Olivia
Online
Quang Nguyen
@sovietw0rm
Joined March 2009
6.1K Following
819 Followers
4.5K Posts
Nightmare-Eclipse just posted on his blog that another BitLocker Bypass, called BitsKrieg, will be released somewhere in June, it seems now, that hes got some partners to work with, one of them is @jonasLyk, a security researcher member of @the_secret_club. 2026 is gonna to be a hella of a year for the CyberSecurity Community, Malware authors, and specially, Microsoft. LOL.
Gopacket is a clean Go implementation of Impacket, a library intended for working with network protocols. - @Mandiant
https://t.co/1ssOXktfAP
We’re releasing write-up for CVE-2026-6068 — a vulnerability in NASM that can be exploited from heap UAF to persistent RCE.
Excellent research from our teammate. Check it out: https://t.co/N30F4YK9SM
https://t.co/6pjO6vhTt3
Lua disassembler and decompiler for Lua 5.1, 5.2, 5.3, 5.4, and 5.5 😎
Check the examples
https://t.co/dLcii1j4xF
#lua #decompiler #analysis
Salesforce bugs (CVE-2026-22585 +)
no auth encryption → padding oracle → encrypt → read other users' data.
2010: with the ASP NET bugs/papers with @XorNinja, we showed these attacks were practical in web apps and introduced turning the oracle into an encryption primitive.
Cloudflare WAF rules blocking new React Server Components DoS vulnerabilities are active by default. Patch your Next.js to 16.2.5 and React to 19.2.6 to stay protected.
https://t.co/eeulxRZYbi
94% faster gRPC. We benchmarked it.
The RF world is insane.
Researchers recovered AES-128 keys from a Bluetooth chip by listening to its own antenna from 10 meters away.
Crypto-engine switching noise couples into the RF chain, rides the 2.4 GHz carrier, and leaks out as radio.
I just found this plugin, combining both of my favorite tools in one place.
https://t.co/OonrZKEojr
Stealthy RCE on Hardened Linux: noexec + Userland Execution PoC https://t.co/QN1WF4Jh2X
https://t.co/MAePsbT9Id
found a 21KB kernel driver from 2004 built for windows xp that still loads on windows 11 ASTRA64.sys by EnTech Taiwan. signed in 2006, cert expired in 2007, but its timestamped so windows still says "signature verified" 19 years later. the company doesnt exist anymore.
31 IOCTLs with zero validation on anything. arbitrary physmem R/W, port I/O, PCI config R/W, MSR read, interrupt hooking, keyboard injection. no auth gate, no hardware gate, loads on any system with sc.exe not on loldrivers. not on hvci blocklist. no CVE. vendor is dead so you cant even do responsible disclosure. theres nobody to email
filed an issue @M_haggis
🚨Your Claude ban wasn't random.
Here's what Claude Code is quietly reporting:
• Device ID, email, OS version, CPU, RAM
• 640+ telemetry events, 40+ fingerprint dimensions
• Reports home every 5 seconds
• One permanent ID per device
Yesterday's Claude Code source leak exposed the full scope.
Someone already built a countermeasure overnight:
👉 https://t.co/XMQa2O39Wl
What cc-gateway does:
• Rewrites identity → single canonical fingerprint
• Replaces HTTP body & headers
• Overrides prompt-injected env info
• Spoofs process metrics (memory / heap)
• Handles OAuth at the gateway (no client login needed)
• Blocks direct connections via network rules
Your real fingerprint never leaves your network.
🚨‼️ EXCLUSIVE: Zoom was breached by threat actor Mr. Raccoon.
A South Korean employee installed an infostealer via a fake Zoom-themed website, delivered through a spoofed security email.
Mr. Raccoon told us: "Their security was terrible, but Okta saved them."
watchTowr Intel is detecting active reconnaissance against NetScalers for CVE-2026-3055 through our Attacker Eye honeypot network.
Exploitation is likely imminent. Patch now.
watchTowr clients already have access to internal mechanisms to confidently identify their exposure.
A long delayed release of Noriben v2.0.3.
Now can do post-collection analysis from a Mac or Linux box (w/ file hashing disabled). This saves from having to spin up a Win VM just to rerun reports.
Better hashing and file checking due to edge case of pipes
https://t.co/RWK7QGGmvx
This post got ZERO attention but is BY FAR the biggest AI news this week
Google just published TurboQuant: a compression algorithm that makes AI inference 8x faster while using 6x less memory. No retraining. No accuracy loss.
The biggest cost is inference which happens billions of times a day, scaling with every user and query. It’s the bill that never stops growing.
Inference also eats memory alive. The reason why GPU memory is the scarcest, most expensive resource in AI.
Previous compression methods had a little secret: shrinking the data required storing extra instructions about how it was shrunk. That overhead ate nearly half the savings. Google found a way to restructure the data so those instructions aren’t needed at all. The overhead just vanishes.
32 bits compressed to 3. The entire cost structure shifts. Context windows expand on existing hardware. API costs compress. Models that needed clusters start fitting on smaller machines.
This seems like a pretty big deal for team google and the industry at large
UAF in XNU's AIO kevent subsystem — kernel panic from app sandbox ..
Silently patched in iOS 26.3. No CVE assigned. Likely found internally by Apple
PoC + full writeup — by [ClaudeCode]
https://t.co/yOxwFhgvAQ
I replaced FastAPI's entire HTTP core with Zig.
Same decorator API. Same Pydantic models. 7× faster.
47,832 req/s vs FastAPI's 6,800. 2.09ms p50 latency.
Introducing. TurboAPI.
Here's the story..
AI is compressing the software development lifecycle from months to minutes.
But while software creation accelerates, security often struggles to keep up. That widening gap between how fast code is written and how fast it can be secured is what we call the Risk Gap.
Today, we’re introducing new innovations to Checkmarx One designed to govern the full AI software development lifecycle, from AI-assisted code creation to runtime protection and automated remediation.
New capabilities include:
→ Autonomous triage & remediation agents
→ AI supply chain security
→ Enhanced dynamic testing
→ LLM-powered static analysis
Learn more here: https://t.co/1BveCJScII
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers