Olivia
Online
Nipun gupta
@psy4n0n
@zellic_io | Ex @cloudfuzz_io, @zimperium | @infoseciitr
Joined January 2014
549 Following
227 Followers
42 Posts
The core utilities that run every Linux system have been rewritten in Rust. We audited them.
Before shipping uutils coreutils with Ubuntu 26.04, @Canonical commissioned Zellic for an external security audit.
Two rounds, fixes contributed directly upstream.
Full report below.
V12 is now live for open beta. It can:
- Find valuable bugs
- Generate working, runnable PoC
- Generate patch and test the PoC against it
In our testing during audits at Zellic, Zenith, and Code4rena we've been consistently impressed.
Best of all: it's free. (Don't abuse it!)
Bad auditors miss obvious bugs. We built an AI tool that finds them.
Introducing V12: the only autonomous Solidity auditor that actually finds Highs and Criticals.
We'll be releasing it for free.
V12 finds Crits in Zellic audits, High/Mediums in Cantina, and a bug in Pendle.
We're proud to announce that Code4rena contests will be free (no fees), starting today!
We acquired Code4rena to deliver better security for our clients. Now we want everyone to have that.
Audit contest platforms should exist to serve the ecosystem, not to extract from it.
How many security considerations are there for non-EVM chains? There's a TON.
Developed by Telegram, @ton_blockchain has a very unique approach to both execution and state.
In this thread, we'll dive into some security considerations unique to TON. ⬇️ 🧵
Billions of dollars were stolen from DeFi protocols in 2024.
As this number continues to grow each year it can feel impossible to decide which protocol to invest your money in.
We've released a new guide to help out.
These are the key steps we take when looking at a protocol.
We're proud to announce that we've acquired @code4rena!
Code4rena is the gold standard for competitive audits, and we're thrilled to join forces with them.
We acquired Code4rena for one simple reason: because it enables us to do better audits for our clients.
Here's how. 🧵👇
SECURITY ADVISORY
Zellic discovered two critical issues in certain forks of Gains Network. We worked with the teams to responsibly disclose these issues.
The issues allowed attackers to create trades that always made 900% profit (the max allowed).
Here’s how the bugs worked:
Zellic has moved forward to the final voting phase for @arbitrum's Security Council!
We ask delegates to vote for Zellic as the Security Council furthers our mission to maximize TVL and extends our commitment to Arbitrum and its ecosystem.
Vote here: https://t.co/YD9yAisubL
Collateralized debt positions (CDPs) and lending protocols are at the core of DeFi.
In this thread, we'll
✅ Share common bugs in CDPs and lending protocols
✅ Tour real-life examples that led to major hacks
Let's get started!
Financially Motivated Mobile Scamware Exceeds 100M Installations https://t.co/vWTrCAsUYA via @zimperium
Great work by @aazim_here and @fsoc_sh!
Our zLabs team discovered a spyware aimed at South Korean #Android users. #PhoneSpy hides in plain sight as a regular #application and has stolen thousands of victims' data. Zimperium customers are #protected against PhoneSpy. Click below. #WeSecureMobile
https://t.co/WwN7WPidIh
New GriftHorse #malware has infected more than 10 million #Android #smartphones. Research by @ZIMPERIUM @aazim_here & @fsoc_sh, via @ZDNet - #mobile #cybersecurity https://t.co/o69joGeLQJ
Great work by @aazim_here!
FlyTrap Android Malware Compromises Thousands of Facebook Accounts | Zimperium Mobile Security Blog https://t.co/HVgQSaq0kU
The Zimperium zLabs team discovered an Android Trojan that has spread to 144 countries. Codenamed FlyTrap, this malware hides behind applications to steal social credentials from its thousands of victims and spread misinformation. #WeSecureMobile #FlyTrap
https://t.co/h69wwatoFH
CVE-2020-28022 + CVE-2020-28026 unauth root RCE in Exim4 < 4.94.2.
Adobe patched one of the UaF we reported (Nipun Gupta , Ashfaq Ansari and Krishnakant Patil - CloudFuzz) as CVE-2021-35983
https://t.co/iKzoCTPFgD
cc: @shsirk
We have recently discovered 4 security issues applicable in most MS-Office products.
Read all the details here:
https://t.co/KxPiOnCxeq
cc @sagitz_ @NetanelBenSimon
I found an integer overflow which lead to heap overflow in Redis, it was due to an incomplete patch.
CVE-2021-32625
Response time was really good. :)
[RELEASE] Redis 6.2.4 and 6.0.14 are out!
Upgrade urgency: SECURITY, contains fixes to security issues that affect authenticated client connections. MODERATE otherwise.
Mailing list thread: https://t.co/gziv1L4w2M
Last Seen Users on Sotwe
FadeToGold77
Seen from United States
Moepedia.net(モエペディア)美少女ゲームカレンダー 
Seen from Japan
افلام سكس سودانيه
Dr.Nour Eleman
Seen from United States
TheIslandofSodorFilmStudios
Seen from Netherlands
Boy Slim Dâm
Seen from Vietnam
Kiyra
Seen from Switzerland
Martin Patsch 💦👅☔️♠️🍍
Seen from Turkey
Parimal_3
Seen from Nigeria
ı'ɱ ʂཞ...👑
Seen from Thailand
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers