Khang Vo (doublevkay) @doublevkay
another security engineer github.com/vovikhangcdv Ho Chi Minh City, Vietnam. Joined May 2022-
Tweets20
-
Followers108
-
Following379
-
Likes56
We are seeking sponsors to support 03 Vietnamese students to join International Cybersecurity Challenge (IC3) held in San Diego, US. Join us in making a meaningful impact. Your generosity is greatly appreciated!❤️ko-fi.com/vnsec/goal?g=18
Today we're proud to announce the release of version 1.0 of SLSA 🎉 Supply-chain Levels for Software Artifacts is an OpenSSF project that provides specifications for software supply chain security, established by community expert consensus. #OSSecurity
Verichains has released a new security advisory VSA-2022-120, exposing a key extraction vulnerability in Multichain's fastMPC. Kudos to @MultichainOrg for the swift response and bug bounty. Keep an eye out for upcoming advisories on critical attacks blog.verichains.io/p/vsa-2022-120……
New blog post detailing some findings from auditing the Next.js ecosystem: "Exploiting Web3's Hidden Attack Surface: Universal XSS on Netlify's Next.js Library" Huge thanks to @infosec_au and @bbuerhaus for helping explore this! samcurry.net/universal-xss-…
Nice argument injection in vscode, discovered by @SonarSource blog.sonarsource.com/securing-devel…
🔥 New Post: Announcing InAppBrowser - see what JavaScript commands get injected through an in-app browser 👀 TikTok, when opening any website in their app, injects tracking code that can monitor all keystrokes, including passwords, and all taps. krausefx.com/blog/announcin…
This new trick for turning any PHP LFI to RCE is awesome! I've been wondering why it didn't get more attention since it works better than any other LFI2RCE techniques out there (such as expect://).Props to @loknop for publishing this technique initially👏 book.hacktricks.xyz/pentesting-web…
🔥 RCE-as-a-Service Lessons Learned from 5 Years of Real-World CI/CD Pipeline Compromise BlackHat 2022 talk by @NCCGroupInfosec's @smarticu5 & @wucpi Slides: i.blackhat.com/USA-22/Wednesd… Abstract blackhat.com/us-22/briefing…
(CVE-2022-2564): Prototype Pollution in automattic/mongoose. huntr.dev/bounties/055be… Disclosed by @doublevkay, fixed by @code_barbarian... #opensource #CVE #bugbounty #security #vulnerability
@byt3bl33d3r Quick look at @snyksec db, there are over 450 malicious packages on @npmjs.
DovahGG 🐲 @DovahGuild
3K Followers 1K Following Web3 Gaming | Juegos NFT | P2E | Airdrops | Inversiones | Crypto | Launchpads | ⌛Unete a lista de espera de la plataforma: https://t.co/BUQsxF00VkModestyMaria @0kF85DOAuaWBbl
3 Followers 187 FollowingEvelyn Garcia @EvelynGarc28450
106 Followers 3K FollowingAliceEleanor @Lr6YoBRCADtJ97P
10 Followers 462 Followingthaihust @thaihust
6 Followers 53 FollowingJeanKatte @xHaFep7JAac6O
1 Followers 113 Following2eipzrbc7zuw2t3d @a7rp7iyofqj
10 Followers 372 Following The team is a company that provides short-term investment income in cryptocurrency. With a rigorous plan, you can make $500 to $5,000. Click the link to joinCara Chambers @CaraCha20
488 Followers 1K FollowingT3chman 🎮 @T3chmanETH
13K Followers 1K Following I am betting on builders tackling Web3 challenges. Keeping it real.Trang Le @trang_leminh
6 Followers 17 Followingdatdt97 @datdt97
18 Followers 81 FollowingLeila Ferdinand @raj08q7z8l
10 Followers 298 Following Startups | Fintech | E-commerce | Operator and investorMizhael.ron @_Mizhael_
2K Followers 3K Following Manager and Data Analyst, leading analytical teams working on B2B projects | Gamer with an Excel for everything | Huge @AxieInfinity fanVirtualBacon 🦇🔊 @VirtuaBaconOx
1K Followers 2K Following Investor in 100+ Crypto Startups | Educator https://t.co/dABaLffZMH | GP @Momentum_6| Accelerator @SymbioteSync 👉McSlatee @SlateeMc5001
26 Followers 361 Following Khi anh cô độc sống một mình cho đên lão coi như cặp mắt anh bị mù Ko tuyển chọn tôiWhootol @whootol70785
25 Followers 355 Following Trong cuộc đời bạn đã chăm chỉ cả đời được yêu thương , có được mọi thứ mình muốn và cảm thấy nhẹ và hạnh phúcShedowhi @shedowhi27838
