Andre Espirito Santo

4.3K posts

Andre Espirito Santo

@aesanto

Tech-savvy blogger wannabe. Architecture, Data, CyberSecurity & AI. https://t.co/h62baAl1yC… .

Oporto, Portugal Katılım Eylül 2014

2.2K Takip Edilen391 Takipçiler

Andre Espirito Santo retweetledi

FC Porto@FCPorto·1d

Supertaça ⚽️ FC Porto 🆚 Torreense

Português

987

7.9K

207.8K

Andre Espirito Santo retweetledi

Charly Wargnier@DataChaz·9 May

🚨 someone just dropped a full 10-stage academic research pipeline for Claude Code. It doesn’t write your paper for you, it hunts references, formats citations, verifies data, and even runs a "devil's advocate" agent to attack your own thesis. Here's why it's a massive deal for academics: → Anti-AI Voice: Learns your specific writing style. →Integrity Gates: Actively hunts down fabricated citations and statistical errors. →Simulated Peer Review: Runs your draft through a 7-agent panel (including a Devil’s Advocate). →Cheap: A full 15k-word paper costs ~$4–$6 in API credits. Best part? It's 100% free and open-source. Install in 30s: `/plugin install academic-research-skills` repo in 🧵↓

English

172

1.2K

87.7K

Andre Espirito Santo@aesanto·17 May

Já devemos estar a viver todos em marte por esta altura... Nova via externa e soterramento da AEP: os projetos que prometem mudar o trânsito no Porto - SIC Notícias share.google/si1XARsl9uHJdd…

Português

Andre Espirito Santo retweetledi

Gray Hats@the_yellow_fall·11 May

Apache CloudStack patches important flaws (CVE-2026-25199, CVE-2026-25077) enabling VM hijacking and KVM host RCE. Secure your cloud environment now. #CloudStack #ApacheCloudStack #CloudSecurity #InfoSec #CyberSecurity #KVM #Proxmox #DevOps securityonline.info/apache-cloudst…

English

1.3K

Andre Espirito Santo retweetledi

FC Porto@FCPorto·10 May

𝗙𝗨𝗧𝗘𝗕𝗢𝗟 𝗖𝗟𝗨𝗕𝗘 𝗗𝗢 𝗣𝗢𝗥𝗧𝗢. 𝗖𝗔𝗠𝗣𝗘𝗔̃𝗢 𝗘𝗨𝗥𝗢𝗣𝗘𝗨 𝗗𝗘 𝗛𝗢́𝗤𝗨𝗘𝗜 𝗘𝗠 𝗣𝗔𝗧𝗜𝗡𝗦 ⭐💙 #FCPortoHoquei

Português

920

4.1K

100.7K

Andre Espirito Santo retweetledi

Hunter@HunterMapping·9 May

🚨Alert🚨 CVE-2026-23918 : Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. 📊 3.8K+ Services are found on the hunter.how yearly. 🔗Hunter Link:test-how.hunter.qianxin-inc.cn/list?searchVal… 👇Query HUNTER : product.name="Apache HTTP Server"&&product.name="HTTP/2" 📰Refer:thehackernews.com/2026/05/critic… httpd.apache.org/security/vulne… #hunterhow #infosec #infosecurity #OSINT #Vulnerability

H4x0r.DZ 🇰🇵@h4x0r_dz

Reproducing a Double Free RCE in Apache CVE-2026-23918 on the most used software on the internet with one prompt that costs like $0.001 via DeepSeek is scary as hell. Now, anyone with zero knowledge can hack the internet. (Not default installs though. You need mod_http2 enabled.)

English

137

15.9K

Andre Espirito Santo retweetledi

Techjunkie Aman@Techjunkie_Aman·6 May

This Docker container boots a full Android phone. Not a simulator. A real Android emulator running entirely inside Docker: • KVM acceleration for near native emulator performance • GPU acceleration support for smoother rendering and testing • Google Play Store emulator images built in • remote ADB access directly over the network • scrcpy support for low latency remote control • customizable Android API levels and device presets • persistent AVD storage support between container restarts • fully headless operation for CI/CD environments How it works: • build or pull the Docker image locally • mount the host KVM device into the container • expose port 5555 for remote ADB connectivity • connect instantly using normal adb commands • control the Android screen remotely with scrcpy Supports: • Android API 28 up to API 33+ builds • Google APIs and full Play Store variants • x86 and x86_64 Android emulator images • Docker Compose setups for scalable deployments Android phones are slowly becoming cloud infrastructure.

