baas

New leaked Epstein documents show the FBI removed the hard drive from the prison's camera system and wiped all footage from the night Jeffrey Epstein was murdered..

I just pwned Redelegate on Hack The Box labs.hackthebox.com/achievement/ma…

I just pwned Breach on HackTheBox labs.hackthebox.com/achievement/ma…

I just pwned Phantom on HackTheBox labs.hackthebox.com/achievement/ma…

Today @GoogleMaps is getting its biggest upgrade in over a decade. By combining our Gemini models with a deep understanding of the world, Maps now unlocks entirely new possibilities for how you navigate and explore. Here’s what you need to know 🧵

I just pwned Shibuya on Hack The Box labs.hackthebox.com/achievement/ma…

Introducing the new /crawl endpoint - one API call and an entire site crawled. No scripts. No browser management. Just the content in HTML, Markdown, or JSON.

New in Claude Code: Remote Control. Kick off a task in your terminal and pick it up from your phone while you take a walk or join a meeting. Claude keeps running on your machine, and you can control the session from the Claude app or claude.ai/code

‼️Breaking: ShinyHunters just claimed responsibility for the Odido + BEN breach. Shiny told us Odido "lied about their disclosure." The stolen data includes 21 million records of 8 million customers. The breach is far worse than thought. It includes: - Plaintext passwords (!) - Passport/driver's license numbers - IBANs - Addresses - Emails - Internal documents - Source code

Today, we’re introducing Pomelli’s latest feature update, ‘Photoshoot’ With Photoshoot, you can start from a single image of your product and easily create high quality, customized product shots to elevate your marketing. Available free of charge in the US, Canada, Australia & New Zealand! Get started with Pomelli today at labs.google/pomelli

Down to a handful of errors in the recovered pdf!

Introducing Cowork: Claude Code for the rest of your work. Cowork lets you complete non-technical tasks much like how developers use Claude Code.

MongoBleed (CVE-2025-14847) is basically Heartbleed for MongoDB - unauthenticated memory disclosure - public POC, trivial to exploit - leaks creds, tokens, cloud keys straight from RAM - huge exposed surface on the internet Good writeups and technical details here: doublepulsar.com/merry-christma… ox.security/blog/attackers… blog.ecapuano.com/p/hunting-mong… Patch fast, rotate secrets, and assume exposed instances were scanned(!)

4th hacker in 🇳🇱 to pass the CAPE exam #HTB #CAPE #HackTheBox

‼️ China's largest cybersecurity firm, Knownsec, was breached, exposing details of China's state cyber operations. The data includes cyberweapon documentation, internal hacking tool source code, and global target lists covering over 20 countries, including Japan, Vietnam, and India. A spreadsheet lists 80 hacked foreign organizations, plus evidence of 95 GB of stolen Indian immigration data and 3 TB of call records from South Korean mobile operator LG U Plus. One of the documents mention a malicious power bank, disguised as a charging device. Knownsec is key to China's cybersecurity, providing advanced defense and offensive capabilities, including espionage tools. A thread with their tools 🧵

Kerberos Constrained Delegation without Protocol Transition through a Resource-Based Constrained Delegation configured for a principal without Service Principal Names

Credential Guard was supposed to end credential dumping. It didn't. @bytewreck just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️ ghst.ly/4qtl2rm

HTB CAPE ✅ I'll be taking the exam soon