Public
- Public
- Network
- Groups
- Featured
- Popular
- People

Notices by cR0w (cr0w@infosec.exchange), page 2

Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 06-Jan-2026 03:25:29 JST cR0w
in reply to

Did you do it? Did you hack the Ubiquiti shit? Good. Here's more.
https://community.ui.com/releases/Security-Advisory-Bulletin-059-059/0c0b7f7a-68b7-41b9-987e-554f4b40e0e6
https://www.cve.org/CVERecord?id=CVE-2026-21635

In conversation about a month ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 06-Jan-2026 03:25:28 JST cR0w
in reply to
- B'ad Samurai 🐐🇺🇦
@badsamurai You know, I don't get them as much here as I expected. More legitimate questions like "Why do you hate Ubiquiti?" and "How dare you compare Ubiquiti to Tesla?!"

In conversation about a month ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 06-Jan-2026 03:25:27 JST cR0w
in reply to
@prettygood @badsamurai @Mustardfacial Presumably because it used to be a Tesla / Musk meme that was modified for Ubiquiti because Ubiquiti is the Tesla of networking.

In conversation about a month ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Saturday, 03-Jan-2026 03:43:14 JST cR0w

RE: https://infosec.exchange/@patrickcmiller/115807271030587157
No. Please. I beg you all. Don't push more software into critical infrastructure. :crow_plead:
In conversation about a month ago from infosec.exchange permalink
Attachments
1. No result found on File_thumbnail lookup.
  
  Patrick C Miller :donor: (@patrickcmiller@infosec.exchange)
  
  from Patrick C Miller :donor:
  
  Why the electrical grid needs more software https://techcrunch.com/2025/12/29/why-the-electrical-grid-needs-more-software/
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 30-Dec-2025 19:16:51 JST cR0w

LMAO.
https://www.cve.org/CVERecord?id=CVE-2025-68120
To prevent unexpected untrusted code execution, the Visual Studio Code Go extension is now disabled in Restricted Mode.

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 30-Dec-2025 00:06:36 JST cR0w

#directoryTraversalMemes
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. A man is in a room surrounded by computers and nerds. With him is a humanoid robot that appears to be mimicking his movements. The man does a weak-ass roundhouse kick and the robot copies him, but because of their locations, the robot kicks the man in the groin, crumbling him. Then the robot crumbles but it looks like it's mocking the man.
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Saturday, 27-Dec-2025 04:00:40 JST cR0w

Perfect 10 RCE in n8n. 🥳
https://github.com/n8n-io/n8n/security/advisories/GHSA-v98v-ff95-f3cp
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. Domain not in remote thumbnail source whitelist: opengraph.githubassets.com
  
  Remote Code Execution via Expression Injection
  
  ### Impact n8n contains a critical Remote Code Execution (RCE) vulnerability in its workflow expression evaluation system. Under certain conditions, expressions supplied by authenticated users dur...
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 19-Dec-2025 01:19:47 JST cR0w

Zed editor vulns.
https://github.com/zed-industries/zed/security/advisories/GHSA-cv6g-cmxc-vw8j
https://github.com/zed-industries/zed/security/advisories/GHSA-29cp-2hmh-hcxj

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 19-Dec-2025 01:13:14 JST cR0w
- Matthew Lyon
@mattly I expect there are a lot of undiscovered / unpublished vulns in all plugin ecosystems. Just look at the issues with the well-funded ones.

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 16-Dec-2025 11:26:16 JST cR0w
- K. Reid Wightman :verified: 🌻 :donor: :clippy:
@reverseics So what software are you going to buy and destroy while arrogantly harassing researchers?

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Tuesday, 16-Dec-2025 11:26:15 JST cR0w
in reply to
- K. Reid Wightman :verified: 🌻 :donor: :clippy:
@reverseics The dream.

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 12-Dec-2025 04:19:03 JST cR0w
in reply to
- BrianKrebs
@briankrebs
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. ASCII goatse with the weird genai dot mil logo in the center of his anus
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/702/512/252/177/319/original/ba5eba948fc5cd2c.png
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Friday, 12-Dec-2025 04:19:02 JST cR0w
in reply to
- BrianKrebs
- K. Reid Wightman :verified: 🌻 :donor: :clippy:
@reverseics @briankrebs The worst part is I was already preparing to put up another one on another website so it was an easy copy paste slop job.

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Thursday, 11-Dec-2025 23:25:08 JST cR0w
in reply to
- Bill
- Jeff Atwood
@codinghorror @Sempf You better run.
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. A crow holding a steak knife in its mouth.
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/701/183/051/910/363/original/81676115dc074090.jpg
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Monday, 08-Dec-2025 23:23:12 JST cR0w

Go hack more MCP shit.
https://unit42.paloaltonetworks.com/model-context-protocol-attack-vectors/

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Monday, 08-Dec-2025 23:23:09 JST cR0w
in reply to
- Andrew Golding
@huronbikes It's almost like vibe-coding an entire class of product was a bad idea.

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Monday, 08-Dec-2025 10:50:52 JST cR0w

RE: https://infosec.exchange/@patrickcmiller/115681402579901898
This had made many people very angry and has been widely regarded as a bad move.
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. No result found on File_thumbnail lookup.
  
  Patrick C Miller :donor: (@patrickcmiller@infosec.exchange)
  
  from Patrick C Miller :donor:
  
  In 1995, a Netscape employee wrote a hack in 10 days that now runs the Internet https://arstechnica.com/gadgets/2025/12/in-1995-a-netscape-employee-wrote-a-hack-in-10-days-that-now-runs-the-internet/
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Saturday, 06-Dec-2025 08:03:44 JST cR0w
- Kevin Beaumont
@GossiTheDog Seems like it would be easy to add at least one product as not vulnerable then, wouldn't it? I mean, they put up the advisory and people are talking about it. Why wait to populate it before US West goes on weekend?

In conversation about 2 months ago from infosec.exchange permalink
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Saturday, 06-Dec-2025 07:58:16 JST cR0w

RE: https://infosec.exchange/@cR0w/115663720460315600
Still nothing from Cisco...
In conversation about 2 months ago from infosec.exchange permalink
Attachments
1. No result found on File_thumbnail lookup.
  
  cR0w h0 h0 (@cR0w@infosec.exchange)
  
  from cR0w h0 h0
  
  Cisco published a placeholder advisory for the React vuln CVE-2025-55182. They have not finished analyzing any of their products yet so impact has not been determined. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-react-flight-TYw32Ddb
Embed this notice
cR0w (cr0w@infosec.exchange)'s status on Thursday, 04-Dec-2025 04:21:18 JST cR0w
in reply to
- Cat 🐈🥗 (D.Burch) :paw:⁠:paw:
- John Overholt
@catsalad @overholt
That's an anus!
In conversation about 2 months ago from gnusocial.jp permalink
Attachments
1. Shocked dude in his chair from the "That's a penis!" meme.
  https://media.infosec.exchange/infosec.exchange/media_attachments/files/115/657/246/265/553/207/original/f5094c4d2f243372.png

After
Before

User actions

Just another analyst chasing squirrels and pretending to know things.Anything stupid I say can and should be blamed on #AI. I mean, I don't intentionally use AI products, but if the AI snakeoilers can take credit for the things other people produce, they can also take the blame.

Tags

(None)

Following 0

Followers 0

Groups 0

Statistics

User ID: 161036

Member since: 18 Aug 2023

Notices: 386

Daily average: 0

Feeds

Atom