English

251

21.6K

Andre Espirito Santo retweetledi

Vivek | Cybersecurity@VivekIntel·6 May

Palo Alto Networks warns of firewall RCE zero-day exploited in attacks bleepingcomputer.com/news/security/…

English

564

Andre Espirito Santo retweetledi

Gray Hats@the_yellow_fall·6 May

Palo Alto Networks confirms CVE-2026-0300 is being exploited in the wild. The 9.3 CVSS flaw allows unauthenticated root RCE. Secure your PAN-OS firewalls now! #PaloAltoNetworks #PANOS #CVE #CyberSecurity #InfoSec #RCE #ActiveExploitation #Firewall securityonline.info/palo-alto-netw…

English

2.6K

Andre Espirito Santo retweetledi

BuBBliK@k1rallik·5 May

do you understand what just happened to your computer.. Google Chrome secretly downloaded a 4GB AI model onto your device. Without asking.. Without telling you.. It's called weights.bin. It lives deep in your system folders. It powers Gemini Nano - Google's on-device AI. And if you delete it? Chrome re-downloads it automatically. Like nothing happened. Just Google deciding your hard drive is their storage unit. At 1 billion Chrome users - that's 4 BILLION gigabytes of data pushed silently across the internet. The carbon footprint alone equals tens of thousands of cars running for a year. Check your disk right now: 📁 %LOCALAPPDATA%\Google\Chrome\User Data\OptGuideOnDeviceModel To stop it: chrome://flags → disable Optimization Guide On Device Model → restart Chrome → delete the folder. Reshare so people know what's sitting on their computers.

Pirat_Nation 🔴@Pirat_Nation

Google Chrome is quietly downloading a roughly 4 GB AI model to many users’ computers without clear upfront consent. The file, called weights.bin, is part of Google’s Gemini Nano on-device language model and lands in the browser’s user data folder under OptGuideOnDeviceModel. It powers built-in AI tools such as “Help me write,” smarter tab suggestions, on-device scam detection, and page summarization. The download triggers automatically for devices meeting minimum hardware requirements, and Chrome often replaces the files if deleted. While the model processes data locally, installation happens in the background with minimal notification. The scale is noteworthy. Hundreds of millions or billions of installations add up to thousands of tonnes of carbon emissions globally from data transfer, even though each is a one-time event. To prevent or remove it, go to chrome://flags, disable the entries for the optimization guide on-device model and Prompt API, restart the browser, and manually delete the folder.

English

1.3K

18.5K

54.9K

4.5M

Andre Espirito Santo retweetledi

Cyber Security News@The_Cyber_News·6 May

🚨 Critical Palo Alto Firewalls Vulnerability Exploited in the Wild to Gain Root Access Source: cybersecuritynews.com/palo-alto-fire… Palo Alto Networks has disclosed a critical buffer overflow vulnerability in PAN-OS software, tracked as CVE-2026-0300, that is already being actively exploited in the wild. The flaw carries a CVSS 4.0 score of 9.3 (CRITICAL) and allows unauthenticated attackers to execute arbitrary code with full root privileges on affected PA-Series and VM-Series firewalls, with no credentials, no user interaction, and no special conditions required. The vulnerability resides in the User-ID™ Authentication Portal (also known as Captive Portal) service of PAN-OS. The vulnerability impacts multiple PAN-OS versions across PA-Series and VM-Series firewalls. #cybersecuritynews #vulnerability

English

189

600

82.1K

Andre Espirito Santo retweetledi

Cyber Security News@The_Cyber_News·5 May

🛡️ Critical Android Zero-Click Vulnerability Grants Remote Shell Access Source: cybersecuritynews.com/android-zero-c… Google has published the May 2026 Android Security Bulletin, alerting the ecosystem to a highly severe remote code execution (RCE) flaw. Tracked as CVE-2026-0073, this critical vulnerability resides deep within the core Android System component. It allows an attacker to gain remote shell access without requiring a single tap, download, or click from the device owner. Threat actors can launch this zero-click attack proximally, meaning they only need to be on the same local network or in physical proximity to exploit a vulnerable mobile device. #cybersecuritynews #Android

English

317

1.2K

109.3K

Andre Espirito Santo retweetledi

Gray Hats@the_yellow_fall·5 May

Public PoC exploit released for OPNsense! A critical root-level RCE and lockout bypass allow total firewall takeover. Upgrade to OPNsense 26.1.7 immediately. #OPNsense #RootRCE #PoC #CyberSecurity #InfoSec #Firewall #Vulnerability #PatchAlert securityonline.info/opnsense-root-…

