Khang Vo (doublevkay) @doublevkay - Twitter Profile

about 3 years ago

We are seeking sponsors to support 03 Vietnamese students to join International Cybersecurity Challenge (IC3) held in San Diego, US. Join us in making a meaningful impact. Your generosity is greatly appreciated!❤️https://t.co/ZZX2shqZNl

1

36

14

0

8K

doublevkay retweeted

OpenSSF @openssf

about 3 years ago

Today we're proud to announce the release of version 1.0 of SLSA 🎉 Supply-chain Levels for Software Artifacts is an OpenSSF project that provides specifications for software supply chain security, established by community expert consensus. #OSSecurity

openssf's tweet photo. Today we're proud to announce the release of version 1.0 of SLSA 🎉 Supply-chain Levels for Software Artifacts is an OpenSSF project that provides specifications for software supply chain security, established by community expert consensus. #OSSecurity https://t.co/rsisj3Sq8k

1

66

39

6

28K

doublevkay retweeted

Verichains @Verichains

about 3 years ago

Verichains has released a new security advisory VSA-2022-120, exposing a key extraction vulnerability in Multichain's fastMPC. Kudos to @MultichainOrg for the swift response and bug bounty. Keep an eye out for upcoming advisories on critical attacks targeting popular MPC implementations. https://t.co/Ip1wdyjcAK

0

26

15

1

9K

Khang Vo (doublevkay) @doublevkay

almost 4 years ago

@fraxken @MyUnisoft Can't wait for your sharing!

1

0

Who to follow

Malware Analysis, Threat Hunter

Sazouki 🇹🇳🚬

@Sazouki_

Im not a rapper | OSCP | CRTP

Khang Vo (doublevkay) @doublevkay

almost 4 years ago

@liran_tal Code pilot :D

1

0

doublevkay retweeted

Open Source CVEs @OpenSourceHacks

almost 4 years ago

(CVE-2022-2564): Prototype Pollution in automattic/mongoose. https://t.co/v8QWrTCK1H Disclosed by @doublevkay, fixed by @code_barbarian... #opensource #CVE #bugbounty #security #vulnerability

0

3

1

0

Khang Vo (doublevkay) @doublevkay

almost 4 years ago

@JamieSlome @huntrdev thanks, Jamie. You help me a lot!

0

1

0

Khang Vo (doublevkay) @doublevkay

almost 4 years ago

I have submitted 18 reports, 9 validated, and 4 CVEs in a month. Just small things for the beginning, but yeah, glad that I end up at the #top2 leaderboard (30 days) on @huntrdev. Appreciate the #CodeQL help! Wish you all happy hacking!😁

doublevkay's tweet photo. I have submitted 18 reports, 9 validated, and 4 CVEs in a month. Just small things for the beginning, but yeah, glad that I end up at the #top2 leaderboard (30 days) on @huntrdev. Appreciate the #CodeQL help!

Wish you all happy hacking!😁 https://t.co/rDpUB15LMC

3

34

4

1

0

Khang Vo (doublevkay) @doublevkay

almost 4 years ago

@s0nnguy3n_ @momentjs @npmjs @huntrdev Dạ em cảm ơn anh 😁

0

Khang Vo (doublevkay) @doublevkay

almost 4 years ago

I have found a high severity vulnerability in @momentjs - one of the most depended-upon packages on @npmjs. The vulnerability has been found with CodeQL, reported on @huntrdev. It is also my first #CVE, first #bugbounty, and the first GHSA credit.😄 https://t.co/c50sBmi5Ts

5

163

15

24

0

Khang Vo (doublevkay) @doublevkay

almost 4 years ago

@Sudouhack @momentjs @npmjs @huntrdev I think `npm audit` could be a good entry. In the black-box case, a particular approach would be more realistic though.