Lots of discussion by more traditional mainstream media outlets discussing the Chinese government allegedly compromising United States government official e-mails.

Non-nerds going full panic schizo mode.

For nerds: they're discussing Salt Typhoon

This isn't really a surprising compromise, in my opinion (if even true, I haven't seen an official write-up yet). The Chinese government (or rather, their state-sponsored contractors who do their bidding) have done things like this before in the past. Salt Typhoon is discussed damn near everyday.

I don't follow Chinese state-sponsored stuff too much, so I'm out the loop (it's for nerds), but Salt Typhoon has been a menace for a few years now. If you do a simple Google search of "Salt Typhoon" you'll see a massive list of everything they've done.

I'm in the United States. I love my country.

With that being said, if you're curious, you should take a moment to search "APT-Q-95". APT-Q-95 is (allegedly) the United States government and (allegedly) has performed several high profile compromises (allegedly). These (alleged) high profile compromises include the Chinese military, Chinese think-tanks (allegedly), and universities (allegedly). APT-Q-95 (allegedly) uses novel Microsoft Windows 0days (allegedly) which the Chinese government assert the United States government (allegedly) told Microsoft not to patch (allegedly) so the United States government could (allegedly) easily compromise high-profile Chinese targets (allegedly).

The United States (allegedly) performs hack-backs against the Chinese government. Although, the United States government asserts they're innocent. Likewise, the Chinese government asserts they've never compromised the United States and they're innocent.

Chen Zhi, that dude who made like, $75,000,000,000 from cryptoscamming and stuff, was extradited from Cambodia to China.

The Chinese government released footage of his arrest & are treating Chen Zhi like he's Bin Laden

Dawg, the Chinese government is going to KILL this guy

- Black bag over his face
- Private flight to China
- Surrounded by armed guards
- Arms and legs shackled
- Private bus of armed guards

He is so fucked bro, he's going to magically "disappear".

My friend IceSolst has been doing incredibly dangerous research. She has enumerated EVERY version of Microsoft Copilot.

Viewer discretion is advised.

- Microsoft Copilot
- Microsoft Copilot Pro
- Microsoft Copilot Business
- Microsoft Copilot+ PC
- Microsoft Copilot Chat - Powered by WorkIQ
- Copilot Pages
- Copilot Studio
- Gaming Copilot
- Copilot Voice
- Copilot Labs
- Copilot for Windows
- Copilot in Bing
- Copilot for Microsoft 365
- Copilot for Word
- Copilot for Excel
- Copilot for PowerPoint
- Copilot for Outlook
- Copilot for Teams
- Copilot for OneNote
- Copilot for Loop
- Copilot for Sharepoint
- Copilot for Viva
- Copilot for Sales
- Copilot for Service
- Copilot for Security
- Copilot for Finance
- Copilot for HR (in Copilot for HR)
- Azure Copilot
- GitHub Copilot
- GitHub Copilot Chat
- Copilot for Microsoft Defender
- Copilot for Entra
- Copilot for Intune
- Copilot for Purview
- Copilot for Edge
- Copilot for Designer
- Copilot for Clipchamp
- Copilot for Photos
- Copilot for Dynamics 365 Sales
- Copilot for Dynamics 365 Customer Service
- Copilot for Dynamics 365 Marketing
- Copilot for Dynamics 365 Supply Chain
- PayPal Microsoft Copilot [NEW]

Microsoft is offering 43 different versions of Microsoft Copilot

- Copilot for HR (in Copilot for Viva)*

Sorry, I saw "Copilot for ____" so many times my head started spinning.

Just came up with a TRILLION dollar tech startup idea.

Microsoft Copilot for Microsoft Copilot

We put Copilot on Microsoft Copilot so Copilot can Copilot when you're using Microsoft Copilot to make Copilot easier to Copilot

Satya Nadella, call me bro let's get rich

The more I look into Chen Zhi the more my head spins. This guy was CRAZY

I would have to write a MASSIVE document on this guy to explain everything.
- Owned a BANK
- Owned a series of hotels and apartments
- Owned a series of casinos
- Owned a series of supermarkets
- Owned cryptomining facilities
- Owned a bunch of cigar stuff
- Owned a water purification company
- Had offices in the United States, United Kingdom, South Korea, Japan, China, Cambodia
- Thousands of employees

All of this was fueled by him doing HUMAN TRAFFICKING of women (including minors) to perform sextortion and scamming for cryptocurrency. The United States asserts he had as many as 100,000 SLAVES. His scamming was making (at its peak) $30,000,000 a day ($10,000,000,000 a year).

He won numerous awards for his businesses. He was friends with political elite in China and Cambodia. He was named a "Lord" in Cambodia. He was praised for his philanthropy.

The United States government tied his organization to torture and other violent crimes. He was responsible for a "cartel execution and brutal murder" of a 25 year old man. He worked with "14K Triad" to manage casinos and slaves where he worked (in some capacity) with their leader "Broken Tooth" for stuff surrounding prostitution, murder for hire, human trafficking, drug smuggling, etc.

His bank had assets of over $1,000,000,000. He had a series of apartment complexes and resorts that invested over $10,000,000,000 into. He purchased a large portion of cigar stocks, investing over $1,500,000,000. He donated over $2,000,000,000 to various places in Cambodia.

In 2025 the United States seized his BTC worth $15,000,000,0000. The estimation of all of his assets, crime, employees, etc. passes $75,000,000,000, possibly higher.

