Dominic Chell 👻

Yippie Two new Microsoft Windows 0days. The exploits have cool and badass mysterious names to be extra spoopy - GreenPlasma: Windows CTFMON Arbitrary Section Creation Elevation of Privileges Vulnerability - YellowKey: Bitlocker Bypass Vulnerability github.com/Nightmare-Ecli…

Two more zerodays - deadeclipse666.blogspot.com/2026/05/two-mo…

Big news for Blue Team nerds That nerd who released those Microsoft 0days has created two new repos on GitHub with spooky sounding names indicating they will be releasing two new Windows 0days. Very cool github.com/Nightmare-Ecli…

💥 Introducing "Dirty Frag" A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail. No race, no panic on failure, fully deterministic. ~9 years latent. Ubuntu / RHEL / Fedora / openSUSE / CentOS / AlmaLinux, and more. Even if you've applied the "Copy Fail" mitigation, your Linux is still vulnerable to "Dirty Frag". Apply the Dirty Frag mitigation. Details: dirtyfrag.io

homebrew is a supply chain disaster waiting to happen

Vous avez aimé copy.fail une veille de jour férié? Vous allez sans doute adorer dirtyfrag, une veille de jour férié. Encore une Local Privilege Escalation 0Day sous Linux. Ça fonctionne sous plusieurs machines que j'ai essayées github.com/V4bel/dirtyfrag

Download our 142-page #EasterBunny report (open access): EasterBunny: advanced espionage artifacts attributed to APT29 lab52.io/blog/easterbun… #APT29

Rachel Reeves promised an "iron-clad commitment" not to raise taxes on working people. She has raised them 52 times in 509 days..... Here is what has actually been raised so far: 🔴Employer National Insurance up from 13.8% to 15%, threshold cut from £9,100 to £5,000 🔴Capital gains tax lower rate up from 10% to 18%, higher rate from 20% to 24% 🔴Stamp duty surcharge on second homes up from 3% to 5% 🔴VAT added to private school fees from January 2025 🔴Inheritance tax now applies to pensions from 2027 🔴Inheritance tax reliefs on farms and family businesses capped at £1m from this April 🔴AIM shares inheritance tax up from 0% to 20% 🔴Council tax average band D up £111 this year, the largest cash rise since 2003 🔴Dividend tax up 2% 🔴Savings tax to follow in April 2027 🔴Income tax thresholds frozen for an extra three years from 2028 That is one new tax every ten days. The total bill runs to £60.3 billion by the end of the decade, roughly £2,000 more per household After her own budget, Reeves admitted working people would "pay a bit more." The UK is now on track for the highest tax burden in peacetime history. Britain is getting more expensive to live in by design Which of these has hit you hardest? Follow me to stay informed

@FlUxIuS @_RastaMouse That's why @_RastaMouse keeps all his cash in briefcases under the bed

@_RastaMouse @domchell Next maybe paying taxes on unrealized business for companies

@domchell we're cooked bro

@FuzzySec @_RastaMouse We'll be there in September with @MarcOverIP and @StanHacked if you care you join 👀

@domchell @_RastaMouse Come to Barcelona, because of Beckham we have an interesting law here 😉

Associated blog: linkedin.com/pulse/afalg-pa…

A gift from sgrakkyu: github.com/sgkdev/page_in…

@Jean_Maes_1994 @_RastaMouse I hope so looking at my crypto portfolio 😭

@domchell @_RastaMouse Declare costs to offset whatever gains you would have made basically. This is becoming the US tax model fast. That said, I am unsure if netherlands will actually invoke this. Taxing on unrealized gains is full on lunatic mode. Does that mean you get returns on unrealized losses?

@Jean_Maes_1994 @_RastaMouse So your proposal is to realise the asset to invest in other unrealised assets? 😂

@_RastaMouse @domchell Buy real estate and declare depreciation for tax breaks or buy yourself a datacenter as business expense. Whatever floats your boat.

One month to go until the next public edition of my Entra ID course in The Hague. Working on some roadrecon and roadtx updates from my backlog, and new content on agent identities! Tickets are still available via events.outsidersecurity.nl/entra-26-07/

In his latest research, @_xpn_ tears apart VS Code Dev Tunnels and finds a C2 framework underneath — REST → WebSocket → SSH → MsgPack RPC, remote exec, file ops. Find the Ouroboros tool and protocol breakdown at the link! 👇 ghst.ly/4mZ4arb

@Con_Crypto_ @_xpn_ Bet your fun at parties

@_xpn_ Yeah but it was hyperbolically wrong too so 🤷🏽‍♂️

Using a LLM and proclaiming that your are now a "Programmer" is like me watching a YouTube video on installing a thermostat and declaring myself a "Gas Engineer".. Wind your necks in people!