Blessing!

absolute cinema

CHAMPIONS!!!!! 🏆 🟡🔵

Free resource drop 🎁 I just put my full 2026 Practical Bug Bounty Guide on GitHub — recon, Burp workflow, every vuln class, WAF bypass, exploit chaining + reporting. No paywall. ⭐ github.com/The-XSS-Rat/Se…

terrorism-related deaths in Afghanistan since 2025 till date: 486 terrorism-related deaths in Nigeria since 2025 till date: 4,654 deaths linked to armed groups and over 3,000 kidnappings. Nigeria is actually worse than Afghanistan.

Open Apology Letter to the Obidient Movement My Dear Obidient Family, I come before you today with a heavy heart, deep humility, and no excuses. Some time ago, in a moment of frustration and immaturity, I wrote and released a resignation letter as Director of Mobilization. In that letter, I allowed deep frustration & personal emotions to cloud my judgment. I made statements that subtly and unnecessarily dragged Peter Obi, a man I still respect for his vision, integrity, and sacrifice for this nation. That was wrong. It was childish, and beneath the standard I should have upheld, especially as someone who once held a leadership position in this movement. I take full responsibility. No one forced me to write it. No one edited it. It came from me, and it was a mistake. I deleted the letter afterwards, but I know deletion does not erase the damage, the disappointment, or the loss of trust many of you felt. I understand why some of you no longer respect me the way you once did. You had every right to feel let down. To Peter Obi himself (fondly called PO): Sir, I am sincerely sorry. My words were not a true reflection of the values of sacrifice, accountability, and constructive criticism that you preach. I failed in that moment. To every single Obidient, the ones who stayed grinding, the ones who defended the vision even when it was tough, the ones who felt betrayed by my actions, I am deeply sorry. You are the real heroes of this movement. Many of you are young people full of hope and fire for a better Nigeria. You didn’t deserve to see internal cracks turned into public drama. I let you down. I am not writing this because I want something or a position in the movement as I’m enjoying private life. I am writing it because it is the right thing to do. Leadership is not only about when the road is sweet and smooth; it is also about owning up when you mess up. I own this fully. I am committed to rebuilding trust through consistent actions, not just words. But I also know trust is not demanded, it is earned back slowly, if at all. Thank you for reading this. Whether you accept my apology or not, I respect your feelings and your right to hold me accountable. The love I have for a better Nigeria has not changed. You all know me. My respect for the Obidient spirit remains. I am sorry truly. With humility and hope for forgiveness, Your brother in this struggle, Morris Monye. Oya come let’s hug. 😊

1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.

@EvanLuthra We’re so fvcked…

🚨A HACKER GROUP JUST STOLE 4,000 OF GITHUB'S OWN PRIVATE REPOSITORIES.. PUT THEM UP FOR SALE FOR $50,000.. AND THE WAY THEY GOT IN IS THE SCARIEST PART.. They didn't hack GitHub's servers.. They poisoned a VS Code extension.. One GitHub employee installed it.. And the attackers walked through the front door using the employee's own credentials.. The group calls themselves TeamPCP.. They name their malware after the sandworms from Dune.. And they've been running the most sophisticated supply chain attack campaign in cybersecurity history.. Here's how the whole thing unfolded.. In March.. They poisoned Trivy.. One of the most trusted security scanners in the world.. Used by over 10,000 development workflows globally.. They injected credential-stealing malware into Trivy's official GitHub Action.. The malware ran silently BEFORE the security scan.. So every log showed "scan completed successfully" while the malware was stealing AWS keys, SSH credentials, database passwords, and Kubernetes tokens in the background.. It took Aqua Security 5 days to fully remove them.. Using the stolen credentials.. They breached Cisco Systems.. Cloned over 300 private repositories.. Including source code for unreleased AI products.. And repositories belonging to Cisco's customers.. Major banks.. Government agencies.. BPO firms.. In April.. They hit Checkmarx.. Another security vendor.. Poisoned 5 official Docker images in 83 minutes.. The scanner worked perfectly.. It just silently sent all your secrets to the attackers.. That automatically cascaded into Bitwarden.. The password manager.. Their CI/CD system pulled the poisoned Docker image.. And the attackers injected malware into Bitwarden's official CLI package published on npm.. One compromised security scanner poisoned a password manager.. Automatically.. No human involved.. In May.. They hit TanStack.. Libraries downloaded millions of times per week.. 84 malicious package versions across 42 packages.. And here's the terrifying part.. The malware scraped the raw memory of GitHub's build servers.. Extracted authentication tokens.. Used those tokens to bypass two-factor authentication.. And then published the infected packages with completely valid cryptographic signatures.. Every security verification tool on earth said the packages were legitimate.. Because they were signed by the real pipeline.. Using real keys.. The attackers just happened to be inside the pipeline when it signed.. They defeated the entire trust model of modern software supply chains.. The same week they hit the Nx Console VS Code extension.. 2.2 million installations.. The malware specifically targeted Claude Code configurations.. Hunting for AI assistant credentials.. That's a first.. Supply chain malware designed to steal your AI's access keys.. Then on May 19.. They revealed the GitHub breach.. 4,000 internal repositories.. Listed for sale at $50,000.. With a warning.. "If nobody buys it.. We leak everything for free".. Their malware is self-propagating.. Once it infects one package.. It automatically finds every other package that developer maintains.. Steals the publish tokens.. And infects all of them.. Then those packages infect the next developer.. And the next.. It jumps between npm and PyPI automatically.. The group doesn't even do the extortion themselves.. They sell stolen credentials to ransomware gangs.. One gang used TeamPCP's data to threaten Cisco with leaking FBI and NASA personnel records.. And the scariest part of all.. They didn't break any encryption.. They didn't find any zero-days.. They exploited the fact that the entire software industry blindly trusts its own build tools.. Every security scanner.. Every Docker image.. Every VS Code extension.. Every GitHub Action.. Is a potential weapon if someone poisons it upstream.. And right now.. Nobody can tell the difference between a legitimate build and a compromised one.. Because the compromised ones have valid signatures too.

Very tone deaf, wicked and just satanic!!! Look at this!

Broke into a vulnerable e-commerce app from scratch — robots.txt recon → Gobuster enumeration → leaked config file → JWT forging → admin takeover via Burp Suite. This is what information disclosure + weak JWT secrets look like in the real world.

@focus_furry Smooth! Good job boss

The Tinubu administration is trying to normalise murder and kidnapping. We must not allow it.

You cannot rehabilitate someone who beheàded another human being!

Making politics unprofitable should be our main priority

Ladies and Gentlemen of Nigeria. We have a country to rescue. Get your PVC.

SQL Injection without these special chars [' "()\/%*&\`] possible? Yep, me and @or4nge16hehe did it. Using only: [ a-z, 0-9, dot, @+- ] Write-up soon #BugBounty #infosec

I genuinely pity Nigerian youths man. Your life and future is being treated with negligence and scorn, people will tell you stories of a Nigeria previously far better than what you are currently experiencing. Your mates, children of politicians who do not do half your work are shielded from the consequences of bad governance but you are still here claiming you support APC. You literally witnessed the sharp rise in the cost of living and the free fall of quality of living and yet… Are you people cursed ?

I’ve spent the past couple of weeks building Looters: a public archive of Nigerian political corruption since the 1990s. Governors, ministers, shell companies, Swiss accounts, the Jersey trusts, — one searchable graph. You too can connect the dots: 1000reasons.vote/looters

Unopposed ✌🏼✌🏼✌🏼

Make it go viral .