He had a collection of super cars, yachts, mansions....

BREAKING: Trump administration interested in purchasing Greenland.

Trump allegedly considering giving all Greenland residents:
- 1 year subscription to Crunchyroll
- 3 months of Discord Nitro
- Password to his Netflix account
- Raffle for TV

BREAKING: The 44th and 45th version of Microsoft Copilot has been identified.

Copilot for PowerBI
Dragon Copilot

Was Donald Trump trying to warn us?

As a person who understands privacy is important I recommend all of my friends, family, colleagues, and followers to use ZORP: SAFER INTERNET VPN

1. It is FREE
2. It is ZORP

With a simple click of a button you're ZORP

(dont use this, this is satire*)

https://play.google.com/store/apps/details?id=com.github.zorp

mfw I realize you can use C++ WINAPI COM IUIAutomation to communicate with Copilot directly and tell it do things like "execute this file" (Copilot is now Copiloting my malicious payload)

I made a joke about asking Copilot to encrypt my files. Then I got curious and looked into if Copilot can launch files (it can). I've been able to pipe input directly to Copilot using COM, it's very silly (SendMessage doesn't work on it, it's their new fancy UI bullshit).

Note: It's wildly inconsistent during my testing. I'll release my code and let others experiment with it who are better with that sort of stuff.

I think it's a neat project and there is room for more growth and exploration

Sometimes it displays a consent prompt (haven't automated that), sometimes it tells me to do it myself. Sometimes it tells me to do it via voice command (???).

Good news everyone,

MS-Paint, the legacy art software which has shipped with Windows since 1985, has been dramatically IMPROVED to now include Microsoft Copilot Image Creator.

*subscription required, need Microsoft Copilot AI credits

Credit to Icesolst, she is DOG THE MICROSOFT COPILOT HUNTER

I guess this goes back to 2022, I'm just blind as hell and dumb as hell.

I'm late to the outrage, but I'm still outraged gosh dangit

In 2003 Travis Grygla was convicted of possession of CSAM (Child Sexual Abuse Material).

In 2008 Travis Grygla was convicted of distribution of CSAM.

Following his release, in 2024 he was subject to a federal raid for possession and distribution of CSAM (again). However, when the United States Homeland Security Investigation Unit showed up to his house he ran outside and stole the federal agents car.

As you could probably assume, Homeland Security loves it when a convicted CSAM distributor steals their vehicle (which has a loaded gun in the vehicle) and leads them on a 110MPH (117KPH) police chase.

January 4th, 2026, Midwest Safety was able to get a copy of the police cam body footage as a result of a court subpoena.

If you'd like to watch United States Homeland Security Investigation Unit, Portland Oregon Police Bureau, Vancouver Oregon Police Department, Washington State Patrol, and Cowlitz County Sheriff’s Office, chase Travis Grygla I recommend watching the attached video.

https://www.youtube.com/watch?v=s_HmsifhNaw

Mr. Grygla's Department of Justice announcement:

https://www.justice.gov/usao-or/pr/recidivist-sex-offender-sentenced-21-years-federal-prison-distribution-child-pornography

Abusing Microsoft Copilot: Copilot, copilot my payload

*please read limitations notes on the page. It's important you read that.

tl;dr inconsistent, needs more research, potential avenue to explore

https://malwaresourcecode.com/home/my-projects/proof-of-concepts/microsoft-copilot-copilot-my-payload

Discussions online today of 17,500,000 people involved in an "Instagram" leak.

This is a clarification from a previous post I made, which I've subsequently deleted, to avoid confusion and add more details.

Normally these sort of "leaks" are a result of API scraping. This has happened in the past with LinkedIn and Trello. Basically someone writes a program that communicates with Instagram and requests information on a user profile. They then loop this through as many Instagram profiles as possible.

New information has come forward, as people have provided me with feedback, suggesting this is a combination of API scraping, a giant list of known stolen Instagram accounts, blah blah blah, and content from a previous leak.

Others have speculated this is someone who is doing mass password resets to try to correlate phone numbers and emails with accounts.

Basically, nobody knows. We can only make educated guesses. Regardless, Instagram wasn't "hacked" or compromised.

These sort of "leaks" resurface and reappear every couple of months, sometimes years, and is basically just a database for scammers and extortionists to do lookups or try to do phishing campaigns.

Pic of weird looking cat riding motorcycle is me rn fr

Hi

vxdb (on Twitter, no idea if he's on Telegram), initially unrelated to vx-underground, will now be a vx-underground staffer. He isn't a malware nerd, but he is terminally online, a degenerate, and continues to help me with stuff (which I deeply appreciate).

He'll be doing some administrative work for me. It is becoming increasingly difficult to do stuff while managing full time employment, a baby boy, and a vx-underground. He won't have access to this account, or vx-underground infrastructure, but he'll be handling other stuff (read below)

In summary, one of the first things we'll be doing is making a social media profile exclusive to g1v3aw4ys. This will eliminate the g1v3aw4y spam from this profile. I have yet to finish the g1v3aw4ys from 2025. Oops.

Thanks to TorGuard, and our monthly sponsors, I am hoping to do more g1v3aw4ys on the other profile throughout 2026. Maybe like, books, or something, I don't know. It won't be big stuff. But ideally like, $200/month of free stuff. Then, during the end of the year, the account does big stuff.

ok ily ttyl bye