RT Ken Westin: PSA: I had a reporter reach out to me this morning asking about these bold claims. They aren’t true and his “research” proves nothin...

RT PortSwigger Research: You can now trigger file-upload XSS with no user-interaction using a technique spotted by @kkotowicz. We've just added it to ...

#年味仪式感大赛##网络安全# 极棒专属红包封面来啦！数量有限，手慢无～祝大家虎年大吉如虎添翼虎星高照虎啸风生福虎生威虎力全开……剩下的评论区接上！

法律和道德孰轻孰重？我认为是道德。法律会与时俱进，不同的时代不同的地域，会针对当时的具体情况给出法律的约束，它会有滞后的特点也会有过时的特点。而道德是恒古不变的，类似于诚信，类似于勤劳，类似于俭朴等等。很多事情并不违背法律，但是它违背了你自己的道德观价值观，那它就是错的。

#苹果新增怀孕的男人表情符号#对抗荒谬，最好的武器就是更加荒谬。只要将这个表情符号的含义构建为“啤酒肚”，只要每次约朋友喝一杯的时候都将这个表情符号和啤酒杯符号一起发出，即可消解其背后的设定目的。

Register for a free Black Hat Asia Business Pass. A Business Pass grants you access to the Business Hall and additional Features, including Arsenal, S...

Re @perribus

Big #DEFCON30 #CTF update! Following several years of exemplary service by @oooverflow, our  CTF contest is  in the worthy,capable hands of @Nautilus_...

RT Tabatha:  Re @somafm needs help to meet their Jan budget. Can you spare some $ to keep the tunes going? The @defcon station is a staple for backgro...

Re @r00t_nasser @theXSSrat Those characters alone are not an evidence of a #XSS vulnerability but you have HTML injection. Almost all XSS vectors can ...

Re @r00t_nasser @theXSSrat @XssPayloads What's your evidence of the vulnerability? It seems you don't even have HTML injection.

原理可能是：网页链接

#丰县妇联回应精神失常女子生育8个孩子事件# #官方回应江苏八孩母亲被拴破屋##徐州丰县通报生育八孩女子情况##徐州八个孩子##八个孩子的母亲##八个孩子的妈妈精神失常被铁链子拴着##官方通报徐州丰县生育八孩女子情况##男子回应生育八孩女子被指疑似其失踪母亲#

你们那儿过年还让放烟花吗？

CVE-2022-0395 Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

CVE-2022-0393 Out-of-bounds Read in Conda vim prior to 8.2.

CVE-2022-0392 Heap-based Buffer Overflow in Conda vim prior to 8.2.

CVE-2022-0352 Cross-site Scripting (XSS) - Reflected in Pypi calibreweb prior to 0.6.16.

CVE-2021-46448 H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/customers.php?page=1&cID.

CVE-2021-46447 A cross-site scripting (XSS) vulnerability in H.H.G Multistore v5.1.0 and below allows attackers to execute arbitrary web scripts or HT...

CVE-2021-46446 H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_access_grou...

CVE-2021-46445 H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/categories.php?box_group_id.

CVE-2021-46444 H.H.G Multistore v5.1.0 and below was discovered to contain a SQL injection vulnerability via /admin/admin.php?module=admin_group_edit&...

CVE-2022-23598 laminas-form is a package for validating and displaying simple and complex forms. When rendering validation error messages via the `for...

CVE-2022-23599 Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. Versions of Plone that are dependent on Products.ATContentTypes...

CVE-2021-4160 There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS...

CVE-2021-44379 A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102...

CVE-2021-44380 A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102...

CVE-2021-44360 A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102...

CVE-2021-44378 A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102...

CVE-2021-44390 A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102...

CVE-2021-44373 A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102...

CVE-2021-44368 A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102...

CVE-2021-44401 A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.136_20121102...

Re @srini0x00 introduces students to exploit development in MIPS processor architecture, starting with the basics of MIPS Architecture and moving towa...

Re @SanderWind @visma @HackersMother @bug_dutch @iqimpz @holme_sec @AleHornOfficial Enjoy your drink 🍺

Granular, Actionable Adversary Emulation for the Cloud.

Re @7h3h4ckv157 @DailySwig @remonsec @TheHackersNews @CVEnew @InfoSecComm @zseano @_JohnHammond @ptracesecurity @vxunderground @cyph3r_asr @cyb3rops A...

Distributed Crawler Management Framework Based on Scrapy, Scrapyd, Django and Vue.js

RT S3cur3Th1sSh1t: NimGetSyscallStub is now public, the first public fully working (didn't find another myself) Nim imlementation + PoC to grab fresh ...

Re @Austen There are many faux 🦄

Re @SawyerMerritt It has been a very long road

Re @DineshDSouza Interesting ideas

Re @Teslaconomics @stevenmarkryan There will only be EVs in the future

Re @CodeColorist master!

#陈北雁# scz: 你妈这个坏家伙，天天回家这么晚，我要把她从家里开除出去 cby: (挥小拳拳) Yes，Go Go Go 陈北雁的日常--(2022.1.9)

Mininode - A CLI Tool To Reduce The Attack Surface Of The Node.js Applications By Using Static Analysis

CVE-2022-23889 The comment function in YzmCMS v6.3 was discovered as being able to be operated concurrently, allowing attackers to create an unusually...

CVE-2022-23888 YzmCMS v6.3 was discovered to contain a Cross-Site Request Forgey (CSRF) via the component /yzmcms/comment/index/init.html.

CVE-2022-23887 YzmCMS v6.3 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily delete user accounts vi...