English

264

26.5K

Andre Espirito Santo retweetledi

Gray Hats@the_yellow_fall·5 May

Apache releases v2.4.67 to fix an HTTP/2 Double Free RCE (CVE-2026-23918) and auth bypasses. Millions of servers are affected—upgrade your infrastructure now! #Apache #RCE #CyberSecurity #InfoSec #WebServer #PatchAlert #SysAdmin #CVE202623918 securityonline.info/apache-http-se…

English

3.9K

Andre Espirito Santo retweetledi

Cyber Security News@The_Cyber_News·5 May

⚠️ Critical Apache HTTP Server Flaw Exposes Millions of Servers to RCE Attacks Source: cybersecuritynews.com/apache-http-se… The Apache Software Foundation has released a critical security update for Apache HTTP Server, patching five vulnerabilities, including a dangerous double-free flaw capable of enabling Remote Code Execution (RCE) in version 2.4.67, released on May 4, 2026. All users running version 2.4.66 or earlier are strongly urged to upgrade immediately. The most severe of the five vulnerabilities is CVE-2026-23918, rated High with a CVSS base score of 8.8. The flaw is a double-free memory corruption bug triggered within Apache's HTTP/2 protocol implementation during an "early stream reset" sequence. #cybersecuritynews #vulnerability

English

664

2.1K

298.8K

Andre Espirito Santo retweetledi

Guri Singh@heygurisingh·3 May

There's a GitHub repo with 323K stars that lists every free API on the internet. The same repo every senior developer has bookmarked but never tells juniors about. It's called Public APIs. 1,500+ free endpoints, organized by category, with auth type and HTTPS status documented for every single one. Here's what's actually in there: → Finance, crypto, stocks, and banking data → Weather, geocoding, maps, and transportation → Books, music, movies, anime, and games → Machine learning, OCR, and sentiment analysis → Government data, open datasets, news, and health → Calendars, currency, security, sports, and dev tools Every entry tells you exactly what you need before you click. Auth type. CORS status. HTTPS support. Direct link to the docs. The dirty secret of the API economy is sitting in plain sight here. Half the $99/month tools on the market are wrapping free endpoints from this repo and selling them back to you with a dashboard. Solo devs are shipping entire products on the free tier of these APIs. Senior engineers know. Juniors are out there paying RapidAPI subscriptions for endpoints that have been free this whole time. 323K stars. MIT License. 100% Opensource.

English

282

132K

Andre Espirito Santo retweetledi

Vivek | Cybersecurity@VivekIntel·3 May

🕸 𝗢𝗪𝗔𝗦𝗣 𝗡𝗲𝘁𝘁𝗮𝗰𝗸𝗲𝗿 — 𝗔𝘂𝘁𝗼𝗺𝗮𝘁𝗲𝗱 𝗣𝗲𝗻𝘁𝗲𝘀𝘁𝗶𝗻𝗴 𝗙𝗿𝗮𝗺𝗲𝘄𝗼𝗿𝗸 Automates recon + vulnerability assessment • Port scanning, service detection, subdomain enum • Multi-protocol (HTTP, FTP, SSH, SMB, etc.) • Modular + multithreaded scanning • Credential brute-force + fuzzing support • Reports (HTML, JSON, CSV) • CLI, REST API, Web UI • Built-in DB + drift detection Use only with proper authorization github.com/OWASP/Nettacker #Pentesting #BugBounty #CyberSecurity

English

362

15.7K

Andre Espirito Santo retweetledi

Co11ateral@co11ateral·2 May

The Autonomous Penetration Testing Standard and its significance hackers-arise.com/artificial-int… @three_cube @_aircorridor #ai

English

223

10.9K

Andre Espirito Santo retweetledi

FC Porto@FCPorto·3 May

O CAMPEÃO VOLTOU! 💙

Português

1.2K

6.1K

68.6K

Andre Espirito Santo retweetledi

Vivek | Cybersecurity@VivekIntel·2 May

💉 Advanced SQL Injection Cheatsheet — SQLi Reference • MySQL, MSSQL, PostgreSQL, Oracle • Error, Union, Blind, Time-based • WAF bypass • LFI via SQLi • Privilege escalation • Payload tricks Flow: Find → Analyze → Bypass → Dump github.com/kleiton0x00/Ad… ⚠️ Authorized use only #SQLi #CyberSecurity

English

273

11.2K

Keşfet

@three_cube @_aircorridor @elonmusk @BarackObama @taylorswift13 @cristiano @BillGates @NASA