Himanshu Kohli

Look at Chavara on the attached map. In 1909, a German chemist named C.W. Schomberg was walking on these very beaches. He noticed a strange, shimmering black tint in the sand. Most locals thought it was just dirt. Schomberg, a man with a trained eye, realized he was standing on Monazite, the world’s richest source of Thorium. He quietly started shipping the sand back to Germany under the guise of ballast for ships. By the time the British realized what was happening, Germany had built a secret stockpile of Indian Thorium that they hoped would power their future industrial & potentially weaponized ambitions. India’s sand was literally the hidden fuel of the early 20th-century German labs. Also, there is a mineral in that Odisha-Andhra corridor called Zircon. We cannot build a modern nuclear reactor/a stealth jet w/o it. For yrs, Sand Smuggling has been a high-stakes, dangerous underground industry in these corridors. Because a single ton of concentrated sand from these specific blue zones can be worth more than its weight in silver to a country trying to build a secret nuclear program. Image Source: @SputnikInt

Nida Khan aka 'Lady Don', 'Lady Boss', the AGM HR, protected her co-religeonists so well that Nashik City Police was forced to send 7 women constables in disguise to unearth the sordid & systematic subjugation of Hindu girls/women employees with TCS Nashik Branch. She is untraceable. #TCS

Dear @TCS , I couldn’t find any disclosures in your financial statements about funding to entities like AltNews, Zubair, Mehdi Hassan, or certain Ivy League universities that often speak against our nation or Hindus. Could you clarify which annexure covers this or its private?

Shocking details coming on TCS Nashik Case: 1. Police sources say Tata and TCS Senior Management did everything they could to prevent the case from being filed. 2. Once it went viral, the media was subtly informed that if they wanted Tata advertising revenue to continue, they should not mention TCS by name. 3. TCS in a statement said that it maintains a "zero-tolerance policy" and that the employees under probe have been suspended. 4. Victims reportedly claimed they approached the company's HR earlier, but no action was taken. TCS has remained silent on this allegation. 5. Police already arrested 6 in this case. All were managers and engineers. Asif Ansari, Shafi Sheikh, Shah Rukh Qureshi, Raza Memon, Tausif Attar, Danish Sheikh. 6. HR Nida Khan is on the run and police is still searching for her. My two-cent take: After Ratan Tata, Tata group has lost all its morality. I may be too quick to judge this, but their wordings and workings are totally opposite now.

@bankofbaroda thinks @rethinkdns, @Malwarebytes and @kaspersky are potential keyloggers. @bankofbaroda Bob world application stopped me from accessing the UPI section with a warning. Height of stupidity. They should hire a better team.

11/ Help starve the ADINT dragnet. Do this now: iPhone: ⚙️Settings➡️Privacy & Security➡️ Tracking Turn off "Allow Apps to Request to Track" Android: ⚙️Settings➡️Privacy ➡️ Ads ➡️Delete Advertising ID It's only a beginning, but you don't owe any of these companies a drop of your data.

🚨 Someone just open sourced a fully autonomous AI hacker and it's terrifying. It's called Shannon. Point it at your web app, and it doesn't just scan for vulnerabilities. It actually exploits them. Real injections. Real auth bypasses. Real database exfiltrations. Not alerts. Not warnings. Actual working exploits with copy-paste proof-of-concepts. Here's what this thing does autonomously: → Reads your entire source code to plan its attack → Maps every endpoint, API route, and auth mechanism → Runs Nmap, Subfinder, and WhatWeb for deep recon → Hunts for Injection, XSS, SSRF, and broken auth in parallel → Launches real browser-based exploits to prove each vulnerability → Generates a pentester-grade report with reproducible PoCs Here's the wildest part: It follows a strict "No Exploit, No Report" policy. If it can't actually break it, it doesn't report it. Zero false positives. It pointed at OWASP Juice Shop and found 20+ critical vulnerabilities in a single run including complete auth bypass and full database exfiltration. On the XBOW Benchmark (hint-free, source-aware), it scored 96.15%. Your team ships code daily with Claude Code and Cursor. Your pentest happens once a year. That's 364 days of shipping blind. Shannon closes that gap. One command. Fully autonomous. The Red Team to your vibe-coding Blue team. Every Claude coder deserves their Shannon. 10.6K GitHub stars. 1.3K forks. Already trending. 100% Open Source. AGPL-3.0 License.

