This media is not supported in your browser
VIEW IN TELEGRAM
You started this war, but we will draw its end.
Forwarded from RME-DisCo @ UNIZAR [www.reversea.me]
Finding SSRFs in Azure DevOps - Part 2 #SSRF #AzureDevOps #AzureSecurity #DNSRebinding #SourceCodeDebugging https://binsec.no/posts/2025/05/finding-ssrfs-in-devops-part2
Binary Security AS
Finding SSRFs in Azure DevOps - Part 2
Binary Security was previously rewarded for three Server-Side Request Forgery (SSRF) vulnerabilities in Azure DevOps, which you can read about here. Now we have found another SSRF vulnerability that we also reported to Microsoft. We then bypassed Microsoft’s…
Forwarded from Source Byte
MacOS hacking part 2: classic injection trick into macOS applications. Simple C example by cocomelonc
#APT34 (aka OILRIG) is known to use code injection techniques to interact with macOS and Linux systems, leveraging vulnerabilities and weaknesses in the system’s security mechanisms to inject code into running processes.
#APT10 (aka Red Apollo), another advanced Chinese group, has been known to use techniques like process injection and DLL hijacking to manipulate and monitor systems. This is conceptually similar to DYLD_INSERT_LIBRARIES because it involves injecting malicious code into existing applications.
Forwarded from Handala Hack
As of now, the main message-receiving account of Iran International has been fully breached and taken over.
This channel, long used as a so-called "secure line" for communication with informants, spies, traitors, and foreign agents, is now under our complete control.
During this operation, all incoming messages, attachments, reports, images, and videos shared with this channel have been extracted in full.
The content has been processed and cross-referenced against multiple intelligence and identification databases.
We now possess the full identity profiles of over 71,000 individuals who have contacted this network.
These names and data are now classified, indexed, and archived. Selected portions will be released soon.
Our analysis confirms the existence of a media-based espionage and influence network directed by Mossad, operating under the false flag of “independent journalism”.
To everyone who has reached out to this network:
You are being watched. Your information has been logged. And your reckoning is near.
This is not just a hack.
This is a direct declaration of presence by the resistance inside the heart of enemy systems.
Expect us. We are closer than you think.
@Handala_Channel
#Handala
This channel, long used as a so-called "secure line" for communication with informants, spies, traitors, and foreign agents, is now under our complete control.
During this operation, all incoming messages, attachments, reports, images, and videos shared with this channel have been extracted in full.
The content has been processed and cross-referenced against multiple intelligence and identification databases.
We now possess the full identity profiles of over 71,000 individuals who have contacted this network.
These names and data are now classified, indexed, and archived. Selected portions will be released soon.
Our analysis confirms the existence of a media-based espionage and influence network directed by Mossad, operating under the false flag of “independent journalism”.
To everyone who has reached out to this network:
You are being watched. Your information has been logged. And your reckoning is near.
This is not just a hack.
This is a direct declaration of presence by the resistance inside the heart of enemy systems.
Expect us. We are closer than you think.
@Handala_Channel
#Handala
❤1
Forwarded from Handala Hack
Iran International Admins:
@sabeti
@Dexter1365
@assalbahadorani
@baobak
@adibrostami = +447546893921
@Rmohaddes
@samiragolchin
@MrPattern1
@IranIntlbama
@AyrshareBot
@Mehrsarahnama
@mparpanchi
@ZA_mohsen
@Aghdam_Mehdi
@saheyd
@Khalajimostafa
@A_2_3_S
@mehrdad89
@Arghavanshams = +16479176290
@NadiaTariqi
@naas24 = +358413123575
@FarnazDavari
@H_ki52
@MaryRhm84 = +447804508639
@Farnooshfam
@PooyaJahandarIR = +447401668454
@m_23456
@MehdiTajik1 = +447534172250
@Handala_Channel
#Handala
@sabeti
@Dexter1365
@assalbahadorani
@baobak
@adibrostami = +447546893921
@Rmohaddes
@samiragolchin
@MrPattern1
@IranIntlbama
@AyrshareBot
@Mehrsarahnama
@mparpanchi
@ZA_mohsen
@Aghdam_Mehdi
@saheyd
@Khalajimostafa
@A_2_3_S
@mehrdad89
@Arghavanshams = +16479176290
@NadiaTariqi
@naas24 = +358413123575
@FarnazDavari
@H_ki52
@MaryRhm84 = +447804508639
@Farnooshfam
@PooyaJahandarIR = +447401668454
@m_23456
@MehdiTajik1 = +447534172250
@Handala_Channel
#Handala
❤1🤯1
StealSeek.io – Leaked Data and OSINT Search Engine
StealSeek is a powerful OSINT platform designed for researchers, cybersecurity experts, and privacy researchers. Instantly search over 22 billion leaked records and millions of logs with complete anonymity.
💀 Breach Log Intelligence
Discover millions of categorized breach logs (RedLine, Raccoon, Vidar). Search by email, password, domain, cookies, wallets, autofill, ULPs, and more. Download and review the log file or view it via preview on our website.
🧠 Telegram OSINT
Search for any user by username or ID number. View group activity, message history, and identity timeline.
🎮 Discord OSINT (Coming Soon)
Monitor servers, messages, voice logs, and file sharing history by username or ID number.
📂 Data Breach Search Engine
Search through 23,869 sources and over 22 billion lines for emails, usernames, passwords, IPs, domain names, phone numbers, crypto wallets, VINs, and more.
🛡 Privacy First
No email or registration required
Crypto payments accepted (BTC, XMR, USDT, etc.)
Fully anonymous access, including the .onion version
stealseek.io
StealSeek is a powerful OSINT platform designed for researchers, cybersecurity experts, and privacy researchers. Instantly search over 22 billion leaked records and millions of logs with complete anonymity.
💀 Breach Log Intelligence
Discover millions of categorized breach logs (RedLine, Raccoon, Vidar). Search by email, password, domain, cookies, wallets, autofill, ULPs, and more. Download and review the log file or view it via preview on our website.
🧠 Telegram OSINT
Search for any user by username or ID number. View group activity, message history, and identity timeline.
🎮 Discord OSINT (Coming Soon)
Monitor servers, messages, voice logs, and file sharing history by username or ID number.
📂 Data Breach Search Engine
Search through 23,869 sources and over 22 billion lines for emails, usernames, passwords, IPs, domain names, phone numbers, crypto wallets, VINs, and more.
🛡 Privacy First
No email or registration required
Crypto payments accepted (BTC, XMR, USDT, etc.)
Fully anonymous access, including the .onion version
stealseek.io