Rene Freingruber @ReneFreingruber
Interested in reversing, browser exploitation, red & blue teaming, web vulns, ... Joined June 2012-
Tweets6K
-
Followers3K
-
Following578
-
Likes2K
A new Project Zero blogpost by @tehjh in which he writes about an interesting and little-known bug class that affected web browses, Linux and, most recently, macOS. The bug class can also be used for leaking pointer tag information in some scenarios.
A new Project Zero blogpost by @tehjh in which he writes about an interesting and little-known bug class that affected web browses, Linux and, most recently, macOS. The bug class can also be used for leaking pointer tag information in some scenarios.
#flareon12 pre-register now at flare-on12.ctfd.io The puzzles are unleashed tomorrow.
Cyberattack on Jaguar Land Rover results in a prolonged production shutdown. 25% of suppliers have already taken steps to pause production and temporarily lay off workers. The attack has now forced a complete halt until October 1st, costing the company over $1.36 billion in lost…
Interested in what real world Active Directory compromise looks like and how to prevent it? I wrote a deep dive on what we continually see when Active Directory gets owned. Hint: stop letting domain admins log onto all your endpoints Read here - techcommunity.microsoft.com/blog/microsoft…
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…
Analysis of Shai-hulud Worm in MDE Environment 🚨 The Shai-hulud npm worm is rapidly propagating by compromising developer accounts and injecting malware into packages that exfiltrate cloud tokens and secrets. I extracted SHA1 hashes from 370+ infected npm packages and ran a…
🚨 CrowdStrike npm Packages Compromised in Ongoing Supply Chain Attack Read more: cybersecuritynews.com/npm-supply-cha… An ongoing supply chain attack has compromised multiple npm packages published by CrowdStrike, extending a malicious campaign known as the “Shai-Halud attack.” The…
Really awesome blog on some powerful things you can do with exception handlers and low-level Windows knowledge. Wish I had seen this when I was working through the same subject matter a literal week ago 🫠
Really awesome blog on some powerful things you can do with exception handlers and low-level Windows knowledge. Wish I had seen this when I was working through the same subject matter a literal week ago 🫠
🔥🔥🔥 (CVE-2025-5959)[422313191][wasm]Google Chrome RCE via CanonicalEquality::EqualValueType() is now open with exploit(exploit chain uses a novel v8sbx bypass) issues.chromium.org/issues/4223131… Reported by Seunghyun Lee(@0x10n) as part of TyphoonPWN 2025
🔥🔥🔥 (CVE-2025-5959)[422313191][wasm]Google Chrome RCE via CanonicalEquality::EqualValueType() is now open with exploit(exploit chain uses a novel v8sbx bypass) issues.chromium.org/issues/4223131… Reported by Seunghyun Lee(@0x10n) as part of TyphoonPWN 2025
It's awesome that William made a stable exploit to get RCE through the Linux kernel SMB server (ksmbd). It is difficult, but he nailed it! You've got to read his post to see the tricks and strategies he used 😆.
It's awesome that William made a stable exploit to get RCE through the Linux kernel SMB server (ksmbd). It is difficult, but he nailed it! You've got to read his post to see the tricks and strategies he used 😆.
Even with HTTPS, Windows Server Update Services can be abused if attackers obtain a trusted certificate, allowing authentication relay. In our blog, @Coontzy1 explains how WSUS traffic can be found and abused, and what sparked his investigation. Read now! trustedsec.com/blog/wsus-is-s…
Huntress tracked a threat actor who installed their Managed EDR product, sparking debate online over triage limitations and user privacy. I sat down with @_JohnHammond to separate fact from misunderstanding. Watch the full video at the link below!
