This media is not supported in your browser
VIEW IN TELEGRAM
mfw I realize you can use C++ WINAPI COM IUIAutomation to communicate with Copilot directly and tell it do things like "execute this file" (Copilot is now Copiloting my malicious payload)
π₯118π±17π€£16π14π€8β€4π₯°2π’1
vx-underground
mfw I realize you can use C++ WINAPI COM IUIAutomation to communicate with Copilot directly and tell it do things like "execute this file" (Copilot is now Copiloting my malicious payload)
I made a joke about asking Copilot to encrypt my files. Then I got curious and looked into if Copilot can launch files (it can). I've been able to pipe input directly to Copilot using COM, it's very silly (SendMessage doesn't work on it, it's their new fancy UI bullshit).
β€52π€£10π7π₯°4π’2
vx-underground
mfw I realize you can use C++ WINAPI COM IUIAutomation to communicate with Copilot directly and tell it do things like "execute this file" (Copilot is now Copiloting my malicious payload)
Note: It's wildly inconsistent during my testing. I'll release my code and let others experiment with it who are better with that sort of stuff.
I think it's a neat project and there is room for more growth and exploration
Sometimes it displays a consent prompt (haven't automated that), sometimes it tells me to do it myself. Sometimes it tells me to do it via voice command (???).
I think it's a neat project and there is room for more growth and exploration
Sometimes it displays a consent prompt (haven't automated that), sometimes it tells me to do it myself. Sometimes it tells me to do it via voice command (???).
β€45π€£24π4π3π’2π₯°1π€©1
vx-underground
Good news everyone, MS-Paint, the legacy art software which has shipped with Windows since 1985, has been dramatically IMPROVED to now include Microsoft Copilot Image Creator. *subscription required, need Microsoft Copilot AI credits
Credit to Icesolst, she is DOG THE MICROSOFT COPILOT HUNTER
β€46π€13π’1
vx-underground
Good news everyone, MS-Paint, the legacy art software which has shipped with Windows since 1985, has been dramatically IMPROVED to now include Microsoft Copilot Image Creator. *subscription required, need Microsoft Copilot AI credits
I guess this goes back to 2022, I'm just blind as hell and dumb as hell.
I'm late to the outrage, but I'm still outraged gosh dangit
I'm late to the outrage, but I'm still outraged gosh dangit
π€40π₯11β€2π’1
In 2003 Travis Grygla was convicted of possession of CSAM (Child Sexual Abuse Material).
In 2008 Travis Grygla was convicted of distribution of CSAM.
Following his release, in 2024 he was subject to a federal raid for possession and distribution of CSAM (again). However, when the United States Homeland Security Investigation Unit showed up to his house he ran outside and stole the federal agents car.
As you could probably assume, Homeland Security loves it when a convicted CSAM distributor steals their vehicle (which has a loaded gun in the vehicle) and leads them on a 110MPH (117KPH) police chase.
January 4th, 2026, Midwest Safety was able to get a copy of the police cam body footage as a result of a court subpoena.
If you'd like to watch United States Homeland Security Investigation Unit, Portland Oregon Police Bureau, Vancouver Oregon Police Department, Washington State Patrol, and Cowlitz County Sheriffβs Office, chase Travis Grygla I recommend watching the attached video.
https://www.youtube.com/watch?v=s_HmsifhNaw
In 2008 Travis Grygla was convicted of distribution of CSAM.
Following his release, in 2024 he was subject to a federal raid for possession and distribution of CSAM (again). However, when the United States Homeland Security Investigation Unit showed up to his house he ran outside and stole the federal agents car.
As you could probably assume, Homeland Security loves it when a convicted CSAM distributor steals their vehicle (which has a loaded gun in the vehicle) and leads them on a 110MPH (117KPH) police chase.
January 4th, 2026, Midwest Safety was able to get a copy of the police cam body footage as a result of a court subpoena.
