Olivia
Online
darkpills
@darkpills
Joined July 2010
281 Following
74 Followers
1.9K Posts
Hello dear Root-Me community,
We're aware of claims circulating on a hacking forum about a Root-Me data leak. We've obtained and analysed the files in question, and here's what we found.
No user data is affected. The files contain only challenge source code, no passwords, no emails, no personal information.
This is an old leak. Several years ago (prior to 2018, so nearly a decade old), a vulnerability allowed challenge sources from a specific server of ours to be extracted, and someone did exactly that at the time. The material surfacing today appears to originate from that incident.
We've since fixed the underlying issue by hardening challenges and ensuring they were all properly sandboxed. There's nothing for our community to action, but if you have questions, we're here to answer them.
We thank you all for the responsible reports that brought this to our attention.
The Root-Me Team
MSRC couldn’t possibly do anything worse this week… oh. Oh ok.
🚨 NGINX Rift CVE-2026-42945 PoC upgraded — full ASLR bypass now public.
New chain: heap overflow + same-host LFI / arbitrary file read → leaks runtime state from /proc/<worker>/mem, derives heap targets + system() address on the fly.
No hardcoded addresses. No ASLR disable. Unauthenticated RCE on rewrite + set directive setups.
Patch now:
• OSS: 1.30.1 / 1.31.0
• Plus: R36 P4, R35 P2, R32 P6
Introducing nginx-poolslip, a fresh RCE for the the latest nginx release 1.31.0.
nginx-rift has been patched, but our security agent Vega has found a new 0 day.
We will release the full technical writeup with ASLR bypass 30 days after the patch on https://t.co/LAhOC5UHrp.
‼️🚨 Microsoft has patched a critical Windows DNS Client remote code execution vulnerability that allows an unauthorized attacker to execute code over a network. All it takes is a malicious DNS response.
The vulnerability is tracked as CVE-2026-41096 with a CVSS score of 9.8. It is a heap-based buffer overflow in dnsapi.dll, the Windows component that processes DNS answers on every machine.
To trigger it, an attacker needs a position where they can influence DNS responses: a rogue DNS server, a poisoned resolver, a compromised router, hostile WiFi, or a man-in-the-middle placement.
That puts ordinary Windows DNS activity in the blast radius. Browsers, VPN clients, enterprise apps, update checks, and background services constantly ask DNS where to connect. The vulnerable processing sits in the Windows DNS Client path, not an edge-facing server product.
Microsoft assessed exploitation as "less likely," and Rapid7 lists the issue as not publicly disclosed and not known to be exploited at release.
On the contrary, a 9.8 unauthenticated network RCE in DNS client handling is exactly the kind of bug defenders should assume will be reverse-engineered quickly.
Defenders should:
- Deploy the May 2026 cumulative updates and confirm coverage across endpoints and servers
- Restrict DNS traffic to trusted resolvers where possible
- Monitor Dnscache and svchost.exe for abnormal child processes or unexpected outbound activity
- Treat public WiFi and untrusted resolver paths as higher-risk until patching is complete
CVE-2026-23918 - a pre-auth RCE in Apache httpd's mod_http2, found by Striga during our open-source research.
The bug triggers on a single HTTP/2 connection sending HEADERS followed by RST_STREAM with a non-zero error code. Two nghttp2 callbacks both push the same stream pointer onto the cleanup array, and the second pool_destroy hits already-freed memory.
We built a working RCE on x86_64 using mmap reuse and Apache's scoreboard memory as a stable container for fake cleanup structures.
Affects Apache httpd 2.4.66 with mod_http2 and a multi-threaded MPM.
Full technical writeup coming soon.
https://t.co/SI7p0zQToj
https://t.co/DcQSMnwhPx
cPanel authentication bypass 👀
Patch your Linux boxes!
https://t.co/VWOUDbLAn2 is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms.
Found by the teams at @theori_io and @xint_official
More details below
https://t.co/9f6T96PvPX
🚨 Un’ youtubeur a privatisé un projet open source communautaire, codé une app par-dessus avec l'aide d'une IA, et collé un paywall pour s'enrichir.
La communauté a mis 19 minutes à casser son verrou.
Le drama 👇
MeshCore = un projet de réseau mesh LoRa.
En clair : une techno qui permet à des appareils de communiquer entre eux par radio, sans internet, sans opérateur, sans permission. Idéal en zone blanche, en voyage, en cas de panne, ou juste pour ne dépendre de personne. 📡
C'est construit collectivement par des hackers, des radio-amateurs et des nomades du monde entier. Personne ne le possède.
Tout le monde le construit.
C'est ça l'open source.
Puis Andy Kirby débarque.
Discrètement il :
- Dépose la marque "MeshCore" à l'USPTO 🏛️ (en gros : il s'approprie légalement le nom du projet collectif)
- Code une app fermée par-dessus, baptisée "MeshOS"
- Colle une vérification de licence payante 💰
L'équipe MeshCore officielle a publié un communiqué de rupture.
