Marius Sheppard

@MrLelOnTheHunt @vxunderground 🤣🤣🤣

@vxunderground How didn't Mythos find that? I thought he could find infimite 0days with under 20k spent no?

Another zero day exploit released by some nerd (can't remember name right now) because they're annoyed with Microsoft. It's been confirmed by other nerds. It is yet another legit zero day. Whew. github.com/Nightmare-Ecli…

@DarkWebInformer who?

‼️ A VNC protocol brute-force pentesting tool called...

@SecMikeHawk @reincdr Jail

I wonder if the ASN even reads abuse complaints.

@vxunderground 🤡🤡🤡

Can I go a WEEK without one of you NERDS involving me in some sort of international cybersecurity incident? Someone compromised something owned by NSO Group (Israeli spyware company) and added vx-underground to the development team I'M TRYING TO BE SEMI-NORMAL. I HAVE A BABY.

@5mukx @crvvdev 🤣🤣🤣🤣

@crvvdev The company kept that blog name. Everyone in the OPSEC knows this is not new and highly detectable.

** New malware technique ** Proceeds to show something that has been used in game cheat software 20 years ago

I installed Claude Cowork on personal laptop yesterday. Since then, it has: - freed 14GB - got boot time from 15s to 6s - nearly doubled batterylife - cleared my inbox; gmail... and linkedin! - filed my taxes - resolved all my open github issues - successfully updated nvidia drivers - finished a thought I started at uni - taught my 5yo the piano - fixed my posture - settled a family dispute from 2013 - negotiated peace between neighbours - achieved cold fusion - looked at me and sighed 11/10 would install again.

@vxunderground Correction: they are indeed dumb*

No, Ubisoft was not compromised from their "anti-cheat". No, Ubisoft was not compromised by a rogue agent. No, Ubisoft was not compromised as a result of a Threat Actor infecting an employee with information stealer malware. Ubisoft technically* wasn't "compromised" (hacked) in the traditional usage of the word. I can't go into too much detail, because I don't want my knee caps broken with a baseball bat, but the event we all witnessed was the result of API abuse In simpler terms, nerds discovered an exposed API endpoint (computer where instructions are sent to) and abused the poop out of it. This endpoint received commands for all sorts of stuff (bans, credits, etc). Normally another program sends instructions to this endpoint. Under normal conditions, this endpoint requires authentication with a "key" (instead of using a username and password), but nerds ... sort of ... found a way to bypass the API key requirement. I'm using the word bypass here extremely liberally. What happened was extremely silly. Ubisoft is aware of what happened. They're not dumb. The fix for the issue they're encountering is kind of a pain in the ass to fix, it'll take some time, I'm not surprised nerds managed to metaphorically kick in the door (abuse the API endpoint) again. Ubisoft itself was not compromised. No employee data was stolen. No customer data was stolen. Nerds basically beat Siege servers with a stick until it did stuff.

@Pirat_Nation Simply delusional.

Microsoft aims to eliminate all C and C++ code by 2030. This massive rewrite could profoundly impact Windows 11. "Our strategy is to combine AI and algorithms to rewrite Microsoft’s largest codebases," a Microsoft engineer stated. "Our North Star is '1 engineer, 1 month, 1 million lines of code'." Via: WindowsLatest

We're more than proud to be hosting the 2026 CARO workshop, where experts from around the world will be discussing "Cybercrime Without Borders: Tracking the Global Underground". The agenda is now live and we're excited to be sharing the speakers with you! Check it out and don't forget to register: caro2026.org/caro-workshop/ #CARO2026 #Cybersecurity #Summit #AVComparatives

We need a new EternalBlue vulnerability to break this balance.

@IntCyberDigest Upload and share the different APKs on VirusTotal. It would help the cybersecurity community discover more. virustotal.com/gui/home/upload

‼️ Unremovable Israeli Spyware Found on Samsung Devices Samsung faces backlash over AppCloud, an Israeli-developed app pre-installed on budget Galaxy A and M series devices. Investigations reveal the app is embedded in the operating system, preventing full removal. Even when disabled, AppCloud remains on the device, reappears after updates, and can covertly install additional software.

LockBit 5.0?? md5: 95daa771a28eaed76eb01e1e8f403f7c note: ReadMeForDecrypt.txt ext: .[a-z0-9]{16}

@vxunderground @alxstai @Activision 🤣🤣🤣

@alxstai @Activision thats illegal and for nerds

Dear @Activision, I have received the RCE exploit that was being used in your video game (you haven't fixed it on Steam). What the hell am I supposed to do with this thing? That isn't a rhetorical question either. I mean, seriously, what do we do here?

friendly reminder relational databases shouldn't have JSON in them

@Globalrepport @Osint613 The winner will take where $300? 🚀💥

@Osint613 My Israeli friends are now placing bets on whether Iran will launch missiles at Israel tonight, with each person contributing $150. The winner will take home $300. Israelis are strong people

FT: Trump moves closer to ordering a strike on Iran.

Rust is so good you can get paid $20k to make it as fast as C: memorysafety.org/blog/rav1d-per…

@Bugcrowd touch ~/.hushlogin

You SSH into your new VPS for the first time. What's your first command?

@zeroxjackson @elonmusk @muskmap Nice! What graphs library is that btw, is it open source?

I built something new. Find out if you're mutuals with @elonmusk! Try it now: @muskmap