If you'd like to watch United States Homeland Security Investigation Unit, Portland Oregon Police Bureau, Vancouver Oregon Police Department, Washington State Patrol, and Cowlitz County Sheriffβs Office, chase Travis Grygla I recommend watching the attached video.
https://www.youtube.com/watch?v=s_HmsifhNaw
YouTube
Child Predator Carjacks a US Special Agent
Submit a tip! Tips@Midwest-Safety.com
Please consider JOINING for $1 a month. It *really* helps us do original reporting like this.
CONTACT US:
Complaints? Video submissions? Sponsorships? Collabs? Business inquires?
Email our board at mn.safety.alerts@gmail.com.β¦
Please consider JOINING for $1 a month. It *really* helps us do original reporting like this.
CONTACT US:
Complaints? Video submissions? Sponsorships? Collabs? Business inquires?
Email our board at mn.safety.alerts@gmail.com.β¦
π₯°25π6β€4π2π’1
vx-underground
In 2003 Travis Grygla was convicted of possession of CSAM (Child Sexual Abuse Material). In 2008 Travis Grygla was convicted of distribution of CSAM. Following his release, in 2024 he was subject to a federal raid for possession and distribution of CSAMβ¦
Mr. Grygla's Department of Justice announcement:
https://www.justice.gov/usao-or/pr/recidivist-sex-offender-sentenced-21-years-federal-prison-distribution-child-pornography
https://www.justice.gov/usao-or/pr/recidivist-sex-offender-sentenced-21-years-federal-prison-distribution-child-pornography
www.justice.gov
Recidivist Sex Offender Sentenced to 21 Years in Federal Prison for
A Portland, Oregon, man has been sentenced to federal prison for distributing child sexual abuse material and fleeing from law enforcement in a stolen government vehicle.
π₯°19π₯5β€3π’2
Abusing Microsoft Copilot: Copilot, copilot my payload
*please read limitations notes on the page. It's important you read that.
tl;dr inconsistent, needs more research, potential avenue to explore
https://malwaresourcecode.com/home/my-projects/proof-of-concepts/microsoft-copilot-copilot-my-payload
*please read limitations notes on the page. It's important you read that.
tl;dr inconsistent, needs more research, potential avenue to explore
https://malwaresourcecode.com/home/my-projects/proof-of-concepts/microsoft-copilot-copilot-my-payload
Malwaresourcecode
Microsoft Copilot, Copilot my payload | malware source code
π₯°32β€12π3π’1
Discussions online today of 17,500,000 people involved in an "Instagram" leak.
This is a clarification from a previous post I made, which I've subsequently deleted, to avoid confusion and add more details.
Normally these sort of "leaks" are a result of API scraping. This has happened in the past with LinkedIn and Trello. Basically someone writes a program that communicates with Instagram and requests information on a user profile. They then loop this through as many Instagram profiles as possible.
New information has come forward, as people have provided me with feedback, suggesting this is a combination of API scraping, a giant list of known stolen Instagram accounts, blah blah blah, and content from a previous leak.
Others have speculated this is someone who is doing mass password resets to try to correlate phone numbers and emails with accounts.
Basically, nobody knows. We can only make educated guesses. Regardless, Instagram wasn't "hacked" or compromised.
These sort of "leaks" resurface and reappear every couple of months, sometimes years, and is basically just a database for scammers and extortionists to do lookups or try to do phishing campaigns.
Pic of weird looking cat riding motorcycle is me rn fr
This is a clarification from a previous post I made, which I've subsequently deleted, to avoid confusion and add more details.
Normally these sort of "leaks" are a result of API scraping. This has happened in the past with LinkedIn and Trello. Basically someone writes a program that communicates with Instagram and requests information on a user profile. They then loop this through as many Instagram profiles as possible.
New information has come forward, as people have provided me with feedback, suggesting this is a combination of API scraping, a giant list of known stolen Instagram accounts, blah blah blah, and content from a previous leak.
Others have speculated this is someone who is doing mass password resets to try to correlate phone numbers and emails with accounts.
Basically, nobody knows. We can only make educated guesses. Regardless, Instagram wasn't "hacked" or compromised.
