eleven red pandas

45.5K posts

eleven red pandas

@bytecodevm

Hey @bytecodevm (eleven red pandas 🐼🐼🐼🐼🐼🐼🐼🐼🐼🐼🐼), got any spicy bytecode / VM / language implementation / JIT / music

Bagnes, Switzerland Katılım Kasım 2010

826 Takip Edilen1.8K Takipçiler

eleven red pandas@bytecodevm·23h

#NGINX Rift is a heap overflow in the rewrite module that may crash workers or enable #RCE under specific configs. Public #PoC exists, so patching and config audits are urgent. core-jmp.org/2026/05/nginx-…

English

133

eleven red pandas@bytecodevm·1d

A trojanized HWMonitor archive abuses DLL sideloading with malicious CRYPTBASE.dll to launch multi-stage in-memory loaders and deploy STX RAT. core-jmp.org/2026/05/hwmoni…

English

eleven red pandas@bytecodevm·1d

A practical look at DLL sideloading and proxying: how attackers abuse trusted Windows executables to load malicious DLLs while keeping the app running normally. core-jmp.org/2026/05/dll-si…

English

eleven red pandas retweetledi

Modat@modat_magnify·1d

CVE-2026-44578 ⚠️ Next.js – WebSocket Upgrade SSRF (CVSS 8.6) A server-side request forgery vulnerability in Next.js allows unauthenticated attackers to force self-hosted instances to make internal HTTP requests via the WebSocket upgrade handler. By sending a crafted absolute-form HTTP request with Upgrade: websocket headers, attackers can access internal services, cloud metadata endpoints, admin panels, and internal APIs reachable from the Next.js server on port 80. Successful exploitation may expose cloud credentials, API keys, secrets, and configuration data. Affected: Next.js 13.4.13+, 14.x, 15.x <15.5.16, 16.0.0–16.2.4 Mitigation: Upgrade immediately to 15.5.16 or 16.2.5. Modat Magnify Query: technology="Next.js" The platform: magnify.modat.io #threatintel #vulnerability #CVE202644578 #Nextjs #SSRF #WebSocket #CloudSecurity #infosec #Critical #ModatMagnify

English

404

2.3K

1.4M

eleven red pandas retweetledi

Smukx.E@5mukx·1d

DLL Sideloading & Proxying for Advance Red Team Engagements TL;DR: This blog will introduce DLL Sideloading and Proxying for advance red team engagements for starters. Blog:- zerotracelab.com/blog/dll-sidel… #redteam #windows

English

277

eleven red pandas retweetledi

International Cyber Digest@IntCyberDigest·1d

🚨 Google Project Zero just published a Pixel 10 zero-click to root exploit chain. Two vulnerabilities and less than a day of work to weaponize the second one. Chain: - Stage 1: same Dolby UDC zero-click (CVE-2025-54957) used against the Pixel 9. Patched in January 2026. Only minor offset updates and a tweak around RET PAC needed to port to Pixel 10 - Stage 2: a brand new local privilege escalation in the VPU driver for the Chips&Media Wave677DV on the Tensor G5 Result: arbitrary kernel read/write in 5 lines of code. Full exploit written in under a day.

English

811

60.3K

eleven red pandas retweetledi

Dark Web Informer@DarkWebInformer·1d

‼️ CVE-2026-42945: RCE Proof of concept for CVE-2026-42945, a critical heap buffer overflow in NGINX's ngx_http_rewrite_module introduced in 2008 GitHub: github.com/depthfirstdisc…

English

312

34.3K

eleven red pandas retweetledi

Varik@D4RK7ET·1d

PoC for CVE-2026-2005 - PostgreSQL pgcrypto Heap Overflow Exploit github.com/var77/CVE-2026… #CVE20262005 #PostgreSQL #pgcrypto #Exploit #PoC #pwn

GIF

English

136

8.8K

eleven red pandas retweetledi

Nicolas Krassas@Dinosn·4d

Positron: DLL injection based runtime JS injection toolkit for Electron(v8) apps on Windows github.com/qiufuyu123/Pos…

English

2.6K

eleven red pandas retweetledi

0x12 Dark Development@Salsa12__·1d

Also we got the read primitive from the same trickster0 post trickster0.github.io/posts/Primitiv…

English

928

eleven red pandas retweetledi

Smukx.E@5mukx·1d

Automating MS-RPC vulnerability research TL;DR: Diving into the MS-RPC protocol and how to automate vulnerability research using a fuzzing approach. Blog:~ incendium.rocks/posts/Automati… #Fuzzing

