mk0

279 posts

mk0 banner
mk0

mk0

@fancymalware

⠀ ⠀ ⠀ ⠀ meow ╱|、 ⠀ ⠀⠀ ⠀⠀⠀⠀⠀ (` - 7 ⠀ ⠀ ⠀ ⠀⠀⠀⠀⠀ |、⁻ \ ⠀ ⠀ ⠀⠀ ⠀ じしˍ,)ノ

void Katılım Haziran 2023
191 Takip Edilen82 Takipçiler
Sabitlenmiş Tweet
mk0
mk0@fancymalware·
I started digging into npm packages auth logic a few days ago and got my first critical CVEs ^^ #event-573678" target="_blank" rel="nofollow noopener">github.com/parse-communit…
English
1
1
8
377
mk0 retweetledi
SANS Offensive Operations
SANS Offensive Operations@SANSOffensive·
When your mindset shifts from “What tool or tactic should I use?” to “What will this action generate? How will it be seen?” you are advancing your #RedTeam operations❣️ #SEC665 teaches you to adapt your tradecraft, especially when it fails. 🧙 Read on: sans.org/cyber-security…
SANS Offensive Operations tweet media
English
1
11
36
2.5K
mk0 retweetledi
klez
klez@KlezVirus·
[TALK] My latest Black Hat Europe talk is now publicly available. If you can look past the painfully obvious anxiety and a speaker who occasionally sounds like his brain has stopped cooperating, you might find something useful. Who knows? youtube.com/watch?v=tOVcSc…
YouTube video
YouTube
English
5
38
152
12.8K
mk0 retweetledi
es3n1n
es3n1n@es3n1n·
Today, we’re releasing rCTF v2, an open-source platform for hosting cybersecurity capture-the-flag competitions.
es3n1n tweet mediaes3n1n tweet mediaes3n1n tweet mediaes3n1n tweet media
English
13
58
338
24.9K
mk0 retweetledi
Rapid7
Rapid7@rapid7·
In conducting a 0-day research project against #SharePoint, Rapid7 Labs discovered 2 new vulns that, when chained together, achieve RCE against a vulnerable server. Today, Rapid7 and Microsoft are disclosing CVE-2026-55040 – the first vuln in this chain: r-7.co/4f2HpQO
Rapid7 tweet media
English
1
66
235
23.8K
mk0 retweetledi
Kirill Firsov
Kirill Firsov@k_firsov·
I got permanently banned from @Hacker0x01. Account deleted. No explanation. Years of work gone overnight. Submission history, achievements, leaderboard ranks, every contribution I made to the security and crypto ecosystems through HackerOne. Wiped, like I was never there.
Kirill Firsov tweet media
English
69
70
710
132K
mk0 retweetledi
vx-underground
vx-underground@vxunderground·
My online alias is "smelly". It has slowly over the years mutated by people to be; "stinky", "smelly smellington", "crazy cat guy", "schnelli", "schmelly", etc. It is still mostly "smelly". It is not a cool or badass alias. However, the name was assigned to me from my wife. Ages ago my wife called me her "smelly man". She would walk into my office when I was working and, because room was small, poorly ventilated, and the door was closed, the room would get incredibly hot. I would get stinky from body odor. She would come in, kiss me on the cheek, call me her "smelly man", and give me a snack or something. I would then resume work. She has always been extremely supportive of my malware collecting, writing, reversing, etc. Hence, when I made vx-underground in 2019, and decided to start the journey of malware collecting and stuff, I said, "I need a cool name that is tough and everyone will think I'm totally awesome and badass". Then I remembered my wife called me "smelly"... so I went with that.
Precious@dsecuritygirlie

@vxunderground What's with the 'smelly' comments? This is the second time I'm seeing it. New here btw.

English
55
32
1.9K
77.4K
mk0
mk0@fancymalware·
@hxuu0 incredible work - gg!
English
1
0
1
4
mk0 retweetledi
Hxuu
Hxuu@hxuu0·
Sekai challenges done :) Moving onto the next thing. All web writeups can be found here: vhxuu.xyz/tags/sekai26/
English
1
1
4
61
mk0
mk0@fancymalware·
@MushroomWasp will read this rn - congrats! :3
GIF
English
0
0
2
30
mk0 retweetledi
Smukx.E
Smukx.E@5mukx·
Defeating Windows DEP Using ROP Chains Leveraging VirtualAlloc TLDR: Windows Exploit Development Certification Notes and hands-on research focusing on exploitation and protection bypass techniques. Best for OpSeC Exams & real world References. Blog:- screetsec.com/blog/defeating…
Smukx.E tweet media
English
3
52
259
10K
mk0 retweetledi
Nightmare Eclipse
Nightmare Eclipse@ChaoticEclipse0·
New blog about some recent findings in Windows Defender blog.projectnightcrawler.dev/posts/2026-07-… It seems to be leaking few bytes when attempting to open some files + visiting a malicious SMB (possibly webdav too) can cause Defender to completely exhaust your disk space.
English
6
64
478
22.9K
mk0 retweetledi
𝕡𝕨𝕟𝕚𝕖
A researcher discovered a vulnerability in ETW, the Event Tracing for Windows system that underpins most of Windows’ security tooling. The bug caused a kernel pointer to be returned to usermode callers. Microsoft had tried to fix the issue by zeroing out the pointer, but they used a 4-byte write instead of clearing the full 8-byte value. This left the upper half of the kernel address intact and fully leakable. The researcher reported the bug. Microsoft initially classified it as Important but refused to pay a bounty for it. Later they marked it as “won’t fix.” The researcher noted that fixing the issue would have taken less time than writing the email declining to address it. It was eventually assigned CVE-2021-24107 and patched.
𝕡𝕨𝕟𝕚𝕖 tweet media𝕡𝕨𝕟𝕚𝕖 tweet media𝕡𝕨𝕟𝕚𝕖 tweet media
English
2
45
274
30.2K
mk0 retweetledi
Nightmare Eclipse
Nightmare Eclipse@ChaoticEclipse0·
Wake me up when it's patch tuesday
Nightmare Eclipse tweet media
English
5
14
392
10.2K
mk0 retweetledi