Just a little "yapping time" with a dose of reality ๐
u know, I sometimes think back to how much I prayed to get to this stage โ to be a uni student, a hacker, all of it. And now that I'm here, I'm honestly not always satisfied. I don't know if that's just human nature or what, but it got me thinking.
Life definitely has its mental breakdowns and tough spells, but even in those moments, we need to remember to be grateful.
I was literally thinking about this in class today. All those prayers in high school, just begging to get into uni. And here I am now: a uni student, a hacker โ even if I'm not gobez temari, and things don't always go exactly as I planned, God always surprises me in amazing ways.
Seriously, I want to thank all of you for being here with me this whole time. I really, truly mean that.
Love you all,
and please don't forget to thank God! ๐
@AfroSec
u know, I sometimes think back to how much I prayed to get to this stage โ to be a uni student, a hacker, all of it. And now that I'm here, I'm honestly not always satisfied. I don't know if that's just human nature or what, but it got me thinking.
Life definitely has its mental breakdowns and tough spells, but even in those moments, we need to remember to be grateful.
I was literally thinking about this in class today. All those prayers in high school, just begging to get into uni. And here I am now: a uni student, a hacker โ even if I'm not gobez temari, and things don't always go exactly as I planned, God always surprises me in amazing ways.
Seriously, I want to thank all of you for being here with me this whole time. I really, truly mean that.
Love you all,
and please don't forget to thank God! ๐
@AfroSec
โค16โคโ๐ฅ3๐ฅฐ2๐2
Forwarded from The Hacker News
๐จ A critical CVSS 9.8 flaw in "react-native-community/cli" let anyone run OS commands on your dev machineโno login needed.
Itโs patched now, but millions of React Native devs were exposed for months.
Check your version and lock down that dev server. โ https://thehackernews.com/2025/11/critical-react-native-cli-flaw-exposed.html
Itโs patched now, but millions of React Native devs were exposed for months.
Check your version and lock down that dev server. โ https://thehackernews.com/2025/11/critical-react-native-cli-flaw-exposed.html
โค3โก1
Forwarded from Kiru
๐ Security shouldn't slow your Vite dev flow but it does, right? Endless CSP tweaks, vuln hunts, audit fails killing indie MVPs?
Introducing Nalth V2.2: Zero-config security framework forked from Vite. Enterprise armor for JS/TS stacks, auto-HTTPS, real-time dashboard. React/Vue/Svelte? Seamless.
One command: npx create-nalth my-app --template nalth-react
โ CSP + headers auto-gen
โVuln scans & secure installs
โ SOC2/GDPR ready, no perf hit
Built for indie hackers shipping safe, devs ditching configs, startups scaling audits. join the fight! Link: https://www.nalthJS.com
Try: https://github.com/nalikiru-dev/nalth.js
๐ฆ NPM: https://www.npmjs.com/package/nalth https://www.npmjs.com/package/create-nalth
๐ฌ Feedback? Reply or DM. What's your biggest sec pain?
#WebDevelopment #JavaScript #Security #ViteJS #IndieHackers
Introducing Nalth V2.2: Zero-config security framework forked from Vite. Enterprise armor for JS/TS stacks, auto-HTTPS, real-time dashboard. React/Vue/Svelte? Seamless.
One command: npx create-nalth my-app --template nalth-react
โ CSP + headers auto-gen
โVuln scans & secure installs
โ SOC2/GDPR ready, no perf hit
Built for indie hackers shipping safe, devs ditching configs, startups scaling audits. join the fight! Link: https://www.nalthJS.com
Try: https://github.com/nalikiru-dev/nalth.js
๐ฆ NPM: https://www.npmjs.com/package/nalth https://www.npmjs.com/package/create-nalth
๐ฌ Feedback? Reply or DM. What's your biggest sec pain?
#WebDevelopment #JavaScript #Security #ViteJS #IndieHackers
๐ฅ4
Forwarded from The Hacker News
โก Hackers turned Windows against itself.
Curly COMrades is using Microsoft's Hyper-V to run small Linux virtual machines inside Windows 10.
This is a sneaky way to get their malware past EDR tools.
Read the whole story โ https://thehackernews.com/2025/11/hackers-weaponize-windows-hyper-v-to.html
Curly COMrades is using Microsoft's Hyper-V to run small Linux virtual machines inside Windows 10.
This is a sneaky way to get their malware past EDR tools.
Read the whole story โ https://thehackernews.com/2025/11/hackers-weaponize-windows-hyper-v-to.html
๐ฅ2๐1
Forwarded from Ge'ez Techยฎ แแแ แดแญ
#News
Owasp Top 10 Web Vulns 2025 are Out!!
