Mohamed Sayed - مُحَمَّد 🇵🇸

1.4K posts

Mohamed Sayed - مُحَمَّد 🇵🇸

@FlEx0Geek

check @FahemSec

Katılım Ocak 2016

252 Takip Edilen4.1K Takipçiler

Sabitlenmiş Tweet

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·27 Ağu

اصلح نفسك شوية تجميعات لبودكاست وسلاسل لتتعلم منها دينك. facebook.com/FlEx0Geek/post…

العربية

5.4K

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·40m

مش طبيعي

TrendAI Zero Day Initiative@thezdi

Aaaand it's official! Orange Tsai (@orange_8361) of DEVCORE Research Team chained 3 bugs to achieve Remote Code Execution as SYSTEM on Microsoft Exchange, earning a whooping $200,000 and 20 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin

العربية

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·1d

@orange_8361 very nice

English

572

Orange Tsai 🍊@orange_8361·1d

That's my chain — a full chain w/ logic bugs only! No memory corruption, no AI, and of course no collisions at all 😉

TrendAI Zero Day Initiative@thezdi

Confirmed! Orange Tsai (@orange_8361) of DEVCORE Research Team (@d3vc0r3) chained 4 logic bugs to achieve a sandbox escape on Microsoft Edge, earning $175,000 and 17.5 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin

English

106

342

2.3K

143.2K

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·1d

ZXX

195

Mohamed Sayed - مُحَمَّد 🇵🇸 retweetledi

د. إياد قنيبي@Dr_EyadQun·1d

"ممنوع تدخل الجنة"! ردا على المشككين في إسلام #بتول_علوش والمهتدين عموماً. لاحظنا ان الكلمة الماضية "دعم وتأييد لبتول علوش" أثارت غير وقهر الشبيحة، فالحمد لله على ذلك. موتوا بغيظكم.

العربية

225

1.3K

32.7K

Mohamed Sayed - مُحَمَّد 🇵🇸 retweetledi

Thai S.D@_sondt_·2d

😓 Pwn2Own 2026

353

18.4K

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·1d

الفكرة دي (لها مراحل اصعب سيكا) لكن خدت مني تقريبا ٧ شهور بدور فيها بالتجربة (علي فترات طبعا مش كل يوم يعني): fahemsec.com/blog/oneshot-w…

العربية

2.2K

Mohamed Sayed - مُحَمَّد 🇵🇸 retweetledi

H4x0r.DZ 🇰🇵@h4x0r_dz·3d

War criminals

International Cyber Digest@IntCyberDigest

❗️🚨 BREAKING: Microsoft has fired the top leadership of its Israeli subsidiary following an internal investigation into Azure use by Israel's Ministry of Defense. Country General Manager Alon Haimovich is out, along with several managers from the governance department. The probe found Israeli defense units were using Azure servers in Europe in ways that violated Microsoft's terms and exposed the company to EU legal risk. Microsoft Israel's management withheld this from headquarters. Microsoft had already cut ties with IDF Unit 8200 in September 2025. The investigation found that was only part of the problem. Microsoft Israel now reports to Microsoft France. The Ministry of Defense contract renewal is due by the end of 2026.

English

6.6K

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·3d

@the_st0rm @Dinosn Thanks 🙏

English

150

the_storm@the_st0rm·3d

@FlEx0Geek @Dinosn Great work! Sorry you couldn't make it. Looking forward to your next funding ;)

English

410

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·4d

My pwn2own first try: flex0geek.blogspot.com/2026/05/pwn2ow…

English

134

7.7K

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·3d

@S1r1u5_ pwn2own lite

314

s1r1us (mohan)@S1r1u5_·4d

can someone spinoff pwn2own for everyone who couldn’t register?

English

10.8K

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·3d

@_mccaulay nnnnice, I just reported it today to Litellm xD Nice catch. u win.