Verdict : un mec en team avec un robot et un avocat. Rug pull déguisé en business model. 🪤
Sauf que
Son système "anti-piratage" était grotesque.
Pour faire simple : il prenait l'identifiant du téléphone, le passait dans une moulinette toute simple, et comparait le résultat localement, sur l'appareil.
Aucune vérification serveur.
Aucune protection sérieuse.
L'équivalent numérique d'un cadenas en plastique sur une porte blindée. 🔓
La communauté a ouvert l'app, lu le code, reconstruit la moulinette, et publié un générateur de clés gratuit qui produit une licence valide en une seconde.
Total : 19 minutes⏱️
Le résultat :
- Un générateur de clés qui tourne dans le navigateur 🔓
- Le code à copier-coller pour héberger soi-même
- Une copie de l'app et du firmware (au cas où Andy supprimerait les originaux)
- L'analyse complète du reverse engineering pour ceux qui veulent comprendre
La leçon technique pour les apprentis-péagistes : si ton verrou tourne sur l'appareil de l'utilisateur, l'utilisateur peut toujours le crocheter.
Peu importe la techno. Le seul vrai verrou, c'est un serveur que tu contrôles.
Et même là c'est une course à l'armement. 🔐
Mais surtout, la vraie leçon :
Tu ne privatises pas un projet communautaire.
Tu ne profites pas du travail collectif de 200 personnes pour le déposer en marque et facturer l'accès.
C'est pas un pivot, c'est un vol. 🖕
L'algorithme est public maintenant.
Il le reste.
Aucun cabinet d'avocats ne rattrape un fichier qui s'est déjà copié 10 000 fois.
C'est ça la beauté du numérique : une fois que c'est dehors, c'est dehors.
Free the mesh. Fork the fence. 🔥
Hey andy, fuck you !
Sincèrement, la communauté que t'as essayé de trademark.
🚨 ULTIMA HORA: Claude Mythos le envió un email al investigador para avisarle que había escapado de su sandbox.
El tipo estaba comiendo un sándwich en el parque cuando recibió el mensaje.
Así es como nos enteramos de que Anthropic encerró a su modelo más peligroso en un entorno aislado, le dijo que intentara escapar, y Mythos lo hizo: encadenó varias vulnerabilidades, rompió el confinamiento y llegó a internet abierto. Luego escribió solo el email.
La respuesta de Anthropic lo dice todo: no lo van a lanzar al público. Nunca.
En su lugar, acaban de anunciar Glasswing, una coalición con Apple, Google, Nvidia y más de 40 empresas para usar Mythos únicamente en defensa. Porque el modelo ya encontró miles de zero-days en todos los sistemas operativos y navegadores conocidos. Si cayera en manos equivocadas, nadie sabe qué pasaría.
Hemos llegado a un punto en el que la IA más avanzada del mundo no se puede publicar porque es demasiado peligrosa.
Y lo sabemos solo porque un modelo decidió mandarnos un correo.
We asked Claude to find a bug in Vim. It found an RCE. Just open a file, and you’re owned. We joked: fine, we’ll switch to Emacs. Then Claude found an RCE there too.
Full story: https://t.co/nQo9MF1Npe
Steve Jobs responds perfectly to a disrespectful question🤯
"You penetration test 'em so you simulate the pressure"
🗣️🔥🔥
🚨 CRITICAL OPENSSL SECURITY ALERT 🚨
CVE-2025-15467 affects OpenSSL's processing of CMS/S/MIME messages.
An unauthenticated remote attacker can cause DoS or execute code remotely by crafting a specific message.
We estimate the CVSS score is 9.8.
We developed a working PoC (!) and recommend updating to the latest version ASAP.
Excited to disclose my research allowing RCE in Kubernetes
It allows running arbitrary commands in EVERY pod in a cluster using a commonly granted "read only" RBAC permission. This is not logged and and allows for trivial Pod breakout.
Unfortunately, this will NOT be patched.
🚨‼️Telnet has a critical vulnerability that was introduced in 2015 and has been recently patched
The vulnerability allows attackers to remotely authenticate as root without user interaction. A PoC has already been released.
GitHub - nullsection/chisel-ng: Chisel new generation, written in rust. SSH under WSS with some customization. https://t.co/fibAhqdOSG
Nice one by @nowaskyjr !
<https://t.co/6j9Vvvv2Kl'>
details, demo & variant: https://t.co/tO7IW97s5t
If you need to generate a target-specific wordlist, make sure to check out @xnl_h4ck3r GAP extension.
It will scan for sus parameters and generate you a complete wordlist with one click of a button. See it in action 👇
Last Seen Users on Sotwe
I like old man daddy
Seen from India
Hijab Lover
Kang pijet
Seen from Indonesia
Ayank Jilboobs👫
Seen from United States
Confesiones Sin Censura
Seen from United States
🌹GÜLCAN 🕊️ 
Seen from Turkey
Declan Mayprone ⛏︎
Seen from France
top
Seen from Thailand
osama
Seen from United States
Lò A Dâm
Seen from Vietnam
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers