Snipesec

𝗡𝗲𝘄 𝗕𝗹𝗼𝗴 𝗥𝗲𝗹𝗲𝗮𝘀𝗲𝗱 📢 Hey everyone! I have released a new blog on the analysis of the react2shell vulnerability. 𝘊𝘩𝘦𝘤𝘬 𝘪𝘵 𝘰𝘶𝘵 𝘩𝘦𝘳𝘦: vxsnipe.xyz/posts/react2sh…

Training Announcement @ c0c0n 2026 Threat Tradecraft: Infrastructure Hunting & Malware Analysis Step into the mindset of modern adversaries and learn how to detect, analyze, and disrupt sophisticated cyber threats. ▪️ This hands-on training at c0c0n equips you with real-world skills in: ▪️ Threat hunting methodologies ▪️ Infrastructure analysis & tracking adversaries ▪️ Malware behavior & evasion techniques ▪️ Practical detection and response strategies Designed for red teamers, blue teamers, SOC analysts, and malware researchers ready to go beyond theory. ▪️ 6th Oct, 2026 to 8th Oct, 2026 at Grand Hyatt, Kochi c0c0n - India’s premier cybersecurity conference, brings together global experts, hands-on trainings, and cutting-edge research in cyber defense. For more information, visit c0c0n.org/threat-tradecr… #c0c0n #CyberSecurity #ThreatHunting #MalwareAnalysis #InfoSec #RedTeam #BlueTeam

@hoodietramp @R3DD404 @BsidesMussoorie @iqlipx @brooklyndotos @_cr0wdedroom

@R3DD404 @BsidesMussoorie @iqlipx @brooklyndotos yea give it to both o’ us and tagging 2 other nerds i really wana attend a conf this year, thank you! @0xSN1PE @_cr0wdedroom

🚨 GIVEAWAY TIME | BSides Mussoorie 🚨 The pass everyone wants is up for grabs. 🎟️ A FREE Individual Pass to BSides Mussoorie 2026 could be yours, where security minds meet, in the hills of Mussoorie 🏔️🔐 Are you in? 👉 How to enter: • Follow Security BSides Mussoorie • Like & share this post • Comment below • Tag your 3 friends ⏳ Hurry, don’t miss your chance to be part of the action! 📩 Winner will be announced via DM. See you in April 2026 👀 #BSidesMussoorie #GiveawayTime #FreePass #CyberSecurity #InfosecCommunity #BSides #SecurityConference #TechCommunity #Mussoorie #CyberSecurityEvent #InfoSecIndia #April2026

Suspected APT(?) targets Portuguese speaking individuals at Macao 🇲🇴 abuses DLL Sideloading but forgets to deliver loader DLL, ends up pasting the shellcode alone with decoy, idk? 😂🤷‍♂️

@IdaNotPro neat work

Hi guys did a small blog on new Rust implant used by Muddy Water check it out

A POC for CVE-2025-55182 gist.github.com/maple3142/48bc…

React2Shell has plenty of coverage now, but I wanted to actually understand it end-to-end. I spent time digging into CVE-2025-55182 and have documented my work. This article focuses on why this vulnerability exists and how the exploit works. awwfensive.site/blogs/CVE-2025…

The US government declassifying a PoC: #include<▇▇▇▇.h> int ▇▇▇_▇▇▇▇ { ▇▇▇▇▇▇▇ ▇▇▇▇▇▇ ▇▇▇▇▇ ▇▇▇ return ▇▇; } /* * ▇▇▇▇▇ ▇▇▇ * ▇▇▇▇▇▇▇ ▇ */

@IdaNotPro awesome work

Hey guys wrote something check it out

CloudSEK TRIAD discovered Silver Fox APT targeting India with Valley RAT via Income Tax phishing. Infrastructure pivoting revealed 10+ related domains with China nexus hosting. Previously misattributed to SideWinder. cloudsek.com/blog/silver-fo… #APT #SilverFox #ValleyRAT

⚡ Wrote a cheesheet kind of a blog on Container Security. A concise reference covering essential practices for securing Docker and Kubernetes environments. awwfensive.site/blogs/containe…

-be anonymous @zachxbt -born mid-90s, somewhere in the US -always loved puzzles, patterns, hidden truths -2017 -loses $15K in an ICO rug pull rage-quits Discord, opens Etherscan for the first time -“if no one else will hunt these thieves, I will” -2018 -nights spent tracing wallets with nothing but a spreadsheet learns Solidity just to read scam contracts -starts posting anonymous findings under @zachxbt -2020 -exposes first big phishing ring stealing BAYC NFTs -victims recover $2M in 48 hours still zero followers, zero clout -2021 -drops the mask, goes full platypus -threads go viral overnight community starts sending donations in ETH -2022 -publishes 44-page exposé on Machi Big Brother -accused of pocketing 22,000 ETH across dead projects -Machi sues for defamation crypto rallies, raises $1M+ defense fund in 72 hours -lawsuit dropped, Zach never blinks -2023 -solves $243M Bitcoin heist while waiting at airport gate -French police arrest the thieves two weeks later -victim gets every satoshi back FBI starts DMing -2024 -traces $28M Bittensor hack through anime NFT trades -North Korean wallets exposed in real time -bounty hits seven figures, donates half -2025 -total recovered/stopped fraud crosses $250M -every major exchange now fears a Zach thread -media calls him “the ghost detective of crypto” -he once said “I just wanted victims to stop feeling alone.” -now -zach has 900K+ followers but still no face -works 18-hour days, funded only by donations -quietly changed crypto forever scammers check his timeline before launching -had good relations with @cz_binance, recently joined @BNBCHAIN ⚔️ Crypto’s lone avenger, DeFi legend @zachxbt 🛡️

ae0d70a317ec14e286fa9e3115605a7a1a2705b13e74e0976551196c9041705b uploaded from 🇨🇳, Ding Talk themed campaign by Slow Tempest, sideloading based stuff. unit42.paloaltonetworks.com/slow-tempest-m…

977f1f0e36ad05de97ba7cb56eddd767a59b3edabd2e8987998ca62d72619c01 [ manual.pdf.lnk ] installs a malicious installer from a fake any desk-based domain d6f0f997309ab0f4942e901be4be0c1d4d307805eab51b74e4446c2f9917e670 @malwrhunterteam @smica83 @500mk500

LAN party kit straight outta the early 2000s

𝗡𝗲𝘄 𝗕𝗹𝗼𝗴 𝗥𝗲𝗹𝗲𝗮𝘀𝗲𝗱 📢 Hey everyone! I have released a new blog on the analysis of the 𝗚𝗿𝗲𝗺𝗹𝗶𝗻 𝗜𝗻𝗳𝗼𝘀𝘁𝗲𝗮𝗹𝗲𝗿. 𝘊𝘩𝘦𝘤𝘬 𝘪𝘵 𝘰𝘶𝘵 𝘩𝘦𝘳𝘦: vxsnipe.xyz/posts/dissecti…