RT Zero-Point Security: The Red Team Ops course has now been moved to the @thinkific platform.  Along with a slight course and lab update, we now have...

RT Cody Thomas: Mythic 2.3.7 is finally out! This includes an entirely new interface, tab-completable and conditional command parameters, LaTeX report...

CVE-2021-46669 MariaDB through 10.5.9 allows attackers to trigger a convert_const_to_int use-after-free when the BIGINT data type is used.

CVE-2021-46668 MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with storage-en...

CVE-2021-46667 MariaDB before 10.6.5 has a sql_lex.cc integer overflow, leading to an application crash.

CVE-2021-46666 MariaDB before 10.6.2 allows an application crash because of mishandling of a pushdown from a HAVING clause to a WHERE clause.

CVE-2021-46665 MariaDB through 10.5.9 allows a sql_parse.cc application crash because of incorrect used_tables expectations.

CVE-2021-46664 MariaDB through 10.5.9 allows an application crash in sub_select_postjoin_aggr for a NULL value of aggr.

CVE-2021-46663 MariaDB through 10.5.13 allows a ha_maria::extra application crash via certain SELECT statements.

CVE-2021-46662 MariaDB through 10.5.9 allows a set_var.cc application crash via certain uses of an UPDATE statement in conjunction with a nested subqu...

CVE-2021-46661 MariaDB through 10.5.9 allows an application crash in find_field_in_tables and find_order_in_list via an unused common table expression...

We've updated the vx-underground APT collection: 2022.01.28/Indian Army Personnel Face Remote Access Trojan Attacks 2022.01.31/Iranian APT MuddyWater ...

for anyone who watched 'Primer' with #defconmovienight and got lost:

RT BleepingComputer: CISA adds 8 vulnerabilities to list of actively exploited bugs - @billtoulas

三、再扩展 1+a^2=n^2*m (5) (a^2+b^2)=n^2*m (6)对于已知固定正整数m是否(5)、(6)有正整数解?对于已知固定正整数m不穷举如何快速求解？(5)对于m=1就无解，估计也有其它m无解，怎么求出这些m?如果已经知道一个a,或者a、b，有(4)可以很好的求出别的解。(5)把正整数或者（6）把正整数数对按m划分 ...全文

这剑目测1300克朝上。一般人舞不了几下手就软了。//@RevengeRangers:帅//@程序员邹欣://@凌云凌公子:起来运动了//@龟田大租:好帅啊好冷啊我在被窝都觉得冷

另外一些精英也意识到中国是一个可以随时启动的巨型战争机器。但他们一点也不想意识到这一点。

春节七天乐正月初一《从 0 开始学 V8 漏洞利用之环境搭建（一）》作者：知道创宇404实验室网页链接

Re @bigfoot780 Hi Matt, the link is how the Security Researcher for this CVE would like to be acknowledged.

Re @CoderHarish Hey Harish – most M365 online services and products are eligible for bug bounty awards. You can find more details here:

Re @GerberKawasaki @Tesla @joerogan …

Re @SpaceX 16 story tall rocket, traveling several times faster than a bullet, backflips & fires engines to return to launch site

Re @kodykinzie We like your video and would like to put it up as a community solution. Would you be able to drop us an email at support@portswigger.ne...

CVE-2022-24266 Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/table_manager/ via the order_by par...

CVE-2022-24265 Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/menu/ via the path=component/menu/&...

CVE-2022-24264 Cuppa CMS v1.0 was discovered to contain a SQL injection vulnerability in /administrator/components/table_manager/ via the search_word ...

CVE-2022-24263 Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php ...

CVE-2022-23872 Emlog pro v1.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /admin/configure.php via ...

CVE-2022-21659 Flask-AppBuilder is an application development framework, built on top of the Flask web framework. In affected versions there exists a ...

Mininode - A CLI Tool To Reduce The Attack Surface Of The No...

RecoverPy - Interactively Find And Recover Deleted Or Overwritten Files From Your Terminal

祝美国华人虎年行大运！祝太平洋舰队虎年虎虎虎！

生物钟过于强大，六点多自然醒了，硬撑到现在。

Re @_jsoo_ Take care and happy new year~

RT Ghostwriter: We have a new release candidate for Ghostwriter! This v2.2.3-rc1 addresses several small to medium issues and includes some enhancemen...

CVE-2021-46459 Victor CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component admin/users.php?source=add_user. Thes...

CVE-2021-44114 Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Stock Management System in PHP/OOP 1.0, which allows remote malicious...

CVE-2021-42635 PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APP_KEY value, leading to pre-auth remote code execution.

CVE-2021-42631 PrinterLogic Web Stack versions 19.1.1.13 SP9 and below deserializes attacker controlled leading to pre-auth remote code execution.

Re @sirdarckcat Conductor

Machine Learning for Static Analysis of Malware – Expansion of Research Scope

Russian 'Gamaredon' hackers use 8 new malware payloads in attacks

Unsecured AWS Server Exposed 3TB In Airport Employee Records

NSO Group Pegasus Spyware Aims at Finnish Diplomats

A story of leaking uninitialized memory from Fastly

RCE and Auth Bypass in Aqua Illumination Hydra Series Aquarium Lights

Apple Pays $100.5K Bug Bounty for Mac Webcam Hack

277,000 routers exposed to Eternal Silence attacks via UPnP

Top US Spy Warns Too Many Government Secrets Harms National Security

Re @BadgerousTim It’s coming out next week .