-
Tweets401
-
Followers704
-
Following467
-
Likes459
kking retweeted
#XSS tricks to #Bypass #WAF in the URL Context by @BRuteLogic => HTMLi + Double Encoding + Embedded Bytes JavaScript:"<Svg/OnLoad=alert%25%0A26lpar;1)>" JavaScript:"\%0A74Svg/On%0ALoad=alert%25%0A26lpar;1%25%0A26rpar;>" Lab x55.is/brutelogic/dom… KNOXSS has similar ones! 😉
1
46
249
11K
174
Download Image
著名大模型客户端Cherry Studio 爆两个高危漏洞,建议受影响的用户尽快升级到最新版本,并保持自动更新设置打开。 github.com/CherryHQ/cherr… 一个是通过cherrystudio的自定义协议触发,1 click rce。 一个是连接恶意MCP,自动触发,和mcp-remote一样都是OAuth 身份验证重定向端点缺乏过滤导致。
# CVE-2025-54424 专业版才有的功能,付费复现漏洞了。。 问题出在Agent端,Github上写的很清楚了。github.com/1Panel-dev/1Pa…
#CVE-2025-54782 虽然是开发者工具包,但还是有很多开放在公网,ZoomEye 搜索语法:http.header="devtools.nestjs.com" && http.header="405 Method Not Allowed" zoomeye.org/searchResult?q… 漏洞修复增加了多个校验,基本是杜绝了。npmjs.com/package/@nestj…
Trae仓库有用户反馈调用的大模型,显示的是4.0,实际是3.5。这一波是被资本做局了? github.com/Trae-AI/Trae/i…
#CVE-2025-53833 挺直给的一个漏洞,直接官方demo即可快速复现,步骤见图1,和grok协同搞了个漏洞分析报告,见图2. 题外话,没看懂360这个复现。 github.com/saleem-hadad/l…
#CVE-2024-56731 github.com/gogs/gogs/comp… 实际利用需要用户权限,可通过JS文件来快速判断是否受该漏洞影响。
有趣,Claude Code才发布没多久吧,大手子盯的紧啊。看描述,能读取任意文件,水坑攻击应该不错?但这插件代码更新的飞快,这个版本都算是‘老’的了。 github.com/anthropics/cla…
Excellent !
# CVE-2024-29198 github.com/geoserver/geos… 非常直接暴力的修复方式,直接干掉TestWFSpost 端点。
kking retweeted
🚀 DeepSeek-R1-0528 is here! 🔹 Improved benchmark performance 🔹 Enhanced front-end capabilities 🔹 Reduced hallucinations 🔹 Supports JSON output & function calling ✅ Try it now: chat.deepseek.com 🔌 No change to API usage — docs here: api-docs.deepseek.com/guides/reasoni… 🔗…
AI加速安全研究的又一案例,基于已有漏洞寻找新的触发点。
kking retweeted
🔗 Nuclei Template: cloud.projectdiscovery.io/library/CVE-20…
#漏洞扫描 对于那些复杂的,认证后的漏洞,很常规的方法就是版本匹配。腾讯的AI组件漏洞扫描器(AI Infra Guard)核心原理就是版本匹配,可实际上能用的组件版本匹配只有8个,更多时候只是起到了漏洞资讯的作用,告诉你这个组件有多少漏洞。
kking retweeted
Expression payloads meet mayhem in this week's Ivanti EPMM vulnerabilities — CVE-2025-4427 and CVE-2025-4428 — chained to achieve unauth RCE. Beware - this is currently being exploited ITW! Enjoy our analysis. labs.watchtowr.com/expression-pay…
5月5日,CISA把这个漏洞添加到了已知被利用漏洞目录中。
5月5日,CISA把这个漏洞添加到了已知被利用漏洞目录中。 https://t.co/fXnPNyIYOa
uiuiui uiuiui @uiuiuiuiui68815
0 Followers 50 Following
AY @AY8886668
59 Followers 753 Following
uuuuuuup @77uuupp
1 Followers 10 Following
50天 @uXjGOoQtNF1uItM
9 Followers 296 Following
lucos lopez @Lucos88
1 Followers 9 Following
Erika White @ErikaW71103
2 Followers 62 Following
dzl @dzldzl111
0 Followers 11 Following
yetis @lambinthedarj
7 Followers 89 Following
Neoeoo @Neoeoo
3 Followers 109 Following
澪崎ིོུ ᯅ @ChinaMaxk
55 Followers 2K Following
Michael麦克尔 @sunnyjo37189654
16K Followers 1K Following 种一棵树最好的时间一个是十年前,还有一个是现在。 https://t.co/2sWXhBfuOs,进群无门槛,不收费!