English

266

McCaulay@_mccaulay·3d

RCEliteLLM - Chaining an Environment Variable Leak with Jinja2 SSTI for Remote Code Execution mccaulay.co.uk/rcelitellm-lit…

English

123

11.3K

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·4d

We are here: flex0geek.blogspot.com/2026/05/pwn2ow…

International Cyber Digest@IntCyberDigest

‼️🚨 Pwn2Own Berlin 2026 just hit a wall. For the first time in 19-years, ZDI rejected dozens of working zero-day RCE submissions because organizers ran out of contest slots. Rejected hackers are now going public with PoC demos and direct vendor disclosures, breaking Pwn2Own's usual secrecy. ▪️ AI surfaces a massive wave of 0-day RCEs. ▪️ Submissions overwhelm ZDI past max capacity. ▪️ Slots run out. Researchers with working chains get rejected. ▪️ "Revenge disclosures" begin. ← we are here. Confirmed casualties so far: ▪️ @xchglabs : 86 vulnerabilities prepared (PyTorch, NVIDIA, Linux KVM, Oracle, Docker, Ollama, Chroma, LiteLLM, llama.cpp). All rejected. Now reporting directly to vendors with writeups dropping as patches land. ▪️ @ggwhyp : full-chain Firefox RCE on Windows. Rejected. Publicly demoed (HTML page → cmd.exe → calc.exe). Responsibly disclosed to Mozilla. ▪️ @yunsu_dev : working RCE chain, rejected. Submitting elsewhere. ▪️ @ryotkak : tried to register for 3+ weeks. ZDI confirmed "at maximum capacity, can't add extra contest days." Considered canceling flight and hotel. ▪️ @anzuukino2802 : Claude Code RCE PoC. Rejected. ▪️ @desckimh : 0-day RCEs in Ollama and LM Studio. Rejected. Reported impact: a community-estimated 150+ researchers tried to register. Accepted contestants are now being warned about collisions. Rejected vulnerabilities going to bug bounty programs may trigger pre-event patches that invalidate the work of those who got in. ZDI has not publicly addressed the capacity issue. The event still runs May 14-16 in Berlin.

English

3.2K

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·4d

AI does not write this — Thanks.

English

221

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·4d

@h4x0r_dz Ye happen xD, I was preparing my blog about my failed entry xD

English

H4x0r.DZ 🇰🇵@h4x0r_dz·4d

For the first time in history, Pwn2Own has reached full capacity. AI has changed the game forever

English

318

21K

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·6d

@anzuukino2802 I do not know is this a bug or not, but they should answer. Recheck the used email because they answered me. And recheck if this in the scope or not.

English

640

Yuu@anzuukino2802·6d

This was supposed to be my PoC for a Claude Code RCE aimed at Pwn2Own Berlin 2026, but ZDI never got back to me about my entry registration. It looks like I won't be able to register it at all...

English

321

27.2K

Mohamed Sayed - مُحَمَّد 🇵🇸 retweetledi

V4bel@v4bel·7 May

💥 Introducing "Dirty Frag" A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail. No race, no panic on failure, fully deterministic. ~9 years latent. Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more. Even if you've applied the "Copy Fail" mitigation, your Linux is still vulnerable to "Dirty Frag". Apply the Dirty Frag mitigation. Details: dirtyfrag.io

GIF

English

704

2.1K

517.4K

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·8 May

PHP UAF could control the RIP: #event-25135274013" target="_blank" rel="nofollow noopener">github.com/php/php-src/is…

English

1.9K

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·4 May

pwn2own entry in progress.

English

871

Mohamed Sayed - مُحَمَّد 🇵🇸@FlEx0Geek·30 Nis

في حد جرب دة؟: thaura.ai/pricing

العربية

329

Mohamed Sayed - مُحَمَّد 🇵🇸 retweetledi

Xint@xint_official·29 Nis

Patch your Linux boxes! Copy.Fail is a trivially exploitable logic bug in Linux, reachable on all major distros released in the last 9 years. A small, portable python script gets root on all platforms. Found by the teams at @theori_io and @xint_official More details below xint.io/blog/copy-fail…

English

365

991

246.6K

Keşfet

@orange_8361 @the_st0rm @Dinosn @S1r1u5_ @_mccaulay @h4x0r_dz @anzuukino2802 @elonmusk