Bidding farewell to one of the last Windows kernel address leaks, CVE-2025-53136 (KASLR bypass). Sometimes, even patches can open new doors for exploitation. crowdfense.com/nt-os-kernel-i…
Skipping Winsock - AFD.sys for-the-win! A series of posts by Mateusz Lewczak (@MateuszLewczak) on how to use afd.sys driver to implement custom network connectivity. Highly recommended! Source: leftarcode.com/posts/afd-reve… #redteam #maldev #malwaredevelopment
After a year of scientific scrutiny, a rock sample collected by the Perseverance rover has been confirmed to contain a potential biosignature. The sample is the best candidate so far to provide evidence of ancient microbial life on Mars. go.nasa.gov/4n35lVM
As an attacker, I care more about the presence of canaries in an environment than about triggering them. Their existence lets me know they're either being automatically deployed (Cortex, etc.) or have someone who cares enough to build the environment this way and proceed…
🚀 It’s official — my new book is live on Amazon: MAoS – Malware Analysis on Steroids This book is not like the others. It’s built on years of raw, hands-on research, reverse engineering sessions at 3 AM, and real-world incident response cases. Inside, you’ll find full A–Z…
Would you like to join our research team? We currently have an opening! computest.nl/en/careers-at-…
Today I am releasing a new blog post on VSM "secure calls" + the SkBridge project to manually issue them!! This blog talks about how VTL 0 requests the services of VTL 1 and outlines common secure call patterns!!! Blog: connormcgarr.github.io/secure-calls-a… SkBridge: github.com/connormcgarr/S…
So, these threat actors successfully phished an author of multiple open source NPM packages with a total of 2 billion weekly downloads – including debug, chalk, and ansi-styles. Since most companies run at least one React or Angular app, they had the opportunity to execute code…

kmkz @kmkz_security
19K Followers 2K Following Offensive Security, pom-pom girl... Who cares ?? Bourbon Offensive Security Services | BOSS
Mike Felch (Stay Read... @ustayready
17K Followers 2K Following Targeted Ops Red Team @ TrustedSec | Hacking since Renegade BBS backdoors | Prior CrowdStrike/BHIS | In Christ's grip | I speak for myself only | K1HAQ
DirectoryRanger @DirectoryRanger
35K Followers 96 Following This account assembles and disseminates information related to Active Directory and Windows security.
sn🥶vvcr💥sh @snovvcrash
12K Followers 490 Following Sr. Penetration Tester / Red Team Operator @ptswarm :: Author of the Pentester’s Promiscuous Notebook :: He/him :: Tweets’re my pwn 🐣
Richard Johnson @richinseattle
18K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
Filip Dragovic @filip_dragovic
7K Followers 1K Following My research unless stated otherwise. My opinions are my own and do not represent the views of my employer.
Samir @SBousseaden
25K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
n00py @n00py1
13K Followers 962 Following Retweeter of InfoSec/Offsec/Pentest/Red Team. Occasional blogger/Independent security research.
LuemmelSec @theluemmel
8K Followers 565 Following I speak BloodHound. Husband, Father, IT-Guy, Security-Noob Blog: https://t.co/PXB35KEqs6 GitHub: https://t.co/Unp9jZOpBn
kuvee04 @GamingFreeFire1
21 Followers 603 Following
Cloner XZ @clonerxz8080
3 Followers 528 Following
Two Seven One Three @TwoSevenOneT
3K Followers 2K Following Chief Security Officer (CSO) || Security Researcher at https://t.co/YsorB5YEAu || Penetration Tester || Red Teamer || Social Engineering Awareness Trainer
n0tf0und @n0tf0u9d
7 Followers 121 Following
Jianjia Yu @yujianjiasuzy
3 Followers 62 Following PhD student @JohnsHopkins Research interest: Language-based security, Web security
David Mihajlovic @dm_p0st
0 Followers 32 Following
Sambam4mba @he31707900
9 Followers 1K Following Bor3d hacker of iot devices, security researcher? Security Breacher!
James @Jameshenry917
15 Followers 257 Following
Researcher @_0xPwner_
3 Followers 89 Following
Norbert @NB1r0
64 Followers 3K Following
Narek Babajanyan🇦�... @N_Babajanyan
266 Followers 1K Following Cybersecurity analyst | Armed Forces ex-officer
Veda Thiel @ThielVeda5899
33 Followers 2K Following
Constantine Young @ConsYoung
6 Followers 281 Following
EZ @IAMERICAbooted
2K Followers 1K Following Yesterday is history. Tomorrow is a mystery. Cloud Solutions Engineer at Contoso. Hacktive Directory admin. Posts don't represent my employer(s).
nullFaktor @_nullfaktor
2 Followers 6 Following
0xf1rmware @0xf1rmware
2 Followers 534 Following :( incorrect memory address(BSOD) 99% complete | Livin' in non-vol mem...
Joe (GonzoSec) 🇺�... @jsark983
942 Followers 731 Following OSCP, CRTO, GCPN, GWAPT, MS in InfoSec. Fortunate pen tester... just learning all the things! And the obligatory: my views don’t equal my employer’s...