ev1l0o4g @ducoduko
5 Followers 173 Following
qwerty @qwerty1575031
10 Followers 50 Following
Danila Lutsiv @Chemrid
254 Followers 4K Following
牧之 @0xmuzhi
1 Followers 76 Following
test @testjkl
10 Followers 207 Following
Da22le @Da22lec
11 Followers 142 Following
⚒推特治丧委员... @kuanghuanlonga1
788 Followers 966 Following script kidden/vulnerability exploit/CTF seeker
Zhou Dao @ZhouDai
65 Followers 2K Following
Ken @ConfectionaryOk
6 Followers 164 Following
Benson Sarfield @BensonSarf87900
0 Followers 16 Following
关羽 @GUANYU_11
0 Followers 4 Following
废柴是我名 @MNIwood
12 Followers 189 Following
Moth @Moth_CuRL
94 Followers 1K Following Blockchain is really something. Every day it’s a new scam, but every day you fall for a different one. I absolutely love this game!
FOFA @fofabot
12K Followers 191 Following Cybersecurity Search Engine Contact Email: [email protected] Telegram: https://t.co/E5EcKr5Kyl
AiFeiS @AiFeiS1
9 Followers 310 Following
1e18 @zhuzuojun
194 Followers 4K Following
··········�... @Charon_n_n
6 Followers 166 Following
muchen @muchen28041
0 Followers 370 Following
Fantôme @IcarusNoWings
2K Followers 6K Following 男人憧憬着一个女人的身体的时候,就关心到她的灵魂,自己骗自己说是爱上了她的灵魂。唯有占领了她的身体之后,他才能够忘记她的灵魂。也许这是唯一的解脱的方法。 他人即地狱,到最后要么是受虐,在羞耻中享受快乐;要么是施虐,在内疚中感到愉悦。 对了,算卦我略懂~
sharry @sharry479292731
0 Followers 24 Following
huszza @huszza
1 Followers 49 Following
DeepSeek @deepseek_ai
973K Followers 0 Following Unravel the mystery of AGI with curiosity. Answer the essential question with long-termism.
Ⓒhrstph... @schniggie
3K Followers 1K Following security geek, 🄲🅈🄱🄴🅁, selfhoster, beer lover, Pragmatist https://t.co/itIxG00YGz https://t.co/PsNyHN0Pxr ᴅᴇ-ᴀɴᴏɴʏᴍɪᴢᴇʀ ᴡʜᴏ ᴇɴᴊᴏʏꜱ ᴏᴘꜱᴇᴄ ꜰᴀɪʟꜱ
Folo @folo_is
42K Followers 36 Following Follow everything in one place. Join our community: https://t.co/h0aE3fWu8W.
𝕏 Bug Bounty Write... @bountywriteups
35K Followers 4K Following 🔍 Bug Bounty Hunter | Content Creator | Sharing cybersecurity write-ups & resources | AI | | by @piyush_supiy #bugbounty #bugbountytips
DarkEye @darkeye_team
807 Followers 30 Following Hackers' Eye on Defense Email: [email protected] Telegram: https://t.co/dfnXDEXQZh Discord: https://t.co/9D3UMXb6Te
watchTowr @watchtowrcyber
9K Followers 13 Following watchTowr enables organizations to get ahead of in-the-wild exploitation with Preemptive Exposure Management technology.
GitHub Changelog @GHchangelog
27K Followers 7 Following The official GitHub Changelog feed. Your source for new releases, improvements, security updates, and fixes across GitHub products.
林晨 @0chencc
2K Followers 597 Following HaE/Caa/CTFCrackTools/Sylas等开源工具参与作者\信息安全从业者\AI安全从业人员\米斯特安全团队创始人。
Horizon3 Attack Team @Horizon3Attack
12K Followers 56 Following @Horizon3ai Attack Team | Security Research | Exploit Dev | TTPs
Tesla Optimus @Tesla_Optimus
559K Followers 11 Following A general purpose, bi-pedal, humanoid robot capable of performing tasks that are unsafe, repetitive or boring.
ZoomEye @zoomeye_team
9K Followers 508 Following A cyberspace search engine built for security researcher Daily Tricks || Latest Vulnerability Updates Email: [email protected] https://t.co/AUq5jNpKkl
rapiddns @rapiddns
3K Followers 3K Following Bug Bounty Hunter. The https://t.co/11fvDW8SRb is a free, open and unlimited dns query tool. It makes easy to query subdomains or sites of the same.
