Re @stillgray @ezralevant @latimes The reason satire about CNN proposing censorship of Twitter could so easily be construed as reality is because that...

Hot off the press is MSRC’s latest Researcher Spotlight: “A Ride on the Wild Side with Hacking Heavyweight Sick Codes.” Get to know the man, the my...

CVE-2022-4036 The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA bypass in versions up to, and including, 1.3.72. This is due ...

CVE-2022-4035 The Appointment Hour Booking plugin for WordPress is vulnerable to iFrame Injection via the ‘email’ or general field parameters in ver...

CVE-2022-4034 The Appointment Hour Booking Plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.3.72. This makes it...

CVE-2022-4031 The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file'...

CVE-2022-4033 The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up...

CVE-2022-4032 The Quiz and Survey Master plugin for WordPress is vulnerable to iFrame Injection via the 'question[id]' parameter in versions up to, an...

CVE-2022-4028 The Simple:Press plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'postitem' parameter manipulated during the p...

CVE-2022-4027 The Simple:Press plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'postitem' parameter manipulated during a for...

CVE-2022-4029 The Simple:Press plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'sforum_[md5 hash of the WordPress URL]' c...

CVE-2022-4030 The Simple:Press plugin for WordPress is vulnerable to Path Traversal in versions up to, and including, 6.8 via the 'file' parameter whi...

CVE-2022-3995 The TeraWallet plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 1.4.3. This is d...

CVE-2022-3991 The Photospace Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via its settings parameters saved via the updat...

CVE-2022-3896 The WP Affiliate Platform plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via $_SERVER["REQUEST_URI"] in versions u...

CVE-2022-3898 The WP Affiliate Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.3.9. This...

CVE-2022-3897 The WP Affiliate Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in versions up to, an...

CVE-2022-3751 SQL Injection in GitHub repository owncast/owncast prior to 0.0.13.

CVE-2022-3747 The Becustom plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5.2. This is due to ...

CVE-2022-3384 The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the populate...

CVE-2022-3383 The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the get_opti...

CVE-2022-3361 The Ultimate Member plugin for WordPress is vulnerable to directory traversal in versions up to, and including 2.5.0 due to insufficient...

Re @turk1_tk Just a hacking challenge. If you complete all of the prep steps, you will win a free exam credit:

#公交车上# 没挤上公交前，我认为每个人都可以再挪一下给我一个空间；一旦上了公交车，我就嫌弃每一个想要上车的人。在台上和台下也一样。

刚说了准许善意批评，但是善意还是恶意，大老板有解释权。

Re @nnwakelam Oh right yeah

Re @nnwakelam BPM? I think they have subdomain takeover if I recall.

RT Bjorn Lomborg: Polar bear population increasing But doesn't fit climate narrative, so info cancelled Reality: Polar bears were intensely hunted 197...

Re @chyzzy_UI @SaveToNotion This spam with savetonotion, nobody will read it after, just stop spamming feeds.

Pycrypt - Python Based Crypter That Can Bypass Any Kinds Of Antivirus Products

Spanish police dismantle operation that made €12M via investment scams

Crypto Firm BlockFi Files For Bankruptcy After FTX Collapse

RT KT: We've disclosed two remotely exploitable Linux kernel bugs in the Bluetooth stack: one infoleak and one UAF. More information here:

Threat Hunting with VirusTotal

RT Red Sentry: Re Wanna be the next hacker that shares their experiences with the world? Do like @D0rkerDevil and send us or @ghostlulz1337 a DM with ...

RT Red Sentry: New episode of our Hacker Story Series! @D0rkerDevil shares some learnings from his journey in the infosec field. From an unexpected st...

#不肯放弃治疗的渣渣们#即便身处寂静之城，也要坚持做一件有意义的事。

Devs are brutal...

OneSixtyOne (SNMP enumeration) ported to windows

Subdomain Enumeration with DNSSEC

Cyber-Threat Group Targets Critical RCE Vulnerability in 'Bleed You' Campaign

Blind&Invisible Watermark

Re @intigriti The best #XSS tool out there by far (the real "most advanced one"), finding several XSS cases no other tool ever dream of and the only o...

RT Rob: Got this on BF, highly recommended.

知识是无价之宝，所以这个前沿课程是免费可以看的

cby给scz自制的肥皂之一

有点意思

重点关注第四条的三到八。最好把七、八、九、十条也看看。

This. It’s a real scenario though.

Re @whateverfithere @otiniferdy @speschelone @spectatorindex @FIFAWorldCup MAybe they just won the RFP?