Alex @alextoystory
0 Followers 589 Following From a hopeless crush on a captivating stranger, a bitter curse emerged, transforming their once innocent love into a twisted obsession. To MsPsychology1
T1nt1n @t1nt1nsn0wy
709 Followers 4K Following Noobie H4CK3R and researcher at @qualys. Prev @pwc. Views are my own :)Volkov Ivan @volkovin
61 Followers 5K FollowingJaehun Jeong @n3sk
248 Followers 867 Following
Lan Vu @lanleft_
1K Followers 417 Following she/her | Qrious Secure @qriousec | I made my own cover photo
Shreyas Penkar @streypaws
278 Followers 254 Following Android Vulnerability Researcher (Kernel/Chrome)
Laith AL-Satari @laith_satari
47 Followers 653 Following
Kylee Leffler @KyleeL2953
107 Followers 4K Following
Briellaa🌼 @shonellebriella
7 Followers 157 Following Artist Manga artist and Twitch Streamer Twins of official.riz manage page, @goodheart 💖
Sandip Das @nodegoose
25 Followers 888 Following
asdsadadasdasdadasd @Kavsson
12 Followers 436 Following
Glalqe @Glalqe87229
13 Followers 366 Following
sayan @SayanEcho
1 Followers 71 Following
Noid0x0 @noid0x0
11 Followers 158 Following
Pensé FFun @inftyCategory
134 Followers 7K Following
PoiuLkjh @PoiuLkj97148459
26 Followers 2K Following
Yazid @Yazid21_
17 Followers 154 Following
echo hello world @SayanChakrobor7
168 Followers 3K Following Ethical Hacker, Bug bounty hunter, web & android pen tester, flutter, php, python developer
Muhammad Ayub @roy_ayub
87 Followers 990 Following
Florian Roth ⚡️ @cyb3rops
207K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Nicolas Krassas @Dinosn
147K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
Florian Hansemann @CyberWarship
84K Followers 46 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Adam Chester 🏴�... @_xpn_
36K Followers 502 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Binni Shah @binitamshah
141K Followers 165 Following Linux Evangelist, Malwares, Security enthusiast , Investor, Contrarian , Philanthropist , Reformist , Sigma female 🦋 https://t.co/WOvf41tMKV
Trend Zero Day Initia... @thezdi
83K Followers 16 Following Trend Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
b33f | 🇺🇦✊ @FuzzySec
33K Followers 1K Following 意志 / Antiquarian @ IBM X-Force / Team 501 / Ex-TORE ⚔️🦅 / I rewrite pointers and read memory / AI Psychoanalyst / Teaching @CalypsoLabs
kmkz @kmkz_security
19K Followers 2K Following Offensive Security, pom-pom girl... Who cares ?? Bourbon Offensive Security Services | BOSS
Will Dormann is on Ma... @wdormann
26K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
Stephen Sims @Steph3nSims
24K Followers 833 Following Perpetual Student | SANS Fellow | Musician | Braggart Hater | Gray Hat Hacking | VR | 🏂 | deadcode | https://t.co/CadJehomsU
Intigriti @intigriti
195K Followers 657 Following Bug bounty & VDP platform trusted by the world’s largest organisations! 🌍
LiveOverflow 🔴 @LiveOverflow
156K Followers 1K Following wannabe hacker... he/him 🌱 grow your hacking skills @hextreeio
Samuel Groß @5aelo
24K Followers 501 Following Working on Project Zero, Big Sleep, and V8 Security. Personal account. Also @[email protected] and https://t.co/aVitnPjBie
Vincent Yiu @vysecurity
29K Followers 254 Following Director, Red Team, Offensive Security. Help organizations safeguard their businesses from the bad guys.
ippsec @ippsec
120K Followers 352 Following
Chromium Disclosed Se... @BugsChromium
8K Followers 0 Following Tweets publicly disclosed bugs in Chromium. Not an official Google product. Run by @SecurityMB. Mastodon: @[email protected]
Two Seven One Three @TwoSevenOneT
3K Followers 2K Following Chief Security Officer (CSO) || Security Researcher at https://t.co/YsorB5YEAu || Penetration Tester || Red Teamer || Social Engineering Awareness Trainer
EZ @IAMERICAbooted
2K Followers 1K Following Yesterday is history. Tomorrow is a mystery. Cloud Solutions Engineer at Contoso. Hacktive Directory admin. Posts don't represent my employer(s).