These sort of "leaks" resurface and reappear every couple of months, sometimes years, and is basically just a database for scammers and extortionists to do lookups or try to do phishing campaigns.
Pic of weird looking cat riding motorcycle is me rn fr
π₯°40β€13π€10π’2π2π1
Hi
vxdb (on Twitter, no idea if he's on Telegram), initially unrelated to vx-underground, will now be a vx-underground staffer. He isn't a malware nerd, but he is terminally online, a degenerate, and continues to help me with stuff (which I deeply appreciate).
He'll be doing some administrative work for me. It is becoming increasingly difficult to do stuff while managing full time employment, a baby boy, and a vx-underground. He won't have access to this account, or vx-underground infrastructure, but he'll be handling other stuff (read below)
In summary, one of the first things we'll be doing is making a social media profile exclusive to g1v3aw4ys. This will eliminate the g1v3aw4y spam from this profile. I have yet to finish the g1v3aw4ys from 2025. Oops.
Thanks to TorGuard, and our monthly sponsors, I am hoping to do more g1v3aw4ys on the other profile throughout 2026. Maybe like, books, or something, I don't know. It won't be big stuff. But ideally like, $200/month of free stuff. Then, during the end of the year, the account does big stuff.
ok ily ttyl bye
vxdb (on Twitter, no idea if he's on Telegram), initially unrelated to vx-underground, will now be a vx-underground staffer. He isn't a malware nerd, but he is terminally online, a degenerate, and continues to help me with stuff (which I deeply appreciate).
He'll be doing some administrative work for me. It is becoming increasingly difficult to do stuff while managing full time employment, a baby boy, and a vx-underground. He won't have access to this account, or vx-underground infrastructure, but he'll be handling other stuff (read below)
In summary, one of the first things we'll be doing is making a social media profile exclusive to g1v3aw4ys. This will eliminate the g1v3aw4y spam from this profile. I have yet to finish the g1v3aw4ys from 2025. Oops.
Thanks to TorGuard, and our monthly sponsors, I am hoping to do more g1v3aw4ys on the other profile throughout 2026. Maybe like, books, or something, I don't know. It won't be big stuff. But ideally like, $200/month of free stuff. Then, during the end of the year, the account does big stuff.
ok ily ttyl bye
β€βπ₯64β€19π₯°4π2π’2
vx-underground
Hi vxdb (on Twitter, no idea if he's on Telegram), initially unrelated to vx-underground, will now be a vx-underground staffer. He isn't a malware nerd, but he is terminally online, a degenerate, and continues to help me with stuff (which I deeply appreciate).β¦
I haven't finished g1v3aw4ys because instead of dealing with hundreds of people I've been doing malware stuff, spending time with my baby boy (he's angry, his top teeth are coming out, he WILL bite you), and posting silly pictures of cats.
Sorry.
Sorry.
β€62π₯°15π’7π€£1
UK and Australia discussing banning X because Grok keeps putting people in bikinis
π122π₯20π₯°12π€£12π€7π«‘4π3β€2π2π±2π€1
A sort of small, sort of long, observation or note, or something.
tldr nerds mad, touch grass
The internet (and humans in general, I suppose) love negativity and drama. There becomes a point though where negativity goes beyond spectacle and entertainment and it bleeds over into public anger and mass hysterics.
While I don't traditionally make political commentary (or try to rather, I'm human, make mistakes, or accidentally present bias), and stray away from political banter, my curated and compartmentalized information security feed has transformed into some pretty nasty dialogue regarding the recent United States governments actions both domestic and abroad. While some of my peers engage in political banter, an upward trend being observed, whereas even the "non-political" begin discussing things, is paramount and is an indicator that a profound event has occured.
This typically results in me saying "huh?" and acting like the cat in the attached image below.
