TheElder🇷🇺🇧🇷

@piyush784066 Haskell, R

developer challenge: name a programming language without using the letter ‘a’ or ‘c’

@PhysInHistory Idk but in D&D astrology is very fun.

Genuine question: Why do people believe in astrology? ✍️

@Shedletsky This did not age well, take me an decade then maybe.

@Shedletsky Still takin time, probally 3 more years and its done.

Think of the last big project you worked on. How long did it take you? Taylor Swift released at least 3 albums during this time period.

@cyber_razz Companies who do this are the worse, what is even worse is when you report it and they don't even put it as an priority to fix.

A researcher found critical Windows zero-days. Reported them to Microsoft. Microsoft denied the bug bounty. Deleted their account. Banned them from GitHub. Then threatened criminal charges. The researcher dropped six zero-days in six weeks. Three got used in real attacks within days. Other researchers are now handing them free vulnerabilities as a gift. Microsoft’s Digital Crimes Unit is considering legal action. Against the person whose bugs they refused to pay for. This is Microsoft’s bug bounty program.

@IntCyberDigest @relax3fcy @ChaoticEclipse0 I fucking hate those companies, they never credit anyone other than themselves, showing how "great" their security teams are, YOU DO THE WORK, YOU FIND IT, YOU DO THE RIGHT THING AND REPORT IT, they never credit you possibly losing job opportunities, this makes me so mad.

@relax3fcy I wouldn't call them a black hat. @ChaoticEclipse0 isn't selling the vulns for profit or dropping them to hurt people. They want Microsoft to patch the bugs and credit the work.

❗️🚨 BREAKING: Security researchers are now handing Nightmare-Eclipse vulnerabilities for free, in what looks like both a show of support and a reaction to how Microsoft treats researchers. First up: "Bitskrieg," violates Secure Boot trust and fully bypasses BitLocker. It seems aimed squarely at Microsoft's recent blog, where the company said its Digital Crimes Unit would bring cases against threat actors "and those that enable their criminal activity," language many researchers read as a threat pointed at them.

@ProtonVPN It is quite sad that vpns are banned in those countries, acess to the internet is being limited to those people.

Countries where VPNs are banned: North Korea 🇰🇵 — 2000 Oman 🇴🇲 — 2010 Iraq 🇮🇶 — 2014 Belarus 🇧🇾 — 2015 China 🇨🇳 — 2017 Russia 🇷🇺 — 2017 Turkmenistan 🇹🇲 — 2019 Iran 🇮🇷 — 2024 Pakistan 🇵🇰 — 2024 Myanmar 🇲🇲 — 2025

@vxdb Until the FBI/NSA activelly goes on to knock on your door you are ok, its quite sad that this happens but its not like we have any type of control of it sadly enough. But For the vast majority of security researchers, passive surveillance never escalates to active investigation

@vxdb It's just a question of whether anyone is actively looking at it or not, "watchlist" implies a level of active targeted surveillance that may be overstated for routine responsible disclosure cases, so yeah you are gonna be on some type of "list" but who cares?

POSTING ZERO DAYS OR EXPLOITS PUBLICLY DOES NOT MAKE YOU A CRIMINAL Microsoft has pissed off the entire security community once again

AMA (I'm only replying to the fun ones)

@chesscom Damn crazy

they're comparing us to who?!?!

@chesscom I SWEAR I WILL BREAK MY MONITOR IF YOU PLAY THAT.

what?

The FBI has released an advisory on ransomware groups’ use of the First VPN Service to conduct network reconnaissance and computer intrusions. Advertised on criminal forums like Exploit[.]in and XSS[.]is, First VPN is used to facilitate botnets, DDoS attacks, hacking, and other malicious activity. To better defend your networks, review the advisory to learn about indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with First VPN: ow.ly/k0o150Z3hAP

@elormkdaniel no.

Interviewer: You are setting up a local server for your home office. You assign the server the IP 192.168.1.50 with the subnet mask 255.255.255.0.  You connect a laptop to the same switch and give it the IP 192.168.2.50 with the same subnet mask 255.255.255.0.  Can these two devices communicate with each other without a router being present? YES or NO? 🤔

@elormkdaniel No?

Can these two devices see each other if they are on the same physical switch? Host A: 10.0.0.5 /24 Host B: 10.0.0.5 /24 YES or NO?

@MountainDew How tf did this actually work?

Goths

@FBICyberDiv I actually did not hear about Kali365 before but i heard about an similar one by the end of 2025 start of 2026, i think it was rockstar 2FA, this is more than likely just a rebranding it is very common for them to do that, they use literally the same techniques.

Today the FBI released a #PSA warning the public about Kali365—an emerging Phishing-as-a-Service (PhaaS) platform. Kali365, first seen in April 2026, enables cyber threat actors to obtain Microsoft 365 access tokens and bypass multi-factor authentication (MFA) protocols without intercepting the user’s credentials. The platform allows less-skilled attackers access to AI-generated phishing lures, automated campaign templates, real-time targeted individual/entity tracking dashboards, and OAuth token capture capabilities. Learn more about how the scam works and review recommendations on how to protect yourself: ic3.gov/PSA/2026/PSA26…

@HarmanR46242462 @FBICyberDiv @FBI Just ignore them, all of those bots are just scams.