55 Followers 493 FollowingTifelasm @tifelasm37994
28 Followers 460 Following Coi như bạn nghiện , Sẽ có người như một mã lực để trợ giúp bạnNhan @coc4y
25 Followers 400 FollowingMirthfulAdventurer @mirthfuladv
55 Followers 531 Following Unpredictable yet captivating, I delve into this mysterious cosmosLeona @leona_kwiecien7
156 Followers 3K FollowingValerie @sherrill30valer
2K Followers 4K FollowingThai S.D @sondt1337
345 Followers 979 FollowingSusan Charles @SusanCharl29263
12 Followers 162 FollowingNam Pham @FazeCT1512
192 Followers 211 Following GCC'24 Student | Reverser/CTF player @BKISC. Janitor @thehackerscrew1Rama dani @rdani291
114 Followers 285 FollowingLucifer @Lucifer73780268
287 Followers 4K Following❄️العبيدي�.. @AXjvvaCZDgrm0w1
775 Followers 4K FollowingTAF @4mgh0z
595 Followers 3K FollowingOrhun Parmaksız 👾 @orhunp_
3K Followers 945 Following Building the future of the terminal 🦀 @ratatui_rs Beautifying your changelogs ⛰ @git_cliff 📦 I package stuff for @archlinux btw 🐘 @[email protected]Thomas Cook @Datta_Boy
367 Followers 2K Following Director of Technical Sales at Graphistry and Algorithmic Trader from Austin, TX y'allHi @huy3npn
55 Followers 1K FollowingThe Arcadia Group @TheArcadiaGroup
9K Followers 839 Following Smart contract, consensus, economic security and cryptography auditsShu Qi @shuqi0809
67 Followers 1K Following Thank God for allowing me to be alone and endure the suffering of my soul.Mo0n Sha𝄞ow @null001__
56 Followers 2K FollowingPopoola Ifadumininu @ennicahofficial
86 Followers 704 Following A traditionalist DM ME FOR BOTANICAL ITEMSMr.MK @MrTmkumaran
73 Followers 2K Followinghnguyen @kazenguyen11
11 Followers 495 FollowingCyberKongz Guild @CyberkongzGuild
191 Followers 63 Following CyberKongz @pixels_online Guild | Discord: https://t.co/Lt5gCV4Yupak @0xak_
12K Followers 2K Following NFTs since 2018 | Founded first Axie scholarship | NFTs, DeFi, Gaming, Shitposts | @stanford alum | Validator @Ronin_Network @berachain @eigenlayermax.kongz.eth 🦇�.. @maxbrand99
5K Followers 70 Following discord: Maxbrand99#5913 if you need to reach me lunacian code: MAXBANNEDOneCent | WOW3 @onecent_wow3
6K Followers 151 Following Cofounder & CEO @WOW3_Official | The intelligence portfolio platformXinoko @Xinoko_ck
14K Followers 1 Following Officially out of retirement and looking for select Genkai to play a role in the epic story of @CyberKongz. Submit yours today! https://t.co/O2BYQEhU9tThe Kingdom @TheKingdomWrld
14K Followers 482 Following 🐲 Virtual TT-RPG With AI-Powered Living Story • Modular NFT Tech • On-Chain Reputation System • Gameplay-Optimization 👉https://t.co/SAVSzzboamMr.Showcase | MrShowc.. @RealMrShowcase
3K Followers 1K Following OG Cyberkong. Collector of JPEGs and GIFs.Secret Society of Wha.. @SSofWhales
16K Followers 667 Following The OG Whale based PFP on the Eth Blockchain. A whale is your membership into the secret society. #TogetherWeWhale OpenSea: https://t.co/lhs31TkZ2LCryptoSlam! @cryptoslamio
38K Followers 948 Following The leading NFT data hub offering NFT rankings, real-time analytics, and market trends across 22+ blockchains. Supported by industry giants since 2018.tom g @RealThikst
2K Followers 4K Following web3 strategy & marketing // purpose is wealth // co-founder @wayfinderHQ5kongz.ron @5Kongz
729 Followers 1K Following On the hunt for the most productive assets in Web3. Betting big on @cyberkongz, @ronin_network, @pixels_online, @axieinfinity and @Angrydynomites!Beanie @beaniemaxi
205K Followers 3K Following Crypto native since the early days. Went all in on DeFi summer. Tripled down on NFTs before it became big. No paid promos. Not financial advice. I talk my book.StrongHands @StonkHands
9K Followers 2K Following Blockchain degen since 2013. NFT Collector. Pushing for real adoption. Ethereum + Immutable + Syscoin + Gods Unchained + Cyberkongz. Use Case MaxiAbhi @0xAbhiP
25K Followers 1K Following Founder @APCollectiveio | Growing Web3 Games | Contributing @Play_ember @TodayTheGame @PalioAI @OverworldPlay ♦️dYdX @dYdX