English

3.8K

eleven red pandas retweetledi

IT Cat ✈️@itcaat·2d

Шо опять? 😈 Пару часов назад Уильям Боулинг и команда V12 выложила свежайший эксплойт для повышения привилегий – Fragnesia. Фикс: rmmod esp4 esp6 rxrpc printf 'install esp4 /bin/false\ninstall esp6 /bin/false\ninstall rxrpc /bin/false\n' > /etc/modprobe.d/dirtyfrag.conf

11.7K

eleven red pandas@bytecodevm·2d

A LiteLLM 1.83.14 exploit chain leaks the master key through callback metadata, then abuses non-sandboxed Jinja2 GitLab prompts to achieve server-side RCE. core-jmp.org/2026/05/from-a…

English

eleven red pandas@bytecodevm·2d

A deep dive into CVE-2026-45185: an unauthenticated Exim RCE where one stale TLS/BDAT ungetc() byte corrupts freed memory and leads to exploitation. core-jmp.org/2026/05/one-ne…

English

200

eleven red pandas@bytecodevm·2d

A Windows kernel research technique that uses Microsoft PDB symbols to resolve offsets dynamically, avoiding hardcoded values and manual WinDBG work across builds. core-jmp.org/2026/05/no-mor…

English

109

eleven red pandas@bytecodevm·2d

A hands-on guide to building a basic Windows EDR with a kernel driver, callbacks, static analysis, DLL injection, and hooks to detect remote shellcode injection. core-jmp.org/2026/05/buildi…

English

107

eleven red pandas@bytecodevm·2d

A Windows injection technique that builds remote read/write/allocation primitives with limited process rights, reducing classic RPM/WPM telemetry and noisy access flags. core-jmp.org/2026/05/proces…

English

106

eleven red pandas@bytecodevm·2d

run only in vm/sandbox

Hasan Toor@hasantoxr

I'm done paying $500 a month for anti-detect browsers after finding this. It's called CloakBrowser. A stealth Chromium that scores 0.9 on reCAPTCHA v3 (same as a real human) and passes 14 out of 14 bot detection tests. - Auto-resolves Cloudflare Turnstile - Beats FingerprintJS and BrowserScan - TLS fingerprint identical to real Chrome - Drop-in Playwright replacement (one line swap) 100% Opensource. MIT License. What you usually pay for vs CloakBrowser: Bright Data scraping browser → $500+/month Browserless stealth tier → $200+/month Custom anti-detect builds → $10K+ engineering CloakBrowser → pip install, 200MB binary, done. The reason it actually works: Most stealth libraries (playwright-stealth, undetected-chromedriver, puppeteer-extra) inject JavaScript or tweak flags. Every Chrome update breaks them. Antibot systems detect the patches themselves. CloakBrowser patches Chromium's C++ source code in 16 places. Canvas, WebGL, audio fingerprint, fonts, hardware concurrency, GPU vendor strings, WebDriver flag, TLS fingerprint. All compiled into the binary. Detection sites see a real browser because it is a real browser. Stock Playwright scores 0.1 on reCAPTCHA v3. CloakBrowser scores 0.9. Same code. Same API. One import change.

English

188

eleven red pandas retweetledi

Joruno@wsl8297·3d

Windows 自带的任务管理器，日常结束卡死进程还凑合；但一遇到更深层的排障需求——比如线程死锁、被占用的文件句柄——就明显不够看了。我在 GitHub 挖到一个开源利器：TaskExplorer。一款偏“专业级”的任务管理工具，不止看占用，更能把应用内部在做什么摊开给你看。它主打高效的单窗口布局：点选进程，底部立刻呈现线程堆栈、内存编辑、文件句柄、网络 Socket 等关键细节，一屏把信息讲透。实时刷新也很到位：磁盘读写位置、网络连接速率一目了然，甚至支持直接卸载或注入 DLL 模块。 GitHub：github.com/DavidXanatos/T… 项目基于 Qt 开发，底层用到 SystemInformer 的驱动技术；目前支持 Windows 7 及以上，后续还有移植 Linux 的计划。如果你经常做系统级监控、性能定位、故障排查，这类工具会比传统任务管理器顺手得多。

中文

127

678

47.1K

eleven red pandas retweetledi

Tom Dörr@tom_doerr·3d

Collection of GPT jailbreaks, prompt injections, and super prompts github.com/CyberAlbSecOP/…

English

127

814

33.8K

Keşfet

@elonmusk @BarackObama @taylorswift13 @cristiano @BillGates @NASA @nikifrancismediavine @katyperry