■■■■■ Iranian alleged state sponsored cyber hacking group. 🤍http://handala-alert.to 🤍https://x.com/Handala_Red
All posts by John Doe
January 8, 2026 at 11:07PM
■■■■■ CVE-2026-21858 + CVE-2025-68613: n8n Ni8mare – Full Chain Exploit Unauthenticated to Root RCE: – LFI via Content-Type confusion – Read /proc/self/environ to find HOME – Steal encryption key + database – Forge admin JWT token – Expression injection sandbox bypass – RCE as root CVSS 10.0 https://github.com/Chocapikk/CVE-2026-21858
January 8, 2026 at 11:06PM
🚫 A similar setup was made by one of our admins. Though the device was not disassembled for camera and addition of 80v shock. An interesting thread. https://x.com/i/status/2007561606218297581
January 5, 2026 at 12:03AM
■■□□□ Trend on 𝕏 asking Grok (AI) to renove one of two persons is being circulating among parts, enthusiasts and researchers. Even after paying 6 million USD for propaganda to favour Israel. Grok is against the jewry. https://x.com/i/status/2006848760471794016
December 31, 2025 at 06:11PM
■■■■■ Bluetooth Headphone Jacking: Full Disclosure of Airoha RACE Vulnerabilities. This blog post is about CVE-2025-20700, CVE-2025-20701, and CVE-2025-20702 vulnerabilities technical details in Airoha-based Bluetooth headphones and earbuds. Bluetooth Headphone Jacking: Full Disclosure of Airoha RACE Vulnerabilities https://github.com/blackorbird/APT_REPORT/blob/master/exploit_report/Bluetooth%20Headphone%20Jacking%20Full%20Disclosure%20of%20Airoha%20RACE%20Vulnerabilities.pdf
December 31, 2025 at 01:58AM
Zero-Day: Zero-Click RCE on🍏Apple iOS viz. decoding logic vulnerability in Apple’s image parser. 📹 https://youtu.be/jJ2QwvMDf7k
December 30, 2025 at 11:07AM
■■■■□ Open Source Intelligence (OSINT): Using Overpass Turbo for Strategic CyberWar Intelligence Gathering. Open Source Intelligence (OSINT): Using Overpass Turbo for Strategic CyberWar Intelligence Gathering https://overpass-turbo.eu/
December 29, 2025 at 11:01AM
■■■■□ Bangladesh Civilian Force: Fragmented Identities Behind a Single Hacktivist Brand. This report documents the process of untangling BCF’s online footprint. By following how its identities intersect, overlap, and reinforce one another, the investigation aims to move past surface-level confusion and examine what this structure reveals about the group’s motivations, organization, and intent. https://stealthmole-intelligence-hub.blogspot.com/2025/12/bangladesh-civilian-force-fragmented.html
December 28, 2025 at 12:45AM
■■■□□ [Untested Code] MongoBleed (CVE-2025-14847) – Unauthenticated Memory Leak PoC. https://github.com/joe-desimone/mongobleed
December 27, 2025 at 09:58PM
🐲 GhidraGPT: A powerful Ghidra plugin that integrates Large Language Models (LLMs) directly into Ghidra to enhance reverse engineering workflows with code analysis and enhancement capabilities. https://github.com/weirdmachine64/GhidraGPT