Ivan

here's the updated article link: klydz.net/post.php?slug=…

@session_app Where do I donate?

Without additional funding, Session's doors will close next month. Please read this appeal from Session co-founder Chris McCabe. getsession.org/donation

@solostalking Seems like an Android spyware development portrayed as research

What the heck these guys are testing at 8[.156.82.11:3000

Just because a company claims it's software is privacy based, doesn't mean it is.

come get me son I MOG

@fl33tingly @DoingFedTime the bug is in toxcore itself, if you are not using the tor implementation then it doesn't matter. Even the maintainer itself acknowledges this is a weakspot: // TODO(irungentoo): remove this and find a better source of nodes to use for paths.

@Ivanklydz @DoingFedTime Believe it when I see a write up. You mention no client by name when there is hundreds, mention onion when a user could be using Socks5, user could be using ToXiC instead of QTox, I suspect your bugs are in QTox. I will wait for the write up and perhaps I am wrong.

Hello, TOX protocol lovers and the most wanted ransomware operators using TOX for comms! With only your public Tox ID, I can see who you’re talking to, reveal your real IP behind proxies, and even track your activities. #Onion_Path_Poisoning research coming soon! @DoingFedTime

I found a new crazy exploit for stb library It's made of 3 critical vulnerabilities, and after I chained them together I ended up with a 0click RCE for those who don't know about STB libary it powers basically the entire indie game dev world, engines, apps and a ton of tools.

I had to delete the article and POC about this exploit after a notification from MSRC to keep the details of this case confidential during the investigation, once It's patched I will publish the draft again #windows

@ishowcybersec It is actually available, just a different name

Active Directory is not available on Linux

@Hermes_tooll all proxies do that though, that's not a real vulnerability.

Telegram 1-click vulnerability verified to reveal your real IP address, even if you use a proxy. Affects both Android and iOS Telegram clients.

The entire update download URL, including the P4 access token, is served over plain HTTP Nice work @Microsoft

@vxunderground @Windows klydz.net/post.php?slug=… wrong link, here's the valid link #microslop

Windows is vulnerable to a remote version downgrade attack using Windows Delivery Optimization "DO" klydz.net/post.php?slug=… @vxunderground @Windows

@banthisguy9349 @datura704322 @IntelOpsV3 @dulls this is my alt account bro, I just commented from phone

@datura704322 @IntelOpsV3 @dulls Nice alt account.

🚨 Pryx admits to being inside the SCADA network of Telecom Egypt where an alleged hacker-caused fire broke out 7 July 2025, killing 4 and injuring 27 "I was in the network my n*gga" justpaste.it/k41os …2bkxx3hbraln42in2rtlfsywpuhebid.onion News: apnews.com/article/egypt-…

@financedystop she is stupid

Telling ChatGPT to recite all 8.2 billion names of everyone on Earth

@WindowsLatest YES YES YES, MORE WINDOWS EXPLOITS LET'S GOOO

Ladies and gentlemen, the upcoming Calendar Agenda view in Windows 11 Notification Center is a... WebView2 component! 🎉 WebView2 is a Microsoft component that embeds web content (HTML, CSS, and JavaScript) into Windows apps. When Windows 11 shipped in 2021, it dropped support for many Windows 10 features as part of modernization efforts, including Outlook Calendar Agenda view in the Notifications Center. Now, it's coming back, but it's going to be a WebView2.

@NetworkChuck { noent: true } allows ssrf

Try to pass this👇

@IntelBrokerBF this didn't age well

@IntCyberDigest this is my favorite quote of @greppygreppy

Famous Threat Actor Quotes #QuoteOfTheDay