vx-underground (automated mirror)
@vxundergroundre.bsky.social
The largest collection of malware source code, samples, and papers on the internet.
Password: infected
(unofficial, this is a bot! Maintained by @yjb.bsky.social, the bot can't handle retweets, video, and maybe a few other things)
Password: infected
(unofficial, this is a bot! Maintained by @yjb.bsky.social, the bot can't handle retweets, video, and maybe a few other things)
> make post on Xitter
> new comment notification
> look inside
> nothing there
> "Show probable spam" appears
> click button
> look inside
> nothing there
> new comment notification
> look inside
> nothing there
> "Show probable spam" appears
> click button
> look inside
> nothing there
January 21, 2026 at 5:47 AM
> make post on Xitter
> new comment notification
> look inside
> nothing there
> "Show probable spam" appears
> click button
> look inside
> nothing there
> new comment notification
> look inside
> nothing there
> "Show probable spam" appears
> click button
> look inside
> nothing there
> It's the year 2026
> Future_af_boi.exe
> Anyone can make anything, or something
> Can bring ideas to life easily
> Vibe coded app leaks these magical ideas
> Look inside
> Future_af_boi.exe
> Anyone can make anything, or something
> Can bring ideas to life easily
> Vibe coded app leaks these magical ideas
> Look inside
January 20, 2026 at 3:17 AM
> It's the year 2026
> Future_af_boi.exe
> Anyone can make anything, or something
> Can bring ideas to life easily
> Vibe coded app leaks these magical ideas
> Look inside
> Future_af_boi.exe
> Anyone can make anything, or something
> Can bring ideas to life easily
> Vibe coded app leaks these magical ideas
> Look inside
Going to do a write-up on poking MalwareBytes with a stick, how it works fundamentally, some possible attack vectors against it, ... then I'll do something else.
If you have any recommendations on what I should poke with a stick please let me know.
If you have any recommendations on what I should poke with a stick please let me know.
January 17, 2026 at 5:58 PM
Going to do a write-up on poking MalwareBytes with a stick, how it works fundamentally, some possible attack vectors against it, ... then I'll do something else.
If you have any recommendations on what I should poke with a stick please let me know.
If you have any recommendations on what I should poke with a stick please let me know.
Microslop: replace the books with AI too, fuck it
January 17, 2026 at 2:19 AM
Microslop: replace the books with AI too, fuck it
X is offline.
Is it DDoS? Is it an oopsie doopsie? Did Elon Musk crash out? Find out next time on Dragon Ball Z
Is it DDoS? Is it an oopsie doopsie? Did Elon Musk crash out? Find out next time on Dragon Ball Z
January 16, 2026 at 4:12 PM
X is offline.
Is it DDoS? Is it an oopsie doopsie? Did Elon Musk crash out? Find out next time on Dragon Ball Z
Is it DDoS? Is it an oopsie doopsie? Did Elon Musk crash out? Find out next time on Dragon Ball Z
It's 10pm and I'm reverse engineering Javascript malware targeting FiveM.
Why are people making malware for Grand Theft Auto V roleplay servers
Why are people making malware for Grand Theft Auto V roleplay servers
January 16, 2026 at 3:55 AM
It's 10pm and I'm reverse engineering Javascript malware targeting FiveM.
Why are people making malware for Grand Theft Auto V roleplay servers
Why are people making malware for Grand Theft Auto V roleplay servers
I was going to install an anti malware product and poke it with a stick to find ways to evade it (just being silly).
But then this anti cheat on my computer got grumpy about VirtualBox stuff
But then this anti cheat on my computer got grumpy about VirtualBox stuff
January 15, 2026 at 6:20 PM
I was going to install an anti malware product and poke it with a stick to find ways to evade it (just being silly).
But then this anti cheat on my computer got grumpy about VirtualBox stuff
But then this anti cheat on my computer got grumpy about VirtualBox stuff
I'd like to thank all of our sponsors for 2025. I'd also really, really, really, want to thank @MDSecLabs, @TrustedSec, @TorGuard, ... and all the individual donors.
Thanks to you, I don't need to beg for money on the internet and can focus on kitty cat pictures and malware.
Thanks to you, I don't need to beg for money on the internet and can focus on kitty cat pictures and malware.
January 14, 2026 at 7:20 PM
I'd like to thank all of our sponsors for 2025. I'd also really, really, really, want to thank @MDSecLabs, @TrustedSec, @TorGuard, ... and all the individual donors.
Thanks to you, I don't need to beg for money on the internet and can focus on kitty cat pictures and malware.
Thanks to you, I don't need to beg for money on the internet and can focus on kitty cat pictures and malware.
Hello,
I am once again reminding you we are doing giveaways for nerd stuff STILL. It will likely be never ending, perpetual, free educational material every month (physical books, VPN things, hardware, etc)
Follow the account dedicated to free stuff: @vxgiveaways
I am once again reminding you we are doing giveaways for nerd stuff STILL. It will likely be never ending, perpetual, free educational material every month (physical books, VPN things, hardware, etc)
Follow the account dedicated to free stuff: @vxgiveaways
January 14, 2026 at 5:35 AM
Hello,
I am once again reminding you we are doing giveaways for nerd stuff STILL. It will likely be never ending, perpetual, free educational material every month (physical books, VPN things, hardware, etc)
Follow the account dedicated to free stuff: @vxgiveaways
I am once again reminding you we are doing giveaways for nerd stuff STILL. It will likely be never ending, perpetual, free educational material every month (physical books, VPN things, hardware, etc)
Follow the account dedicated to free stuff: @vxgiveaways
Hi
I've added more malware and malware accessories to the website you sometimes visit.
vx-underground.org/Updates
I've added more malware and malware accessories to the website you sometimes visit.
vx-underground.org/Updates
January 13, 2026 at 12:36 AM
Hi
I've added more malware and malware accessories to the website you sometimes visit.
vx-underground.org/Updates
I've added more malware and malware accessories to the website you sometimes visit.
vx-underground.org/Updates
mfw I realize you can use C++ WINAPI COM IUIAutomation to communicate with Copilot directly and tell it do things like "execute this file" (Copilot is now Copiloting my malicious payload)
January 10, 2026 at 12:51 AM
mfw I realize you can use C++ WINAPI COM IUIAutomation to communicate with Copilot directly and tell it do things like "execute this file" (Copilot is now Copiloting my malicious payload)
Microsoft is so fucking stupid.
Microsoft renamed Microsoft Office to Microsoft 365 Copilot App
I'm not joking
Microsoft renamed Microsoft Office to Microsoft 365 Copilot App
I'm not joking
January 5, 2026 at 5:31 PM
Microsoft is so fucking stupid.
Microsoft renamed Microsoft Office to Microsoft 365 Copilot App
I'm not joking
Microsoft renamed Microsoft Office to Microsoft 365 Copilot App
I'm not joking
Ubisoft's Rainbow Six Siege has been compromised (again). Social media is filled with players complaining about being banned for "67 days", a reference to the "Six Seven" meme.
January 4, 2026 at 7:09 PM
Ubisoft's Rainbow Six Siege has been compromised (again). Social media is filled with players complaining about being banned for "67 days", a reference to the "Six Seven" meme.
> be me
> click "for you"
> first post
> "hey grok, do _____"
> mfw
> click "for you"
> first post
> "hey grok, do _____"
> mfw
January 4, 2026 at 6:15 PM
> be me
> click "for you"
> first post
> "hey grok, do _____"
> mfw
> click "for you"
> first post
> "hey grok, do _____"
> mfw
So much crazy shit happens in the cybersecurity ecosystem every week, sometimes every day, that a 2025 retrospective would be difficult.
tldr big hacks, big drama, big schizo nerds, for 52 weeks straight then the year changed
tldr tldr cat in a computer
tldr big hacks, big drama, big schizo nerds, for 52 weeks straight then the year changed
tldr tldr cat in a computer
January 2, 2026 at 10:38 PM
So much crazy shit happens in the cybersecurity ecosystem every week, sometimes every day, that a 2025 retrospective would be difficult.
tldr big hacks, big drama, big schizo nerds, for 52 weeks straight then the year changed
tldr tldr cat in a computer
tldr big hacks, big drama, big schizo nerds, for 52 weeks straight then the year changed
tldr tldr cat in a computer
Yesterday evening someone leaked PlaySation 5 ROM keys online. Emulation nerds are going schizo because this could mean we have PlayStation 5 emulation technology, ability to run non-PlayStation 5 games, etc.
tl;dr Sony executives on New Years eve
tl;dr Sony executives on New Years eve
December 31, 2025 at 6:11 PM
Yesterday evening someone leaked PlaySation 5 ROM keys online. Emulation nerds are going schizo because this could mean we have PlayStation 5 emulation technology, ability to run non-PlayStation 5 games, etc.
tl;dr Sony executives on New Years eve
tl;dr Sony executives on New Years eve
I saw @KlezVirus do a write-up on callback abuse. I had this really silly idea of taking his proof-of-concept but nesting his proxy callbacks between nested callbacks from callbacks
Replace the printf stuff with malicious stuff or more callbacks
pastebin.com/raw/WeNbbkzv
Replace the printf stuff with malicious stuff or more callbacks
pastebin.com/raw/WeNbbkzv
https://pastebin.com/raw/WeNbbkzv
#include <Windows.h>
#include <stdio.h>
typedef BOOL(WINAPI* CERTENUMSYSTEMSTORE)(DWORD, PVOID, PVOID, PFN_CERT_ENUM_SYSTEM_STORE);
CERTENUMSYSTEMSTORE ImplCertEnumSystemStore = NULL;
typedef ...
pastebin.com
December 29, 2025 at 6:30 PM
I saw @KlezVirus do a write-up on callback abuse. I had this really silly idea of taking his proof-of-concept but nesting his proxy callbacks between nested callbacks from callbacks
Replace the printf stuff with malicious stuff or more callbacks
pastebin.com/raw/WeNbbkzv
Replace the printf stuff with malicious stuff or more callbacks
pastebin.com/raw/WeNbbkzv
People think Sha1-Hulud is behind TrustWallet ?!
December 29, 2025 at 5:00 AM
People think Sha1-Hulud is behind TrustWallet ?!
I have a bunch of people from India being mean to me because I wrote the Insider Threats that hurt some companies were worked off-shored to India
What do you want me to do? Lie? It's objectively true. I'm sorry large companies exploit your country, dawg
What do you want me to do? Lie? It's objectively true. I'm sorry large companies exploit your country, dawg
December 29, 2025 at 12:20 AM
I have a bunch of people from India being mean to me because I wrote the Insider Threats that hurt some companies were worked off-shored to India
What do you want me to do? Lie? It's objectively true. I'm sorry large companies exploit your country, dawg
What do you want me to do? Lie? It's objectively true. I'm sorry large companies exploit your country, dawg
People are celebrating the Ubisoft drama like when Bin Laden died
Damn, y'all hate this company
Damn, y'all hate this company
December 27, 2025 at 8:33 PM
People are celebrating the Ubisoft drama like when Bin Laden died
Damn, y'all hate this company
Damn, y'all hate this company
Ubisoft was a victim of MongoBleed.
An unknown Threat Actor(s) have exfiltrated the source code to basically every single Ubisoft product dating back to the 90's. This includes their Software Development Kits, Middleware, uPlay, RDV, etc.
No customer data was stolen
An unknown Threat Actor(s) have exfiltrated the source code to basically every single Ubisoft product dating back to the 90's. This includes their Software Development Kits, Middleware, uPlay, RDV, etc.
No customer data was stolen
December 27, 2025 at 7:04 PM
Ubisoft was a victim of MongoBleed.
An unknown Threat Actor(s) have exfiltrated the source code to basically every single Ubisoft product dating back to the 90's. This includes their Software Development Kits, Middleware, uPlay, RDV, etc.
No customer data was stolen
An unknown Threat Actor(s) have exfiltrated the source code to basically every single Ubisoft product dating back to the 90's. This includes their Software Development Kits, Middleware, uPlay, RDV, etc.
No customer data was stolen
Is 2,000,000,0000 credits a lot?
December 27, 2025 at 5:01 PM
Is 2,000,000,0000 credits a lot?