ghidra-mcp v3.0.0 - 179 MCP tools for AI-powered reverse engineering (full headless, Ghidra Server) github.com/bethington/ghi…

@ShiprocketIndia emails to your support team are getting blocked.

Fake job recruitment giving malware with love. bleepingcomputer.com/news/security/…

@kaspersky @kasperskylabind products are blocked in @GoogleIndia playstore while there is no block from the indian government. FYI @AshwiniVaishnaw

Cloudflare hides 19.3% of all websites—but not perfectly. CloudRip scans subdomains to find IPs not behind Cloudflare protection, exposing the real origin server: hackers-arise.com/web-app-hackin… @three_cube

Bug : SQL INJECTION Steps: 1) capture Post Request in a burp 2) save into sql.txt file 3) run sqlmap Command: sqlmap -r sql.txt --current-db --level 5 --risk 3 --dbs --force-ssl Vulnerable parameter : username Database: Oracle

MYSQL Database credentials leaking in PHPINFO , funniest bug I ever found - retweet to share awarness #bugbounty #bugcrowd

Some MySQL tricks to break some #WAFs out there. SELECT-1e1FROM`test` SELECT~1.FROM`test` SELECT\NFROM`test` SELECT@^1.FROM`test` SELECT-id-1.FROM`test` #SQLi #bypass #bugbountytip

Bug Bounty Tip You can check if a website is running exactly a MySQL database and is potentially vulnerable to SQL injections by using !!0 as input for numeric parameters in the query string or request body. P.S. Why MySQL thinks that !!0 == 1? Cheers!

Let us indulge in some engineering beauties of MySQL. It rarely gets Love compared to Postgres. Uber reduced their database locks by 94% when they upgraded to MySQL 8.0, thanks to this performance rearchitecture. We know that writing to the index may cause a structure change (btree rebalance) which can cause leaf pages, internal pages and the ROOT to split and update. Allowing a read while the structure is being changed can cause corruptions, so we need to protect the structure and readers via physical locks or a mutexes (I talk about those in my OS course) In version 5.6, MySQL InnoDB opted to do a global exclusive lock (X lock) on entire index when a rebalance is triggered, preventing reads from happening (reads take a shared S lock), even when the reads are going to a different part of the tree. In 8.0 only the pages being restructured or written are X Locked (not the entire index) also a snapshot of those pages are saved so concurrent reads to those pages are allowed. This index is instead locked via a new intent SX Lock which allows shared S locks but prevents X Lock. What better proof of this engineering marvel than Uber upgrading to MySQL 8 and reducing their database locks by 94% ! We know MySQL is struggling recently against Postgres and I covered that in another video but the engineerings marvels must be acknowledged regardless of the state of the product. --- Watch my full deep dive coverage here Advanced MySQL Index Locking Explained youtu.be/MK24y7AmKTc I also try to start crediting the Devs behind the work, this work is done by Zongzhi Chen Read uber’s article uber.com/en-JO/blog/upg…

MySQL fixed a bug that was causing extra IO during reads. The fix made reads 4x faster (when there are concurrent inserts) Mark found and logged the bug, his blog explains it all. I really enjoy this stuff. There is always room for improvement.

Hey @BigRock you are still offering Mysql version 5.7 to your clients. This version was depreciated a long time ago. dev.mysql.com/doc/relnotes/m… security.snyk.io/package/linux/… #bigrock #WebHosting #Scam

@BigRock you people are using outdated Mysql versions for shared web hosting. Selling products intentionally with security vulnerabilities.