Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Notices by cR0w (cr0w@infosec.exchange), page 2

Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 19-Dec-2025 01:19:47 JST cR0w

Zed editor vulns.
https://github.com/zed-industries/zed/security/advisories/GHSA-cv6g-cmxc-vw8j
https://github.com/zed-industries/zed/security/advisories/GHSA-29cp-2hmh-hcxj

In conversation about a month ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 19-Dec-2025 01:13:14 JST cR0w
- Matthew Lyon
@mattly I expect there are a lot of undiscovered / unpublished vulns in all plugin ecosystems. Just look at the issues with the well-funded ones.

In conversation about a month ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 16-Dec-2025 11:26:16 JST cR0w
- K. Reid Wightman :verified: 🌻 :donor: :clippy:
@reverseics So what software are you going to buy and destroy while arrogantly harassing researchers?

In conversation about a month ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 16-Dec-2025 11:26:15 JST cR0w
in reply to
- K. Reid Wightman :verified: 🌻 :donor: :clippy:
@reverseics The dream.

In conversation about a month ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 12-Dec-2025 04:19:03 JST cR0w
in reply to
- BrianKrebs
@briankrebs
In conversation about a month ago from infosec.exchange permalink
Attachments
1. ASCII goatse with the weird genai dot mil logo in the center of his anus
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/702/512/252/177/319/original/ba5eba948fc5cd2c.png
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 12-Dec-2025 04:19:02 JST cR0w
in reply to
- BrianKrebs
- K. Reid Wightman :verified: 🌻 :donor: :clippy:
@reverseics @briankrebs The worst part is I was already preparing to put up another one on another website so it was an easy copy paste slop job.

In conversation about a month ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Thursday, 11-Dec-2025 23:25:08 JST cR0w
in reply to
- Bill
- Jeff Atwood
@codinghorror @Sempf You better run.
In conversation about a month ago from infosec.exchange permalink
Attachments
1. A crow holding a steak knife in its mouth.
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/701/183/051/910/363/original/81676115dc074090.jpg
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Monday, 08-Dec-2025 23:23:12 JST cR0w

Go hack more MCP shit.
https://unit42.paloaltonetworks.com/model-context-protocol-attack-vectors/

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Monday, 08-Dec-2025 23:23:09 JST cR0w
in reply to
- Andrew Golding
@huronbikes It's almost like vibe-coding an entire class of product was a bad idea.

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Monday, 08-Dec-2025 10:50:52 JST cR0w

RE: https://infosec.exchange/@patrickcmiller/115681402579901898
This had made many people very angry and has been widely regarded as a bad move.
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. No result found on File_thumbnail lookup.
  
  Patrick C Miller :donor: (@patrickcmiller@infosec.exchange)
  
  from Patrick C Miller :donor:
  
  In 1995, a Netscape employee wrote a hack in 10 days that now runs the Internet https://arstechnica.com/gadgets/2025/12/in-1995-a-netscape-employee-wrote-a-hack-in-10-days-that-now-runs-the-internet/
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Saturday, 06-Dec-2025 08:03:44 JST cR0w
- Kevin Beaumont
@GossiTheDog Seems like it would be easy to add at least one product as not vulnerable then, wouldn't it? I mean, they put up the advisory and people are talking about it. Why wait to populate it before US West goes on weekend?

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Saturday, 06-Dec-2025 07:58:16 JST cR0w

RE: https://infosec.exchange/@cR0w/115663720460315600
Still nothing from Cisco...
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. No result found on File_thumbnail lookup.
  
  cR0w h0 h0 (@cR0w@infosec.exchange)
  
  from cR0w h0 h0
  
  Cisco published a placeholder advisory for the React vuln CVE-2025-55182. They have not finished analyzing any of their products yet so impact has not been determined. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-react-flight-TYw32Ddb
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Thursday, 04-Dec-2025 04:21:18 JST cR0w
in reply to
- Cat 🐈🥗 (D.Burch) :paw:⁠:paw:
- John Overholt
@catsalad @overholt
That's an anus!
In conversation about 2 months ago from gnusocial.jp permalink
Attachments
1. Shocked dude in his chair from the "That's a penis!" meme.
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/657/246/265/553/207/original/f5094c4d2f243372.png
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Thursday, 20-Nov-2025 19:46:52 JST cR0w

I wonder how many people have had the brilliant idea to sidestep password cracking by passing hashes to an LLM or something, hoping it would magically give them the plaintexts. :brdThink:

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Thursday, 20-Nov-2025 06:18:13 JST cR0w
- Kevin Beaumont
@GossiTheDog What the LinkedIn fuck is a Chief Hacking Officer?

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Saturday, 15-Nov-2025 06:34:44 JST cR0w
in reply to
- Mr. Crab - Sysadmin from Heck
@CrabbyIT www.linkedin.com/in/gayint
:neocat_bottom:
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. Untitled attachment
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Saturday, 15-Nov-2025 00:53:08 JST cR0w

#directoryTraversalMemes
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. Soldier protecting child meme. The child is labeled "Critical Infrastructure" and the soldier is labeled "INFOSEC". But the soldier is on the wrong side of the sleeping child so all the weapons flying at the child, which are labeled "../" are about to strike the child while the soldier confidently protects them from literally nothing.
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/548/709/464/965/073/original/3e7370cf977facab.png
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Saturday, 15-Nov-2025 00:52:35 JST cR0w

#directoryTraversalMemes
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. Indiana Jones scene where the dude is threatening Indy with a sword. He's labeled "Losing sleep developing 1337 exploit." Indy is labeled "Using ../ because it works" and pulls out a sidearm labeled "../" and shoots the swordsman, now labeled as "Bragging rights with nerds" as he dies.
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 14-Nov-2025 07:08:10 JST cR0w

RE: https://infosec.exchange/@SecurityWriter/115543679693908794
Go hack more AI shit.
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. No result found on File_thumbnail lookup.
  
  Security Writer :donor: (@SecurityWriter@infosec.exchange)
  
  from Security Writer :donor:
  
  The fucking state of this: https://www.securityweek.com/chatgpt-vulnerability-exposed-underlying-cloud-infrastructure/
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 14-Nov-2025 05:41:46 JST cR0w
in reply to
- BrianKrebs
- Cat 🐈🥗 (D.Burch) :paw:⁠:paw:
@catsalad @briankrebs My mind was blown when I did that in the middle of a demo and a student told me about Ctrl+Shift+T. Saved my ass hundreds of times ever since.

In conversation about 2 months ago from infosec.exchange permalink

After
Before

User actions

Just another analyst chasing squirrels and pretending to know things.Anything stupid I say can and should be blamed on #AI. I mean, I don't intentionally use AI products, but if the AI snakeoilers can take credit for the things other people produce, they can also take the blame.

Tags

(None)

Following 0

Followers 0

Groups 0

Statistics

User ID: 161036

Member since: 18 Aug 2023

Notices: 379

Daily average: 0

Feeds

Atom