Vincent Yiu

In case you missed it: Add a colon to your password, ":", because all the stealer logs have colons, so it'll end up splitting your password incorrectly.

Historical moment for red and blue teamers 🛡️ Azure Active Directory Graph Activity logs are now available🥳

During pentests we often have to deal with tasks that can be automated. Some of the best tools for this are ADScan and ADPulse. ADScan performs both enumeration and attack and is capable of analyzing BloodHound data to guide you through the pentest. It works with and without AD creds and can compromise some labs in just 3-5 minutes hackers-arise.com/offensive-secu… @three_cube @_aircorridor #pentesting #redteam

@dazhengzhang @grok what’s the TPS on this

$1 for $40 of DeepSeek? Just might be too good to pass up

new repo: Cheshire 🐱 Adaptix C2 service plugin that lets you test payloads against LitterBox without leaving the Adaptix client. pick a file, click run, see what fires across static, dynamic, and EDR. github.com/BlackSnufkin/C…

This might be one of the most elegant LLM exploits Grok got prompt injected, and the attacker managed to get 3B DRB worth $175k sent to a wallet they control Crazy!

Garlic Butter Steak & Potatoes is my favorite. Check it out 😋

I found a rate limit on deepseek v4 pro and it wasn't my tokens! It didn't like 144 concurrent Hermes agents 🤪 $18.53/$50.00 spent so far 44,436 API requests 125,753,387 tokens

Critical & high vulns in MOVEit Automation enable auth bypass + priv esc via backend command ports. CVE-2026-4670 CVE-2026-5174 MOVEit has been targeted by ransomware groups in the past in mass exploitation campaigns. community.progress.com/s/article/MOVE… @watchtowrcyber

Advanced SSRF exploitation techniques are explained in detailed guides. They include bypass methods and cloud metadata attacks. Read @jpablo13/ssrf-master-guide-exploitation-and-mitigation-strategies-e8b6a5d415bd" target="_blank" rel="nofollow noopener">medium.com/@jpablo13/ssrf… #BugBounty #SSRF #CyberSecurity #Research

if you run ollama on apple silicon and haven’t updated past v0.19, you’re leaving 2x performance on the table. ollama switched from llama.cpp to apple’s MLX framework. people are reporting 7x decode speed improvements on M4. I run hermes on a mac mini M4. updating ollama was the single biggest performance gain I got this month without spending money. qwen3.5-9B went from sluggish to genuinely usable as a daily driver. ollama --version and update if you’re behind.

@cong_yuzhou @so_ainsight That’s why it’s fake

@so_ainsight А электричество он где взял? На 11 часов батареи не хватит

ガチで未来感あった。 中国人エンジニアが、Wi-Fiなしの11時間越境フライトでクライアント案件を全部こなしたらしい。 頼ったのはMacBook Pro M4 64GB 1台と、自作のローカルAIオーケストレーター。 ・機内Wi-Fi 25ドル（約3,800円）は拒否 ・Metaが公開してるオープンソースAI Llama 3.3 70Bをパソコン内で起動 ・1秒71語ペースで案件を処理 着陸前にキュー全消化👇GWの帰りの便で使ってみてはいかがでしょうか？

The RansomISAC published regarding "Zhengzhou 403 Network Technology Co., Ltd.", a cert we reported in 2025 after it was used to sign CobaltStrike. Their investigation seemed like a wild adventure, check it out. ransom-isac.org/blog/dragonbre… 1/3

Microsoft Defender detected and protected customers against a new software supply chain compromise affecting the "pytorch-lightning" package and immediately reported the issue to the repository maintainers for takedown: msft.it/6013vJisb. At the time the compromised packages were identified and distributed, Microsoft Defender had proactive detections that blocked the malicious files as Trojan:JS/ShaiWorm.DQ!MTB. For protected environments, Microsoft Defender for Endpoint raised the alert "ShaiWorm malware was prevented". Our assessment indicates that Microsoft continues to provide strong protection coverage and has prevented observed activity indicating attempts to install the modified packages. Microsoft Defender continues to monitor for potential follow-on activity, including suspicious use of potentially exposed cloud credentials across major cloud platforms. Observed activity remains limited to a small number of devices and appear contained to a narrow set of environments. We are also investigating container-based telemetry and registry-related signals that may indicate potential compromise in some scenarios. Microsoft continues to monitor and investigate the issue, with layered protections, broad prevention coverage, and ongoing hunting efforts in place. We will share updates as more information becomes available.

🚨 Cybersecurity firm Trellix confirms a breach. Attackers accessed part of its source code repository; no exploitation or release impact found. Investigation ongoing with forensic experts and law enforcement. Details ➜ thehackernews.com/2026/05/trelli…

Holy fuck. Not one will do any crime because terminator is out to get them.

🚨BREAKING : Call centers are officially dead. ElevenLabs Agents quietly wiped out the $40B customer support industry. → Sounds human in 70+ languages → Books, updates, closes tickets mid-call → Plugs into GPT, Claude, Gemini, any LLM → $0.08/min, startups get $4K free Revolut, Cisco, Deliveroo already switched. You're next 🧵

@Octoberfest73 I remember you once posted a quirk of impacket that could be used as an ioc so I thought you’d like this list of 50+ impacket IOCs😄 github.com/ThatTotallyRea…