MS Ahmed
999 posts
MS Ahmed
@lanze_codes
Building Agentic Workflows for Web3. 5k+ Freelance reviews. I help devs transition from 'Code-Monkeys' to 'Architects.' 🛠️
Abuja, Nigeria Katılım Aralık 2023
618 Takip Edilen567 Takipçiler
‼️A full-chain one-click exploit for iOS 18 through 18.7, bundled with a bonus stealer called "GHOSTBLADE," is allegedly being sold on a popular cybercrime forum.
‣ Threat Actor: rosestealer
‣ Category: Exploit / Malware
‣ Name: "EL Muncho" Full-Chain Exploit + GHOSTBLADE Stealer
‣ Target: iOS 18 to 18.7
‣ Price: $50,000 (negotiable)
Full-chain exploit stages:
01 - RCE in Safari:
Victim loads a malicious page (one-click) resulting in Remote Code Execution inside the Safari process.
02 - Double Sandbox Escape:
Escape WebContent sandbox to GPU Process to mediaplaybackd (higher privileges).
03 - Kernel Privilege Escalation:
Full kernel read/write, complete control over the device.
04 - Post-Exploitation:
Runs the GHOSTBLADE Stealer, injecting payload into a high-privilege process. All data exfiltrated back to C2.
GHOSTBLADE Stealer dumps:
▪️ sms.db
▪️ ChatStorage.sqlite (WhatsApp)
▪️ Keychain / Passwords
▪️ Wi-Fi Passwords
▪️ iCloud Files
▪️ Telegram Data (messages, Axolotl.sqlite)
▪️ Device Keychain (passwords, Wi-Fi, auth tokens, saved logins)
▪️ Safari Browsing History, Cookies, and Saved Passwords
▪️ Signed-in Accounts and Device/Account Identifiers
▪️ SIM Card / Cellular Information
▪️ Full Location History
▪️ Saved/Known Wi-Fi Networks and Passwords
▪️ Find My iPhone Settings and Location Services Data
▪️ Photos (including metadata, hidden photos, screenshots)
▪️ iCloud Drive Files
▪️ Notes Database, Calendar Database
▪️ Health Data (Apple Health app)
▪️ Cryptocurrency Wallet and Exchange Data (Coinbase, Binance, MetaMask, Ledger, Trezor, Exodus, Phantom)
▪️ Keychain Items Related to Banking/Financial Apps
Operates as hit-and-run with data exfiltrated to C2 and traces/logs deleted automatically.
English
I’ll say it loudly: I’d trade a UCL final run for the Premier League trophy in a heartbeat. 🏆
You can’t conquer Europe until you’ve truly conquered England.
20 years is too long. The league isn't just a trophy anymore; it’s a necessity for our soul.
#COYG #AFC #PremierLeague
English
You think you can break my heart?
Lmao Jokes on you bro I support
Arsenal😭😭😭💔
English
PAST QUESTIONS ALERT
Compilation of Past Questions for Graduate Trainee Program Exams for:
Big 4 (PwC, KPMG, Deloitte and EY)
NNPCL
NLNG
SEPLAT
FUGAZ BANKS (First Bank, UBA, GTBank, Access Bank and Zenith Bank)
GMAT
And many more
Here: drive.google.com/drive/folders/…
English
MS Ahmed retweetledi
Registration is officially OPEN for #ArewaTwitterConnect – Spotlight on Kano!
Join young leaders, innovators, and changemakers shaping the future. Don’t miss out, secure your spot today!
26th April 2026
Amani Event Center, Kano
#ArewaTwitterConnect #NorthernYouthPower #ExecutionMatters #YouthDevelopment
English
The P2P struggle is real. Sold crypto, got reported by a malicious buyer, and @joinkuda placed a lien on my account.
I took the high road, saved up for 2 months, and paid back the disputed amount just to get my account back. It’s been weeks since the payment was made, yet the restriction remains.
Is this the reward for compliance?
I need my account cleared.
@joinkuda, let’s get this sorted. 💳
#Kuda #P2P
English
I built an app because I was addicted to shorts and Reels.
Just 2 weeks after launch → already over 2,800 installs.
Get the app here: play.google.com/store/apps/det…
English
🚨Cyber Alert ‼️
🇳🇬Nigeria - 𝗡𝗡𝗣𝗖 𝗛𝗲𝗮𝗹𝘁𝗵 𝗠𝗮𝗶𝗻𝘁𝗲𝗻𝗮𝗻𝗰𝗲 𝗢𝗿𝗴𝗮𝗻𝗶𝘀𝗮𝘁𝗶𝗼𝗻
XP95 hacking group claims to have breached NNPC Health Maintenance Organisation.
Threat actor: XP95
Sector: Financial / Insurance
Data exposure (claimed): 200,000 user records
Data type: Personal data
Observed: Apr 08, 2026
Status: Pending verification
ESIX©: 5.73
Full details and impact assessment on HackRisk.io
English