Outside of this bubble I've made, it is chaotic (I'm sure you're well aware of what I'm addressing at this moment). Historically, it is unusual for this degree of anger and frustration to bleed into my bubble, previous and noteworthy "bleeds" include Mr. Rittenhouse, the death George Floyd, Ukraine-Russia conflict (beginning), Palestine-Israel conflicts (elevated, major event occuring), the COVID19 pandemic, January 6th, the assassination of Charlie Kirk, ... and now the recent events occuring.
I think being exposed to this polarization for too long is unhealthy, it makes people angrier, and deepens a divide. It's important to remember that political commentators profit off of outrage, it boosts their engagement and advertisement revenue, thus want to continually stoke the fire and ensure you're perpetually agitated.
I unironically recommend my colleagues and peers to touch grass. Disconnecting and disengaging with the internet hate machine puts things into perspective. Hug your children, pet a kitty cat, eat some junk food, go for a walk, ... do something other than being angry on the internet. There is a difference between being informed and being drawn into the political "event horizon".
Okay, back to kitty cat posting until morale improves and also nerd stuff.
tldr nerds mad, touch grass
The internet (and humans in general, I suppose) love negativity and drama. There becomes a point though where negativity goes beyond spectacle and entertainment and it bleeds over into public anger and mass hysterics.
While I don't traditionally make political commentary (or try to rather, I'm human, make mistakes, or accidentally present bias), and stray away from political banter, my curated and compartmentalized information security feed has transformed into some pretty nasty dialogue regarding the recent United States governments actions both domestic and abroad. While some of my peers engage in political banter, an upward trend being observed, whereas even the "non-political" begin discussing things, is paramount and is an indicator that a profound event has occured.
This typically results in me saying "huh?" and acting like the cat in the attached image below.
Outside of this bubble I've made, it is chaotic (I'm sure you're well aware of what I'm addressing at this moment). Historically, it is unusual for this degree of anger and frustration to bleed into my bubble, previous and noteworthy "bleeds" include Mr. Rittenhouse, the death George Floyd, Ukraine-Russia conflict (beginning), Palestine-Israel conflicts (elevated, major event occuring), the COVID19 pandemic, January 6th, the assassination of Charlie Kirk, ... and now the recent events occuring.
I think being exposed to this polarization for too long is unhealthy, it makes people angrier, and deepens a divide. It's important to remember that political commentators profit off of outrage, it boosts their engagement and advertisement revenue, thus want to continually stoke the fire and ensure you're perpetually agitated.
I unironically recommend my colleagues and peers to touch grass. Disconnecting and disengaging with the internet hate machine puts things into perspective. Hug your children, pet a kitty cat, eat some junk food, go for a walk, ... do something other than being angry on the internet. There is a difference between being informed and being drawn into the political "event horizon".
Okay, back to kitty cat posting until morale improves and also nerd stuff.
β€98π₯°10π6π€3π―3π€2
vx-underground
A sort of small, sort of long, observation or note, or something. tldr nerds mad, touch grass The internet (and humans in general, I suppose) love negativity and drama. There becomes a point though where negativity goes beyond spectacle and entertainmentβ¦
I unironically perceive myself and you nerds as like, a bunch of old ass monks or priests or something, up on like High Hrothgar.
Shits gotta get wild down there with the normies if we can hear it
Shits gotta get wild down there with the normies if we can hear it
π―70π₯°10π7π€£7π€2π€2β€1π1π₯1π±1π€1
Hi
I've added more malware and malware accessories to the website you sometimes visit.
https://vx-underground.org/Updates
I've added more malware and malware accessories to the website you sometimes visit.
https://vx-underground.org/Updates
β€46π€£10π€3π€―3π₯°1π1
I was requested to poke stuff with a stick because of stuff happening in r/PiratedGames
https://malwaresourcecode.com/home/my-projects/write-ups/r-piratedgames-drama.-is-it-malware-yes.-is-it-cool-malware-no
https://malwaresourcecode.com/home/my-projects/write-ups/r-piratedgames-drama.-is-it-malware-yes.-is-it-cool-malware-no
Malwaresourcecode
r/PiratedGames drama. Is it malware? Yes. Is it cool malware? No | malware source code
π32π12β€4π«‘1