Thank you #DEFCONSafeMode for the opportunity to present my talk "Bypassing Biometric Systems with 3D Printing", the live Q&A that was really fun and included the "shoot the noob" ceremony and your awesome staff that made me feel really comfortable. #Defcon #defcon28

For the past 48hrs I've been unwinding a massive wallet draining operation 😳😭 I don't know how big it is but since Dec 2022 it's drained 5000 ETH and ??? in tokens / NFTs / coins across 11 chains. Its rekt my friends & OGs who are reasonably secure. No one knows how.

#Safemoon was just hacked for $8.9M. After two minutes looking at the newest Safemoon contract, I was able to identify the extremely obvious exploit. The attacker took advantage of the public burn() function, this function let any user burn tokens from ANY other address (code attached). The attacker used this function to remove SFM tokens from the Safemoon-WBNB Liquidity Pool, artificially raising the price of SFM. The attacker was then able to sell SFM into this LP at a grossly overpriced rate within the same transaction, wiping out the remaining WBNB in the liquidity pool. This is an extremely elementary exploit that many contracts in the space have been falling victim to. Please do not let any user burn tokens from any address, it is a bad idea.

I hacked into a @Bing CMS that allowed me to alter search results and take over millions of @Office365 accounts. How did I do it? Well, it all started with a simple click in @Azure… 👀 This is the story of #BingBang 🧵⬇️

We've just published a quick write up on CVE-2023-23397, which allows a remote adversary to leak NetNTLMv2 hashes: mdsec.co.uk/2023/03/exploiti… by @domchell

3.1415926535897932384626433832795028841971693993751058209749445923078164062862089986280348253421170679821480865132823066470938446095505822317253594081284811174502841027019385211055596446229489549303819644288109756659334461284756482337867831652712019091456485669234603486104543266482133936072602491412737245870066063155881748815209209628292540917153643678925903600113305305488204665213841469519415116094330572703657595919530921861173819326117931051185480744623799627495673518857527248912279381830119491298336733624406566430860213949463952247371907021798609437027705392171762931767523846748184676694051320005681271452635608277857713427577896091736371787214684409012249534301465495853710507922796892589235420199561121290219608640344181598136297747713099605187072113499999983729780499510597317328160963185950244594553469083026425223082533446850352619311881710100031378387528865875332083814206171776691473035982534904287554687311595628638823537875937519577818577805321712268066130019278766111959092164201989…

This is the MOST ALPHA research paper about smart contract security EVER. 🧵 THEORY: They examined 516 smart contract security bugs & exploits. FACTS: They applied the THEORY in @code4rena contests & bug bounties and received a total prize of $102k 🤯 github.com/ZhangZhuoSJTU/Web…

506 days since Taliban BANNED girls from going to school. There is no other country in the world that bans female education. These brave girls in Afghanistan are chanting — “We want education. We want education for girls. We want an educated Afghanistan”

This market cycle was absolutely unforgettable. From hilarious bloopers, to enraged influencers, to unbelievable memes, 2022 had it all. Come with us as we take a trip down memory lane…

Vi esto en ig y estoy fascinada. Créditos a citizens.wtf y manunucass

1986 🏆🇦🇷🏆 2022

El régimen iraní acaba de condenar a muerte a Amir Nasr-Azadani, futbolista de la selección de Irán, por pronunciarse a favor de las protestas por los derechos de las mujeres. Será ejecutado en la horca. El mundo del deporte debe levantar la voz y evitarlo. Sin palabras.

Demonstrating CVE-2022-37958 RCE Vuln. Reachable via any Windows application protocol that authenticates. Yes, that means RDP, SMB and many more. Please patch this one, it's serious! securityintelligence.com/pos…

ChatGPT has crossed 1M users in just 5 days. To compare, it took Netflix 41 months, FB - 10 months, and Instagram - 2.5 months. But many haven’t yet realized its full potential. Here are the 10 mindblowing things you can do using it right now:

This is MASSIVE. The Windows Subsystem for Linux in the Microsoft Store is now generally available on Windows 10 and 11! Windows 10 users can now run Linux GUI apps natively! devblogs.microsoft.com/comma…

lmao

Antes que se funda Twitter hagamos un hilo con los tuits que deberían guardarse sí o sí en un archivo. Este sin duda:

If you thought it was over after yesterday's bankruptcy for FTX, think again. FTX just got hacked for almost $400M. All funds are drained. All balances are zero. Insane.

I made a browser extension to detect who has paid $8 for their blue checkmark github.com/wesbos/who-blue

Gracias a la Universidad de Harvard, ya podéis entrar virtualmente en 3D y 360º en la Gran Pirámide de Giza. giza.mused.org/en/guided/266…