Olivia
Online
RCE Security
@rcesecurity
RCE Security provides penetration testing, source code reviews, bug bounty support, and offensive security services for web, mobile, APIs, and infrastructure.
Germany
Joined November 2012
1 Following
250 Followers
8 Posts
Turning an encrypted backup into Remote Code Execution in Stackfieldโs desktop app (CVE-2026-28373).
#security
https://t.co/a1ikMGmwjz
Pwning TRUfusion Enterprise again: chaining a pre-auth SSRF (CVE-2025-32355), a default password, and a path traversal (CVE-2025-59793) to gain RCE.
#security
https://t.co/kkVDeAnTVi
We took @_WPScan_'s one-liner #security advisory for CVE-2025-9501 affecting the W3 Total Cache plugin for #WordPress, analysed its cache parsing internals and built a pre-auth RCE exploit for it ๐
https://t.co/zgCf028Yts
#infosec
Our friends @HashiCorp released a new version of Consul fixing our reported Denial of Service vulnerabilities (CVE-2025-11374 and CVE-2025-11375).
See our official advisories for the details and remediation steps: https://t.co/3oUxeUX7S0
#security
Who to follow
Dylan Tran
@d_tranman
pro skid
salsa sultan, verde villain, condiment connoisseur
sdvx vf 16
Former: Adversary Simulation @xforce, @NationalCCDC+@wrccdc & @globalcptc @calpolyswift
Georgii Bazykin
@GBazykin
Salman Khan
@salman_ashlor
Cyber Security Researcher | Penetration Tester at @Pentest People LTD | ISO/IEC 27001 INFORMATION SECURITY ASSOCIATE
Another day, another Remote Code Execution (and its 3 friends).
Pre-auth path traversal, hard-coded crypto key allowing cookie forgery, arbitrary file write, and PII disclosure in TRUfusion Enterprise (CVE-2025-27222 to CVE-2025-27225) #security
https://t.co/YIjFDT7CBM
We've just updated our latest blog post about CVE-2025-47812 to include another disclosure that went a little under the radar but could be used to leak a user's password: CVE-2025-27889.
#security #BugBounty
https://t.co/yaTdGEWEzO
During a customer pentest, we went from anonymous Read-Only FTP access to full root-level remote code execution by abusing a string parsing discrepancy in Wing FTP's username handling.
#security #BugBounty
https://t.co/yaTdGEW6Kg
Here's a short write-up about CVE-2023-6542 a #security vulnerability affecting the SAP Emarsys SDK for Android allowing attackers to leak sensitive data from an app's private data directory and also load remote contents into an app overlay.
https://t.co/CkSAGgSlAQ
Last Seen Users on Sotwe
ใ๏พใ๏พใซ๏พใ๏พ
Seen from Japan
cintoru ๐
Seen from United States
Ace IV
Seen from Ireland
Demi Viscera
Seen from Israel
sprite_็ฝ
Seen from United States
ุฒูุฌูู ู
ุชุญุฑุฑูู
Seen from Saudi Arabia
Hgg Jhhg
Seen from Israel
Hoร ng
Seen from Vietnam
Jacky Nguyen
Seen from Vietnam
ูุญู ุงูุฃู
ูุงุช ุงูู
ุฑุจุฑุจู๐ฅ
Most Popular Users
Elon Musk 
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.3M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.3M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers