Olivia
Online
Oran
@Oranav
Co-founder and CTO at @laminarsec, acquired by @RubrikInc. CTFing with @pastenctf.
Israel
Joined December 2008
389 Following
4K Followers
397 Posts
Over the last few months, I researched Langflow, n8n, and Activepieces.
The result is 9 zero-days and a BlueHat IL talk 🛠️
🚨 CVE-2026-7524 (Critical - 9.8)
🚨 CVE-2026-48519 (Critical - 9.6)
⚠️ CVE-2026-7528 (High - 7.1)
🐛 CVE-2026-42228 (Moderate - 6.3)
🐛 CVE-2026-48520 (Moderate - 6.1)
🚨 CVE-not-yet-published (Critical - 9.0)
🚨 CVE-not-yet-published (Critical - 10.0)
⚠️ CVE-not-yet-published (High - 8.6)
⚠️ CVE-not-yet-published (High - 8.3)
Thanks to the vendors for the cooperation and fixes.
@Oranav and I will be breaking down some of these on stage at BlueHat IL 2026
Registration closes soon. Write-ups will be published after the con.
Abstract:
https://t.co/dJfkfwSCvs
@BlueHatIL @msftsecresponse
It’s an amazing research - that boils down to real, high impact findings.
Excited to share my research was accepted at @BlackHatEvents USA 2026! 🎩
I'll present how I achieved interactive access to users' AI assistants by chaining:
🔓 Prompt injection
🔓 Privilege escalation
🔓 Path traversal
🔓 `.toml` injection
🔓 and finally an `LD_PRELOAD` exploit
The impact:
🚨 CVE-2026-32193 (Critical)
🏆 $48,000 bug bounty from Microsoft
ChatMate: Remote Prompt Execution on AI Assistants through Sandbox Escaping
https://t.co/5aU8tXH0na
Special thanks to @msftsecresponse for the brilliant collaboration!
See you in Vegas 👋
#ChatMate #CVE_2026_32193 #BHUSA @BlackHatEvents @rubrikInc @Oranav
The Iranian people are not the enemies of Israel. They are a sister nation.
The Islamic regime of Iran is the enemy. It is a radical regime that, in the name of Islamic fanaticism, has called for the destruction of the State of Israel and the Jewish people.
On October 7, 2023, the Iranian regime began its war against Israel, using its proxies which it arms, funds, and commands. Since then, we have been doing what is necessary to defend our lives.
@marklevinshow The beams are on
Hi @antonioguterres 👋
This is the ID carried by Sinwar's bodyguard 👇
An “UNRWA 🇺🇳 Teacher”.
Any comments?
Of course this is a Sinwar's bodyguard
"A doctor and his journalist child were killed".
Next time you read such a title, this is what it really means:
https://t.co/2gpHK2dDJq
Al Jazeera journalist by day, kidnapper by night.
According to sources in Gaza, Abdullah Al Jamal who also previously served as the spokesperson of the Hamas Ministry of Labor held Noa Argamani hostage in his home.
Today marked an exciting milestone of Rubrik becoming a public company. Thank you for joining us in celebration, and we look forward to continuing to secure the world’s data!
#RubrikIPO
Gaza’s sky is black but Qatar is always sunny.
The presidents of @Harvard, @MIT, and @Penn were all asked the following question under oath at today’s congressional hearing on antisemitism:
Does calling for the genocide of Jews violate [your university’s] code of conduct or rules regarding bullying or harassment?
The answers they gave reflect the profound moral bankruptcy of Presidents Gay, Magill and Kornbluth.
Representative @EliseStefanik was so shocked with the answers that she asked each of them the same question over and over again, and they gave the same answers over and over again.
In short, they said:
It ‘depends on the context’ and ‘whether the speech turns into conduct,’ that is, actually killing Jews.
This could be the most extraordinary testimony ever elicited in the Congress, certainly on the topic of genocide, which to remind us all is:
“the deliberate killing of a large number of people from a particular nation or ethnic group with the aim of destroying that nation or group”
The presidents’ answers reflect the profound educational, moral and ethical failures that pervade certain of our elite educational institutions due in large part to their failed leadership.
Don’t take my word for it.
You must watch the following three minutes. By the end, you will be where I am.
They must all resign in disgrace.
If a CEO of one of our companies gave a similar answer, he or she would be toast within the hour.
Why has antisemitism exploded on campus and around the world?
Because of leaders like Presidents Gay, Magill and Kornbluth who believe genocide depends on the context.
To think that these are the leaders of Ivy League institutions that are charged with the responsibility to educate our best and brightest.
On the bright side, our congressional leaders deserve accolades for showing tremendous leadership and moral clarity in their statements, by the questions they asked, and the respectfulness with which they conducted the hearing.
It was a masterclass of how our government and democracy should operate.
If you have time, please watch the entire hearing. Throughout the hearing, the three behaved like hostile witnesses, exhibiting a profound disdain for the Congress with their smiles and smirks, and their outright refusal to answer basic questions with a yes or no answer.
Every possible route Hamas terrorists could have taken the hostages into Gaza would have passed through at least 5 other hospitals before reaching Shifa Hospital.
They didn't take them there for "medical treatment"; they brought them specifically to Shifa because it's their headquarters.
OPERATIONAL UPDATE: IDF and ISA forces revealed a significant 55-meter-long terrorist tunnel, 10 meters underneath the Shifa Hospital complex during an intelligence-based operation.
The tunnel entrance contains various defense mechanisms, such as a blast-proof door and a firing hole, in an attempt by Hamas to block Israeli forces from entering.
For weeks we've been telling the world about Hamas' cynical use of the residents of the Gaza and patients of Shifa Hospital as human shields.
Here is more proof.
Calling for a ceasefire, feeling on the moral high ground? Watch this:
https://t.co/3xIbHYxZmQ
This is a must see. In a hospital!
Special footage from the Rantisi hospital in Gaza - on the basement floor, a room was found with signs indicating hostages were held there, underground headquarters and a room full of weapons inside the hospital:
🚨 BREAKING:
After a decade of firing rockets on San Diego, the Mexican army infiltrated the US by land, sea and air, killing 50,000 Americans and capturing 8,500 hostages.
The UN urges "restraint" in America's response.
President Obama signs letter along with thousands of academics, celebrities, and activists laying the blame on Spanish and American imperialism.
Canada, Cuba and Guatemala also declare war on US and begin firing rockets on Minnesota, Florida and Texas.
Protests around the world erupt calling for the murder of English-speakers wherever they may be found.
🤔 Now ask yourself why this scenario is different.
#StandWithIsrael #NeverAgainIsNow
🚨🚨🚨🚨
Important expose by @honestreporting: Photographers working for AP, CNN, NYT, and Reuters were EMBEDDED with Hamas on 10/7 and accompanied the terrorist group into Israel. They knew the attack was coming, and participated in it.
https://t.co/HXVLHj0m6X
Maybe carrying out a genocidal attack on a heavily-armed neighbour was a bad idea.
Rocket launchers ready to launch, all located inside a Boy Scouts compound.
Disgusting.
🧵Breaking: More footage of Hamas' use of civilian compounds for storing and launching rockets.
The @IDF recently found 50+ rockets ready to be launched from a Palestinian youth movement center in Northern Gaza.
Stop tearing them down…
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.6M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.8M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers