Marius Avram
@mariusavram.bsky.social
Cyber Security Enthusiast. Two sons' proud dad!
When the US kidnaps a foreign president with Western applause, no law protects anyone. Iraq, Libya, Syria, Ukraine show wars are thefts of resources. Narco-terror claims mask oil and gold looting. Power rules, rights vanish, democracy is a lie!
January 5, 2026 at 11:31 AM
When the US kidnaps a foreign president with Western applause, no law protects anyone. Iraq, Libya, Syria, Ukraine show wars are thefts of resources. Narco-terror claims mask oil and gold looting. Power rules, rights vanish, democracy is a lie!
Reposted by Marius Avram
New, by me: The Kimwolf Botnet is Stalking Your Local Network
Today's story is a long overdue series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time […]
[Original post on infosec.exchange]
Today's story is a long overdue series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time […]
[Original post on infosec.exchange]
January 2, 2026 at 2:43 PM
New, by me: The Kimwolf Botnet is Stalking Your Local Network
Today's story is a long overdue series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time […]
[Original post on infosec.exchange]
Today's story is a long overdue series of scoops nestled inside a far more urgent Internet-wide security advisory. The vulnerability at issue has been exploited for months already, and it’s time […]
[Original post on infosec.exchange]
Shlomo Kramer, co-founder of Check Point, Imperva, and Cato Networks, has stated that “it’s time to limit the First Amendment. We need to control all social platforms… and take control of what they are saying.”
January 2, 2026 at 10:54 AM
Shlomo Kramer, co-founder of Check Point, Imperva, and Cato Networks, has stated that “it’s time to limit the First Amendment. We need to control all social platforms… and take control of what they are saying.”
Turning List-Unsubscribe into an SSRF/XSS Gadget security.lauritz-holtmann.de/post/xss-ssr...
December 23, 2025 at 2:55 PM
Turning List-Unsubscribe into an SSRF/XSS Gadget security.lauritz-holtmann.de/post/xss-ssr...
How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack gist.github.com/hackermondev...
December 19, 2025 at 8:28 AM
How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack gist.github.com/hackermondev...
Reposted by Marius Avram
Bypass CSP in a single click using my new Custom Action, powered by @renniepak.nl's excellent CSP bypass project.
December 16, 2025 at 3:31 PM
Bypass CSP in a single click using my new Custom Action, powered by @renniepak.nl's excellent CSP bypass project.
Reposted by Marius Avram
Meet AutoVader. It automates DOM Invader with Playwright Java and feeds results back into Burp. Faster client side bug hunting for everyone. 🚀
thespanner.co.uk/autovader
thespanner.co.uk/autovader
AutoVader - The Spanner
Four years ago we released DOM Invader, I added a feature called callbacks that enabled you to execute JavaScript and log when sinks, messages or sources are found. This was so powerful but over the y...
thespanner.co.uk
December 9, 2025 at 12:22 PM
Meet AutoVader. It automates DOM Invader with Playwright Java and feeds results back into Burp. Faster client side bug hunting for everyone. 🚀
thespanner.co.uk/autovader
thespanner.co.uk/autovader
Reposted by Marius Avram
Grok - Elon Musk's AI chatbot - has been caught handing out home addresses of ordinary individuals... on demand. 
When asked, Grok was willing to provide step-by-step instructions on how to stalk these people...
Read more in my article on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
When asked, Grok was willing to provide step-by-step instructions on how to stalk these people...
Read more in my article on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
Privacy concerns raised as Grok AI found to be a stalker's best friend
Grok, the AI chatbot developed by Elon Musk's xAI, has been found to exhibit more alarming behaviour - this time revealing the home addresses of ordinary people upon request.
www.bitdefender.com
December 8, 2025 at 4:35 PM
Grok - Elon Musk's AI chatbot - has been caught handing out home addresses of ordinary individuals... on demand. 
When asked, Grok was willing to provide step-by-step instructions on how to stalk these people...
Read more in my article on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
When asked, Grok was willing to provide step-by-step instructions on how to stalk these people...
Read more in my article on the Bitdefender blog: www.bitdefender.com/en-us/blog/h...
Reposted by Marius Avram
We now have a (draft) @metasploit-r7.bsky.social exploit module for the recent Fortinet FortiWeb vulns, chaining CVE-2025-64446 (auth bypass) + CVE-2025-58034 (command injection) to achieve unauthenticated RCE with root privileges: github.com/rapid7/metas...
November 21, 2025 at 1:29 PM
We now have a (draft) @metasploit-r7.bsky.social exploit module for the recent Fortinet FortiWeb vulns, chaining CVE-2025-64446 (auth bypass) + CVE-2025-58034 (command injection) to achieve unauthenticated RCE with root privileges: github.com/rapid7/metas...
Introducing the OWASP Top 10:2025
owasp.org/Top10/2025/0...
owasp.org/Top10/2025/0...
Introduction - OWASP Top 10:2025 RC1
OWASP Top 10:2025 RC1
owasp.org
November 7, 2025 at 1:44 PM
Introducing the OWASP Top 10:2025
owasp.org/Top10/2025/0...
owasp.org/Top10/2025/0...
Tenable Research has discovered seven vulnerabilities and attack techniques in ChatGPT, including unique indirect prompt injections, exfiltration of personal user information, persistence, evasion, and bypass of safety mechanisms. www.tenable.com/blog/hackedg...
November 5, 2025 at 4:39 PM
Tenable Research has discovered seven vulnerabilities and attack techniques in ChatGPT, including unique indirect prompt injections, exfiltration of personal user information, persistence, evasion, and bypass of safety mechanisms. www.tenable.com/blog/hackedg...
Phrack 72 Has Been Published phrack.org/issues/72/1
August 19, 2025 at 7:13 AM
Phrack 72 Has Been Published phrack.org/issues/72/1
Reposted by Marius Avram
IP data on compromised instances shared in our Compromised Website report tagged 'fortiweb-compromised': www.shadowserver.org/what-we-do/n...
IP data on exposed instances is in our Device ID report: www.shadowserver.org/what-we-do/n... (device model is set to FortiWeb Management Interface)
IP data on exposed instances is in our Device ID report: www.shadowserver.org/what-we-do/n... (device model is set to FortiWeb Management Interface)
CRITICAL: Compromised Website Report | The Shadowserver Foundation
This report is a list of all the websites we (or our collaborative partners) have been able to identify and verify to be compromised.
www.shadowserver.org
July 16, 2025 at 9:02 AM
IP data on compromised instances shared in our Compromised Website report tagged 'fortiweb-compromised': www.shadowserver.org/what-we-do/n...
IP data on exposed instances is in our Device ID report: www.shadowserver.org/what-we-do/n... (device model is set to FortiWeb Management Interface)
IP data on exposed instances is in our Device ID report: www.shadowserver.org/what-we-do/n... (device model is set to FortiWeb Management Interface)
opossum-attack.com <- Opossum is a cross-protocol application layer desynchronization attack that affects TLS-based application protocols that rely on both opportunistic and implicit TLS. Among the affected protocols are HTTP, FTP, POP3, SMTP, LMTP and NNTP.
Opossum Attack
opossum-attack.com
July 8, 2025 at 4:08 PM
opossum-attack.com <- Opossum is a cross-protocol application layer desynchronization attack that affects TLS-based application protocols that rely on both opportunistic and implicit TLS. Among the affected protocols are HTTP, FTP, POP3, SMTP, LMTP and NNTP.
British Hacker ‘IntelBroker’ Faces $25M Cybercrime Charges www.justice.gov/usao-sdny/pr...
Serial Hacker “IntelBroker” Charged For Causing $25 Million In Damages To Victims
The United States Attorney for the Southern District of New York, Jay Clayton, and the Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), Christo...
www.justice.gov
June 26, 2025 at 3:41 AM
British Hacker ‘IntelBroker’ Faces $25M Cybercrime Charges www.justice.gov/usao-sdny/pr...
Looks like old age finally finished the job and wiped out whatever was left of his brain, not that there was much to begin with. 😬
June 17, 2025 at 9:52 AM
Looks like old age finally finished the job and wiped out whatever was left of his brain, not that there was much to begin with. 😬
Reposted by Marius Avram
Free EC2 tool for pentesting or anything.
github.com/random-robbi...
github.com/random-robbi...
GitHub - random-robbie/ec2free: AWS EC2 Pentesting Lab Setup Script
AWS EC2 Pentesting Lab Setup Script. Contribute to random-robbie/ec2free development by creating an account on GitHub.
github.com
June 13, 2025 at 1:20 PM
Free EC2 tool for pentesting or anything.
github.com/random-robbi...
github.com/random-robbi...
Finding an SOQL Injection 0-Day in Salesforce mastersplinter.work/research/sal...
Finding an SOQL Injection 0-Day in Salesforce
How an un-exploitable SOQL injection turned into a 0-day in Salesforce itself affecting millions of user records
mastersplinter.work
June 11, 2025 at 6:20 AM
Finding an SOQL Injection 0-Day in Salesforce mastersplinter.work/research/sal...
Reposted by Marius Avram
According to my sources, Cellebrite used to purchase iPhone prototypes (aka dev-fused devices), which had lower security features, to develop its zero-days.
Corellium's founder Chris Wade also purchased them back in the day, according to sources.
www.vice.com/en/article/t...
Corellium's founder Chris Wade also purchased them back in the day, according to sources.
www.vice.com/en/article/t...
June 5, 2025 at 1:24 PM
According to my sources, Cellebrite used to purchase iPhone prototypes (aka dev-fused devices), which had lower security features, to develop its zero-days.
Corellium's founder Chris Wade also purchased them back in the day, according to sources.
www.vice.com/en/article/t...
Corellium's founder Chris Wade also purchased them back in the day, according to sources.
www.vice.com/en/article/t...
Reposted by Marius Avram
This vector adds an onerror handler with eval, rewrites all ReferenceError names, then triggers an error to execute the payload. Just added it to the XSS cheat sheet. Credit to @0x999.net , inspired by @terjanq.me
portswigger.net/web-security...
portswigger.net/web-security...
June 3, 2025 at 1:07 PM
This vector adds an onerror handler with eval, rewrites all ReferenceError names, then triggers an error to execute the payload. Just added it to the XSS cheat sheet. Credit to @0x999.net , inspired by @terjanq.me
portswigger.net/web-security...
portswigger.net/web-security...
Unmasking the Threat: A Deep Dive into the PDF Malicious labs.segura.blog/unmasking-th...
Unmasking the Threat: A Deep Dive into the PDF Malicious
Analyzing the Sophisticated Use of PDF Files as Cyberattack Vectors and the Imperative for Enhanced Security Measures
Abstract
The utilization of PDF files, a ubiquitous format for documents across...
labs.segura.blog
June 2, 2025 at 4:26 PM
Unmasking the Threat: A Deep Dive into the PDF Malicious labs.segura.blog/unmasking-th...
Finding SSRFs in Azure DevOps - Part 2 binsec.no/posts/2025/0...
May 30, 2025 at 1:00 PM
Finding SSRFs in Azure DevOps - Part 2 binsec.no/posts/2025/0...
Threat of TCC Bypasses on macOS afine.com/threat-of-tc...
May 26, 2025 at 12:13 PM
Threat of TCC Bypasses on macOS afine.com/threat-of-tc...