Broken Acess Control is leading the way(SSRF is included in it), Injections are still around in 2025.
#geeztech @geeztechgroup
Owasp Top 10 Web Vulns 2025 are Out!!
Broken Acess Control is leading the way(SSRF is included in it), Injections are still around in 2025.
#geeztech @geeztechgroup
๐2๐2
Forwarded from AASTU CSC (ใ
ค)
๐ฅ Saturday CYberNight is BACK!๐ฅ
Yo fam after a long break, our SaturdayCYber Night sessions are finally making a comeback tomorrow night at 8:30 PM (EAT)๐
And guess what? Weโre kicking it off *big* this time โ with a special guest joining us, a real hacker & red team engineer whoโs been deep in the trenches of offensive security. Expect raw stories, mindset talk, and some serious red team wisdom.
Bring your snacks, your curiosity, and your questions โ itโs gonna be one of those nights again ๐
#Cybersecurity #RedTeam #HackerTalk
@AASTU_Cyberclub
Yo fam after a long break, our SaturdayCYber Night sessions are finally making a comeback tomorrow night at 8:30 PM (EAT)๐
And guess what? Weโre kicking it off *big* this time โ with a special guest joining us, a real hacker & red team engineer whoโs been deep in the trenches of offensive security. Expect raw stories, mindset talk, and some serious red team wisdom.
๐ Where: Here on Telegram
๐ When: Saturday, 8:30 PM EAT
Bring your snacks, your curiosity, and your questions โ itโs gonna be one of those nights again ๐
#Cybersecurity #RedTeam #HackerTalk
@AASTU_Cyberclub
๐ฅ4โคโ๐ฅ2๐ค1
โก2โค2๐ณ1
AfroSec
AASTU CSC โ ep2
do u think am a good host or ? eski check it out, cyber night session with ELIEZER (brutal panda) it was soo lit tho ๐ฅ๐ฅ
@AfroSec
@AfroSec
๐ฅ5โค1๐ฏ1
was reading a course called control system cuz ur boi has mid exam and was trynna relate it wiz cybersec :)
From Blue Team perspective ๐
like SOC team isn't just monitoring - it's running a massive feedback control system. Every alert is a sensor reading, every playbook is a control algorithm
@AfroSec
From Blue Team perspective ๐
Control: Cybersecurity:
Sensor Measurements โโ SIEM Logs/Telemetry
Controller Action โโ Security Automation
Setpoint โโ Security Policy
Disturbance โโ Attack/Threat
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
SECURITY CONTROL LOOP
THREAT โ DETECTION โ RESPONSE โ
โ โ
โโโโ FEEDBACK โโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
like SOC team isn't just monitoring - it's running a massive feedback control system. Every alert is a sensor reading, every playbook is a control algorithm
@AfroSec
๐ฅ2๐2๐ญ1
Forwarded from Brut Security (DarkShadowโจ ShellSec)
Hey Hunter's,
Darkshadow here back again, dropping a really very interesting Method.
๐Web cache to RCE!๐
While i normally visit the web application i noticed, the website actively makes cache file from clint side to store errors.
Now The idea is, if we able to make any custom error then it will be cached, and if any how the error execute on the system we might see the output.
โ Exploit to reproduce final RCE:
1. The webapp was sending request from client side in a array based parameter.
2. Change the valid Input to a PHP code using system function. Here we just try to making a error using the invalid input.
3. Now the web application is not able to handle this input and makes error and store in a cache file.
4. After visiting the cache file, The error message reflecting on the cache file.
5. But wait, it's also execute my PHP code and store the command output in the file. Means we can execute OS commands output in cache file via making error. Means RCE!
Follow me for more methods x.com/darkshadow2bd
Darkshadow here back again, dropping a really very interesting Method.
๐Web cache to RCE!๐
While i normally visit the web application i noticed, the website actively makes cache file from clint side to store errors.
Now The idea is, if we able to make any custom error then it will be cached, and if any how the error execute on the system we might see the output.
โ Exploit to reproduce final RCE:
1. The webapp was sending request from client side in a array based parameter.
2. Change the valid Input to a PHP code using system function. Here we just try to making a error using the invalid input.
3. Now the web application is not able to handle this input and makes error and store in a cache file.
4. After visiting the cache file, The error message reflecting on the cache file.
5. But wait, it's also execute my PHP code and store the command output in the file. Means we can execute OS commands output in cache file via making error. Means RCE!
Follow me for more methods x.com/darkshadow2bd
โก2๐1