Jonas Vestberg

@_EthicalChaos_ I would not be surprised if it was more common to build a modular approach with modules written as PIC.

@_EthicalChaos_ This is a great question! I often think about this in relation to use of BOF execution.

For all the malware analysts out there, how often do you see more advanced tradecraft out there utilizing memory execution techniques like reflective loading, BOF execution, etc... used outside of simulated attack scenarios?

@Bugcrowd I thought it said "Bug Bunny" there for a while. That would have been something 😅

When they ask about my weekend plans Me:

@AndreaBarisani Where is the thermal exhaust port?

I want to go back in a world where documentation is like this.

This was a sweet vuln that we had muchos fun with during ops..... more 🔥 from @filip_dragovic

Priorities

In 1979 a name was needed for an European intelligence cooperation. They looked at the Maximator beer they were drinking and that became the name. Source: ‘Maximator: European signals intelligence cooperation, from a Dutch perspective’ Bart Jacobs  tandfonline.com/doi/full/10.10…

New blog post out: We built an AI Vishing system in 7 days to show that Scattered Spider's helpdesk campaigns can be automated at mass scale, easily. (clip included 🔊) labs.reversec.com/posts/2026/02/…

@PyroTek3 I love the misplaced irony of this movie. The author's fascism are passed as jokes. Great book. Great movie. Different reasons.

Movie time!

God save the Mullvad ads. This one got banned too, by The City of London. @rickygervais do you have any pro tips?

If you are running #Dynamicweb version 8 or 9, make sure you are on a supported version and deploy the latest version asap. cve.org/CVERecord?id=C…

New blog & exploit about CVE-2025-29969 - RCE by Yarin Aharoni @safebreach Labs. Findings allow: ---- * Checking arbitrary paths existence (unfixed!). * Writing files remotely (RCE). ---- On ALL Windows & Windows Server computers in the domain! Repo - github.com/SafeBreach-Lab…

CVE-2026-2731 Path traversal and content injection in JobRunnerBackground.aspx in DynamicWeb 8 (all) and 9 (<9.19.7 and <9.20.3) allows unauthenticated attackers to execute code via … cve.org/CVERecord?id=C…

@Wakedxy1 If you haven't discovered "CSRF to print-job" fun yet: well you are welcome 😁

During your pentest mission, please don’t make the same mistake I did. Add printer IPs to your exclusion list when running Nuclei. Otherwise, the printer will interpret every packet sent to port 9100 as a print job.

Is this what Cloud looks like?

CVE-2026-21508 - Windows LPE via arbitrary COM object initialization The vulnerability essentially works by forcing a process running as system and that uses the undocumented function Windows_Storage!_SHCoCreateInstance, to create an arbitrary COM object of our choice. For this to happen the object must be associated with an already registered COM class that supports CLSCTX_INPROC_SERVER. Arbitrary COM object creation is archived by manipulating a CoCreateInstance call first argument #pentest #cve #redteam #dfir #blueteam

@vxunderground You forgot to ping @x86matthew 🙂

> be me > find something interesting > poke with stick > interesting > google > find website that describes exactly what im doing > x86matthew HOW TF THIS MFER BEAT ME TO IT TWICE IN A ROW

Holy cow dude! Look at what the AI said on the social media for AI! Haha dude wow this is the singularity bro! Skynet bro! Generational psyop

Identity security in restricted environments shouldn’t be limited to periodic reviews. BloodHound Enterprise on-premises enables continuous Identity Attack Path Management without cloud connectivity. Learn more ➡️ ghst.ly/4bXPNQe

Why I never report vulnerabilities through @Hacker0x01 and @Bugcrowd 😆