SecInterviewHub @sec_hub93028
3K Followers 2K Following Daily cybersecurity interview questions, tips, and industry insights. Check the articles tab ⬇️
Duncan Ogilvie 🍍 @mrexodia
9K Followers 334 Following Reverse engineer, creator of @x64dbg and 100+ other projects. Love binary analysis and Windows internals. Dreaming about doing open source full time...
flux @0xfluxsec
2K Followers 987 Following CRTO | Cyber professional (red team), security and systems programming | Rust | https://t.co/QIih2B7vya | https://t.co/VC3xsm0Wvq
Chubby♨️ @kimmonismus
85K Followers 3K Following Dream realized! Turned my love for AI into a career - sharing daily. Get my newsletter (210k+ subs): 📰 https://t.co/QaaY1wN9Tq // //📧 [email protected]
Hossam @0xHossam
1K Followers 1K Following red team operator @CyShieldCompany | adversary simulations newbie | interested in malware & windows security research
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
Thomas Seigneuret @_zblurx
3K Followers 392 Following Red Teamer & Security researcher Maintainer of #NetExec, #DonPAPI, dploot, certsync, and all the stuff on my github repo bsky: https://t.co/zISpgvDSWc
Fabian Bader @fabian_bader
9K Followers 817 Following #Security #Azure #AAD #MDE #M365 #AD #PKI Microsoft MVP Tweets and opinions are my own @[email protected]
jdelta @jdelta11
684 Followers 279 Following
Alon Leviev @alon_leviev
1K Followers 183 Following Vulnerability Researcher at Microsoft | Researcher, Speaker, BJJ Black Belt, Former BJJ World and Euro Champion
Hai vaknin @VakninHai
1K Followers 211 Following Security Researcher EAT-Sleep-Hack-Repeat https://t.co/oEFfl40EMN
Timo Lo(n)gin @timolongin
385 Followers 33 Following Currently pwning elderly Internet protocols Mastodon: @[email protected]
Bjoern Kerler @viperbjk
3K Followers 510 Following Analyst and Qc/MTK/Exynos/Unisoc/Kirin chipset pwner (aka RevSkills). Reverse Engineer/Coder/Maker. 3D Print and SDR enthusiast. New Technology. Bot-Hater.
exploits.club @exploitsclub
2K Followers 111 Following A VR, RE, and Exploit Dev weekly newsletter | Join the club Contact: [email protected]
Marion Schubert @MarionSchuber18
1 Followers 24 Following
Manfred Paul @_manfp
5K Followers 315 Following Security but not as in "national security". Playing CTFs with @redrocket_ctf (and @Sauercl0ud). Pwn2Own Vancouver 2020..=2024\{2023}. @[email protected]
SinSinology @SinSinology
12K Followers 685 Following Pwn2Own 20{22,23,24,24.5,25,25.5}, i look for 0-Days but i find N-Days & i chase oranges 🍊
FLienhart @sol3n_ya
12 Followers 450 Following
Ido Veltzman @Idov31
4K Followers 33 Following I'm a security researcher who uses this platform to share my projects and research. Opinions are my own. https://t.co/UiWgKq40sV
Nasreddine Benchercha... @nas_bench
11K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
stacksmashing @ghidraninja
48K Followers 452 Following Security researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of @hextreeio. Contact: [email protected]
X-Technobro @vendetce
504 Followers 696 Following
Tib3rius @0xTib3rius
69K Followers 597 Following Cybersecurity Content Creator | UwU-Anointed Wapp King | DEF CON Gameshow Host | Ex-Brit | https://t.co/04RRExvxXj (he/him) 🇺🇸 A deeply unserious person.
BILLY @Dragon_Pwn
201 Followers 242 Following
d1rkmtr @d1rkmtr
8K Followers 467 Following
Zach @svch0st
4K Followers 1K Following Everything DFIR @TheDFIRReport | @CuratedIntel | @XintraOrg https://t.co/ggakuKBS0S
Coldzer0 @Coldzer0x0
1K Followers 380 Following Senior Offensive security engineer @EG_CERT | { Opinions are my own } Offensive Tools Developer, Malware Analyst, Reverse Engineer 🦠
System Informer @SystemInformer
686 Followers 1 Following A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to you by Winsider Seminars & Solutions
Alh4zr3d @Alh4zr3d
24K Followers 276 Following Legal Criminal | Twitch cult leader | InfosecPrep founder | Lovecraft scholar | Soros mercenary | Spiritual cargo shorts wearer | Cthulhu fhtagn
Bad Packets by Okta @bad_packets
51K Followers 2 Following We provide cyber #threatintel on emerging threats, DDoS botnets, and network abuse.
Volodya @volodiyah
615 Followers 448 Following Security Engineer interested in Program Analysis with applications in (de)obfuscation, antivirus evasion or vulnerability research.
Kyle Avery @kyleavery_
4K Followers 420 Following