OpenAI @OpenAI
4.3M Followers 3 Following OpenAI’s mission is to ensure that artificial general intelligence benefits all of humanity. We’re hiring: https://t.co/dJGr6Lg202
Dataflow Security @dfsec_com
5K Followers 4 Following
浅蓝 @b1u3r
3K Followers 193 Following
BlueHornet | AgainstT... @_Blue_hornet
6K Followers 276 Following Standing against China & Russia. Exposing APTs Hacktivism / Journalism 04/04/22 https://t.co/gQR7MXLEBD #FreeUkraine https://t.co/0nHk69qbq3
Nagli @galnagli
39K Followers 482 Following Hacker; Head of Threat Exposure at @wiz_io 🧙♂️; Bug Bounty Hunter; Live Hacking Events Winner
Vulmon Vulnerability ... @VulmonFeeds
4K Followers 2 Following Vulnerability Feed Bot (tweets new vulns) Follow @vulmoncom for human-controlled official account
nuclei templates @NucleiTemplates
375 Followers 5 Following This is an unofficial Nuclei templates watcher bot who keeps you up to date about the recently released templates. Created and maintained by @dwisiswant0.
Yuan-chi @0xyuhao
2K Followers 126 Following PwC/Cybersecurity/Cloud Security/Senior Consultant/Security Services Engineer/Security Research/SOC (Security Operations Center)/Incident Response/Pentest
PwnWiki @pwnwikiorg
1K Followers 33 Following 自由的漏洞百科 |[email protected] | [email protected] |@Acardia2020 | @zhzyker | https://t.co/zMbB1NEHkJ | https://t.co/OccRTj4zry
green @greentheonly
85K Followers 0 Following I report what I see. If it's good, it's good; if it's bad, it's bad. Does not depend on me. Make them release more awesome stuff. Don't shoot the messenger.
Sam Curry @samwcyo
97K Followers 1K Following Hacker, bug bounty hunter. Run a blog to better explain web application security.
Elon Musk @elonmusk
225.3M Followers 1K Following
0xSha @0xsha
11K Followers 666 Following 12+ years journey in security research. Ai / Blockchain engineer, occasional startups CTO. CS PhD candidate. I build and break stuff, sometimes in public.
GitHub Security @GitHubSecurity
14K Followers 90 Following The @github Security team. 🚨 Report vulnerability: https://t.co/wTLhTm60PQ. Security Research: @GHSecurityLab. We're hiring!
test domain @User2Micro
721 Followers 4K Following
CODE WHITE GmbH @codewhitesec
7K Followers 41 Following Red Teaming. Security Research. Continuous Penetration Testing. Threat Intelligence.
Trend Zero Day Initia... @thezdi
83K Followers 16 Following Trend Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
LiveOverflow 🔴 @LiveOverflow
155K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
Blue Frost Security @bluefrostsec
6K Followers 643 Following Providing cutting-edge security research. Organizers of @offensive_con
Alex Ionescu @aionescu
47K Followers 2K Following Chief Technical Innovation Officer @crowdstrike. Windows Internals author and trainer. He/Him. RTs are not endorsements, opinions are my own.
Samuel Groß @5aelo
24K Followers 501 Following Working on Project Zero, Big Sleep, and V8 Security. Personal account. Also @[email protected] and https://t.co/aVitnPjBie
Nico Waisman @nicowaisman
13K Followers 952 Following Head of Security at @XBOW. Former CISO @Lyft. Binary entomologist
offensivecon @offensive_con
26K Followers 2 Following OffensiveCon Berlin is a technical international security conference focused on offensive security only. Organised by @Binary_Gecko. Stay tuned #OffensiveCon26.
PortSwigger Research @PortSwiggerRes
111K Followers 7 Following Web security research from the team at @PortSwigger
GitHub Security Lab @GHSecurityLab
26K Followers 15 Following GitHub Security Lab’s mission is to inspire and enable the community to secure the open source software we all depend on.
C2 Matrix | #C2Matrix @c2_matrix
6K Followers 97 Following Matrix of Command and Control (C2) Frameworks #C2Matrix #RedTeam #BlueTeam #PurpleTeam
Trends for United States
181 B posts
46 B posts
60,9 B posts
167 B posts
194 B posts
38,6 B posts
64,5 B posts
6.947 posts
53,6 B posts
4.571 posts
4.812 posts
6.098 posts
5.087 posts
4.424 posts
130 B posts
36,1 B posts
2.414 posts
2.899 posts
8.853 posts
2.366 posts
You might like
wywwzjj
@wywwzjj
249 Followers
Long Phong Tran
@c0g4i_h4l4n
25 Followers
布偶猫
@Saferman2
46 Followers
ricardo jorge Rodrigu...
@ricardojorgero5
12 Followers