Olivia
Online
Mrrply
@mr_rply
Security engineer, designer, technology enthusiast. 30% Arabica 70% Curiosity.
Joined April 2011
1.2K Following
179 Followers
4.8K Posts
❗️🚨 An Israeli company has backdoored hundreds of millions of households through countless Smart TV apps, and they're quietly turning Samsung and LG TVs into exit nodes for AI web-scraping. Your TV is relaying strangers' web traffic from your home IP, your bandwidth, your address attached to whatever those scraping jobs touch.
Roku, Fire TV and Google TV banned the practice. Samsung and LG didn't. The culprit is Bright Data's proxy SDK, which rides inside Tizen and webOS apps, 200+ on webOS alone. Datacenter IPs get blocked, home IPs don't.
Include Security reverse-engineered the SDK and found its relay protocol has no message signing, authentication, or device attestation. Their words: less secure than typical malware command-and-control.
To make things worse, they found that in iOS the relay tunnel binds straight to the physical network interface, so it routes around any VPN the user is running.
Bright Data's config also ships per-country tiers. Devices in Uzbekistan and Oman are cleared to relay down to 1% battery, with data caps up to 60x the worldwide default.
Before the BaCkDoOrEd replies land: technically you agreed. In practice you were enrolled into a global proxy network you were never given the information to refuse. And these exit nodes drag down your IP's reputation, potentially leaving you with blocks from providers.
MCP is slow for RE-heavy projects and, in some cases, is unstable.
ghidra-rpc is way faster than MCP and scales more efficiently in a multi-agent setup, since it outputs structured JSON.
Everyone except me ? We are in fact still in court over this.
Previous generations of software protection (DRM perspective) have always relied on code complexity (for RE), compute limitations, and human limitations as the guarantees that kept hacking timelines reasonably long.
That's changed now. Beyond the acceleration in vulnerability research and malware analysis, the same new reality applies to software protection, and security by obscurity, or assuming the attacker is limited in compute and motivation, no longer works.
Who to follow
#HNSecurity has brand new headquarters in #Turin!
A bigger space. A proper hacking lab, because our researchers deserve the right playground.
And ('cause we're Italian and we have our priorities straight 🇮🇹) a well-equipped kitchen. 👨🏻🍳
https://t.co/6W6yI9BYig
Personal update: I've joined Anthropic. I think the next few years at the frontier of LLMs will be especially formative. I am very excited to join the team here and get back to R&D. I remain deeply passionate about education and plan to resume my work on it in time.
llama.cpp with MTP support makes local models fast enough to use as daily drivers 🚀
Qwen3.6-27B dense generation (on A10G):
From 25 tok/s → 45 tok/s (+78%).
Two flags on llama-server:
--spec-type draft-mtp --spec-draft-n-max 2
In many applications, you need a map from strings to integers. In python, you might do it like so...
d = {"apple": 100, "banana": 200, "cherry": 300}
If you have 1 million keys, that can use a lot of memory!!! Like over 100 bytes per key!
I have published a new library that uses about 9 bytes per key. That's right. Just 9 bytes. You use it like so:
from fastconstmap import ConstMap
d = {"apple": 100, "banana": 200, "cherry": 300}
m = ConstMap(d)
m["apple"] # -> 100
m.get_many(["banana", "cherry"]) # -> [200, 300]
It can be significantly faster (e.g., 2x in some cases) than the a standard dict. Further, you can serialize it and deserialize it to disk or to a network for convenient reuse.
![lemire's tweet photo. In many applications, you need a map from strings to integers. In python, you might do it like so...
d = {"apple": 100, "banana": 200, "cherry": 300}
If you have 1 million keys, that can use a lot of memory!!! Like over 100 bytes per key!
I have published a new library that uses about 9 bytes per key. That's right. Just 9 bytes. You use it like so:
from fastconstmap import ConstMap
d = {"apple": 100, "banana": 200, "cherry": 300}
m = ConstMap(d)
m["apple"] # -> 100
m.get_many(["banana", "cherry"]) # -> [200, 300]
It can be significantly faster (e.g., 2x in some cases) than the a standard dict. Further, you can serialize it and deserialize it to disk or to a network for convenient reuse.](https://pbs.twimg.com/media/HIVM-TAWgAAhnsP.jpg)
And this one is human insight w/ LLM-assisted research. Took about one week to finish everything. The AI really rescued me from a lot of tedious work
— excluding the part where it changed the Domain Admin password, locked me out, and claimed it got RCE 🤦
AI-pentest companies get significant marketing value from publishing findings attributed to their products. In The HTTP Terminator, I’ll include the other side - the techniques and breakthroughs that AI consistently fumbles.
Aaaand it's official! Orange Tsai (@orange_8361) of DEVCORE Research Team chained 3 bugs to achieve Remote Code Execution as SYSTEM on Microsoft Exchange, earning a whooping $200,000 and 20 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin
That's my chain — a full chain w/ logic bugs only! No memory corruption, no AI, and of course no collisions at all 😉
Confirmed! @chompie1337 of IBM X-Force Offensive Research (XOR) used a single bug to exploit NV Container Toolkit, earning $50,000 and 5 Master of Pwn points. #Pwn2Own #P2OBerlin
Webkit Use after free in EventTarget
Run test: https://t.co/8tHbj8wlW1
(it may or may not be exploitable)
Security things from the last few days:
- CopyFail (linux pwn'd)
- CopyFail 2/Dirty Frag
- 13 advisories in Next.js
- Over 70 CVEs addressed in MacOS 26.5
- ~50 CVEs addressed in iOS 26.5
- YellowKey (Windows Bitlocker pwn'd entirely)
- GreenPlasma (Windows privilege escalation)
- CVE-2026-21510 and CVE-2026-21513 confirmed to be used by Russia for Windows RCE
- CVE-2026-32202 separately confirmed to be used by Russia for sensitive document access
- Mini-Shai Hulud (over 300 JS and Python packages compromised via GitHub Action cache poisoning)
- Google confirms they have identified AI-powered exploitation of zero days in an unidentified "open-source, web-based system administration too"
- Canvas (popular LMS used in most schools) pwn'd entirely
- PAN-OS (palo alto networks) pwn'd with a 9.3 severity CVE-2026-0300
Are you scared yet?
Big news for Blue Team nerds
That nerd who released those Microsoft 0days has created two new repos on GitHub with spooky sounding names indicating they will be releasing two new Windows 0days.
Very cool
https://t.co/VaWFtW5lFi
Two more zerodays - https://t.co/kUgSQqq0s8
We're likely 1st to publicly exploit crypto: af_alg as a new attack surface in kernelCTF. Our members @n0psledbyte & @st424204 started poking it in Sep 2025, finding a 0-day container escape unnoticed since 2011. @AnthropicAI @OpenAI: interested in collaborations? We are all ears
Except that this httpd pre-auth “RCE” exploit does not work. A real exploit requires an infoleak, and the author conveniently supplied a “helper” that reads addresses directly from /proc/<pid>/mem.
We also found this bug in early April, submitted it, and were told it's a dup. Then we burned to develop an exploit, to no avail. Need an infoleak.
It's interesting that AI struggles exactly where humans struggle too.
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers