bloquear un recurso en lugar de una solicitud amplia para bloquear toda una franja de Internet. Cuando esto, desafortunadamente e inevitablemente, ocurra y perjudique vidas, confío en que los legisladores y los tribunales, tanto en España como en otros países, tomarán la decisión política correcta. Hasta entonces, dependerá de los usuarios dejar claro a los políticos sobre el riesgo. Rezo para que nadie muera.
@cibernicola_es Buen momento para recordar esto:
https://t.co/28JpdzVlIC
Amazon has announced they're phasing out their checkout-less grocery stores.
The "Just Walk Out" technology, which was labeled as automatic, was actually 1,000+ Indian employees monitoring you as you walked through the store.
https://t.co/uZlOZJgvC0
Me complace anunciar el lanzamiento de Cybersecurity AI (CAI), un framework open source de agentes autónomos diseñado para abordar escenarios y ejercicios de ciberseguridad.
Junto a este framework, publicamos el paper:
📄:“CAI, a bug bounty-ready Cybersecurity AI”,
🧬: https://t.co/5B9mo23Pwc
una contribución al avance del estado del arte abierto en agentes aplicados a seguridad informática.
pip3 install cai-framework
cai
📊 Resultados destacados de CAI relatados en el paper:
• 🧪 Top 30 en HackTheBox España en <1 semana
• 🤖 Top 1 en agentes de IA del CTF competitivo “AI vs Humans” de HackTheBox
• ⚔️ Máquinas medium y hard resueltas de forma completamente autónoma
• 🧭 Máquinas insane con un mínimo nivel de Human-in-the-Loop
• 🐞 Bug bounties reales completados exitosamente
📚 En el artículo analizamos las capacidades reales de modelos fundacionales (SOTA LLMs) aplicados al pentesting, CTFs competitivos y escenarios ofensivos realistas.
🔗 CAI es un framework multiagente, modular, agnóstico al modelo y que ofrece un SDK de agentes para ciberseguridad, con soporte integrado para:
DeepSeek-V3, Qwen 2.5, LLaMA 3, GPT (3.5/4), Claude (Opus/Sonnet), Gemini, O1/O3… y otros modelos abiertos y propietarios.
🧰 Además, Ofrece una CLI interactiva donde el usuario puede:
• Configurar 🛠️ agentes, herramientas ofensivas, targets y entornos
• Seleccionar modelos 🔄 y patrones agénticos
• Compatibilidad con servidores MCP (Especialmente util en Ghidra y BurpSuite)
• Iniciar, Interrumpir, reconfigurar y retomar el flujo de ejecución de los agentes
Todo bajo una filosofía híbrida: 🧑💻 usabilidad de frameworks clásicos de ciberseguridad + 💬 interfaces conversacionales adaptadas a arquitecturas multiagente, con la IA como núcleo operativo.
🔬 Esta investigación ha sido posible gracias a la colaboración interdisciplinar de investigadores y apasionados en ingeniería inversa, IA generativa, red teaming y automatización.
📌 En breve publicaremos PoCs, tutoriales técnicos.
🔬 Código disponible en: https://t.co/AyTmYvo3cA
Unete a nuestro discord:
https://t.co/T35HhM3fFF
Mención especial: @vmayoralv @francisco_oca
🧵 1/3
I usually need facial verification for OSINT investigations, and almost every free service forces you to create an account.
So, I started exploring open source tech and discovered DeepFace - but it had no UI.
Problem solved: https://t.co/dPZAOUdkB1
This is a guide on how to communicate securely, practicing good OPSEC and COMSEC. It is written for PGP but the same core principles apply for Signal. Or any communication that needs to be secure.
https://t.co/E2OjDXBDz2
The post is finally live! Join me for an in-depth analysis of CVE-2023-22098, which was discovered by the outstanding @theflow0 . We'll break down the vuln, explore some virtio-net internals, set up a debugging environment, and develop a reliable PoC to escape VirtualBox. Enjoy!
And we've got a winner 🏆
Congratulations to @caveeroo for the winning meme! The team will be in touch soon to award you your VIP+ Annual subscription.
👀 Stay tuned for the next #UniversityCTF24 challenge this Friday.
Last Seen Users on Sotwe
Nepali premium kanda
Seen from Malaysia
حصريات اورين
Seen from Qatar
Atm Stacks
Starstar000🔞 (full!)
Seen from United Kingdom
yerli ifsa 
Seen from Turkey
سٍ͎كٍ͎س نٍ͎يٍ͎ك
Seen from Netherlands
Masti Khan
Seen from Pakistan
♠️𝗚𝗢𝗗𝗗𝗘𝗦𝗦 𝗝𝗔𝗦𝗠𝗜𝗡𝗘🐰
Seen from Turkey
Levi’s Lover 501 👖
Seen from Germany
BUNDA PULEN
Seen from Indonesia
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers