Ioannis Stais

Microsoft Sharepoint ToolShell attacks linked to Chinese hackers - @serghei bleepingcomputer.com/news/security/…

Great presentation & next level memes by @LAripping and James Henderson! @TheOffensiveX

Backdoor Found in 1 Billion Chinese-made Chips — Espressif's ESP32 microchip has an undocumented backdoor, raising security concerns globally. bleepingcomputer.com/news/security/…

Want to learn about Chrome exploitation and the role of WebAssembly in it? In our new article, we'll break down the world of WASM, how it interacts with V8, and use CVE-2024-2887 as a case study to show how flaws in WASM can lead to RCE. Read it here: ssd-disclosure.com/an-introductio…

Getting reports of the ISS crew active on ham radio overnight. Who's got NA1SS in their log today? Some good passes still to come over the next few hours.

Offensive X 2025 is proud to have @census_labs as a Gold Sponsor on our side. From deep vuln research to real-world tooling, their work speaks for itself and now they’re backing the mission. #RedTeam #CyberSecurity #InfoSec #HackingConference

Anyone in #Athens for @TheOffensiveX?#offensivex

Yes, LLMs don’t think. Apple’s paper shows they fail at logic. But they guess so well, they already outperform mediocre white-collar work – junior coding, copywriting, design, even legal boilerplate. The risk isn’t in jobs that require real thinking. It’s in the ones where…

Congrats Team Greece for a great battle until the last minute. Thanks @Troll_13 for all the hard work as an ambassador and leading your team to the podium. Appreciate all the hard work, well deserved 3rd place and congrats to all of you!

⚠️ If you are using SAM-R, especially with Defender for Identity, you may be vulnerable to a downgrade attack! ⚠️ This was so dangerous they are disabling SAM-R queries in the coming weeks. Only classic sensor is affected, not XDR agent sensor (3.x). learn.microsoft.com/en-us/defender…

🚨New giveaway alert🚨 We are giving away some vouchers for @offsectraining * 1x PEN-200 Course and Cert exam bundle (OSCP) * 1x Learn Fundamentals Subscription * 1x Annual PG Practice access Read the full post to learn How to participate: 1⃣Subscribe to our youtube channel…

1) WHAT

Crazy. Has anyone heard or has this happen before? I ordered a new iPad from @Apple Delivery scheduled today via @UPS UPS driver knocks on my door and tells me this…. <verifies I’m me> Then tells me that some guy flagged him down on the road (a few min away from my house)…

We have uncovered a Windows .lnk shortcut bug (#ZDI-CAN-25373) being exploited by #APT groups and cybercriminals worldwide. This bug in Windows  .lnk files allows attackers to execute hidden malicious commands that aren't visible when viewing shortcut properties. More details 🧵

CVE-2025-24071> Windows Explorer automatically initiates an SMB authentication request when a .library-ms file is extracted from a .rar archive, leading to NTLM hash disclosure. The user does not need to open or execute the file... github.com/0x6rss/CVE-202…

"Attacking Bluetooth the easy way" from @rootedcon featuring an undocumented ESP32 Espressif SoC backdoor. @antonvblanco @TarlogicES @Tarlogic documentcloud.org/documents/2555…

As far as I can tell, the ESP32 "backdoor": - Requires internally using the HCI interface - Lets you dynamically change the MAC address and send raw LMPs/LLCPs - Lets you read/write ESP32 memory if you're not already in control of that This can't be done remotely *yawn*

github.com/DarkWebInforme…

Αυτοκίνητα παρκαρισμένα παράνομα στην έξοδο για εθνική οδό (!!!!), επειδή παίζει ο Ολυμπιακός. Και εσείς ακόμα πιστεύεται ότι θα αποκτήσει ο Έλληνας οδική παιδεία... Ποτέ όμως.

The Bybit hacker (Most likely N.K. ) is now the 14th largest ETH holder in the world They hold roughly 0.42% of total supply, more than Fidelity, Vitalik, and 2x +what the Ethereum Foundation holds