240K Followers 49 Following dYdX Chain is the world's leading Perpetuals DEX. Fully decentralized. Community governed. 100% of protocol fees distributed to $DYDX stakers. Not avail in US.Memeland ❤️ Memec.. @Memeland
2.5M Followers 23 Following The Community Company • Building @memecoin • Hosting @gmshowofficial at 9AM HKT every Thu • Discord: https://t.co/60iQxWzeVwOthersidemeta @OthersideMeta
265K Followers 326 Following Where the swamp ends, Otherside begins. Discord : https://t.co/iF5gw2EebE Created by @yugalabsAdam Hollander @HollanderAdam
57K Followers 4K Following Husband & Father • Founder @WhiteSandsGame • Sold my company to Microsoft • Punk #4888 • Wizard Shadow Hat (Ordinal #967)Convex Finance @ConvexFinance
55K Followers 98 Following Boosted Curve staking, Frax, f(x), and Prisma staking!! Maximize your yields! Discord: https://t.co/x6GAkDeMLIWorldwide Webb @Worldwide_WEB3
104K Followers 4K Following An ever-evolving universe. Your actions decide its fate. Join the community. https://t.co/8jrlIl2IPmWu Blockchain @WuBlockchain
371K Followers 994 Following Important Crypto News mainly Asia Lead by Colin Wu 吴说 More Channels: https://t.co/EWW3fUtX5v Contact: Tele colinwu1989 non-financial adviceLeonidas @LeonidasNFT
213K Followers 5K Following Ordfluencer | Runemaster | Building @ord_io | Host @TheOrdinalShowLootRush - rent all g.. @LootRushGames
13K Followers 903 Following 🚀 Rent all gaming NFTs. 🕹️Choose your items. Pay a fee. Play and keep all the loot. Compatible with 1000+ games. 🔥 Backed by @paradigm, @a16z, @ycombinatorLumiterra @LumiterraGame
67K Followers 131 Following 🧑🤝🧑Multiplayers 👩🌾Farm ⚔️Battle 🗺️ Explore https://t.co/Du5w6hrhOCMagic Eden on Bitcoin.. @MEonBTC
89K Followers 682 Following Welcome to the world of Ordinals, brought to you by the first audited, secure platform, @MagicEden. For help support: https://t.co/0OPSg9YXe9Magic Eden 🪄 @MagicEden
623K Followers 3K Following The best place to discover, buy, and trade your favorite digital collectibles | https://t.co/TM8CKG6WUpCasey @rodarmor
131K Followers 294 Following 😻 A N A R C H O — C A T B U S 👁 https://t.co/Qy87VuaizA 🥵 https://t.co/2cPqL2xpuh 🤖 https://t.co/eG0CZL5IXH 🎨 https://t.co/1l9ekCAT6z 🏠 https://t.co/4MdA62CeUhInside NFTs @NFTLDR
598 Followers 64 Following Daily 5 Minute Cross-Chain NFT Market + Happenings + News Updates and Commentary | Hosted by @hudah_idiot Live show coming soon.BendDAO 🛡️ Runni.. @BendDAO
58K Followers 788 Following The first decentralized Peer2Pool-based NFT liquidity protocol. Maximized ApeCoin Staking Yield for your BAYC, MAYC, and BAKC https://t.co/omPfFqvKOsOrdinalsBot ⚡ @ordinalsbot
27K Followers 408 Following △ We make it easy to inscribe ordinals on #Bitcoin - Like, really easy. Discord: https://t.co/5PLV1ND9It Telegram: https://t.co/prbR5IwRWLBùi Sea Love @buisealove
4K Followers 464 FollowingWorldcoin @worldcoin
316K Followers 65 Following Building the world's largest human network to improve trust online and access to the global economy.Napoleon.eth ❤️ M.. @NapoleonEth
12K Followers 1K Following Cyberkongz #1000 | NBATopshot TS: Napoleon @playsomo | $SOMOwale.moca 🐳 @waleswoosh
97K Followers 8K Following Big Web3 guy 🌐 | Doing research at @Azuki 🔬 | Advisor @mocaversenft @immutableCyfrin CodeHawks @CodeHawks
5K Followers 3 Following Helping companies secure smart contracts and auditors get paid. More than $500k rewarded to auditors. Powered by @cyfrinAuditsCyfrin Audits @CyfrinAudits
8K Followers 3 Following Securing the blockchain and its users. Industy-leading smart contract audits, tools, and education. Powering @codehawks | @soloditofficial | @cyfrinupdraftBLAZINdotETH @BLAZINdotETH
2K Followers 2K Following #bitcoin #eth #nft #cyberkongz #ordinals https://t.co/OfPxQfkiG4 https://t.co/puA5iKDsnK https://t.co/E6tM3LbQ5gT3chman 🎮 @T3chmanETH
13K Followers 1K Following I am betting on builders tackling Web3 challenges. Keeping it real.Lookonchain @lookonchain
383K Followers 372 Following Looking for smartmoney onchain! Telegram: https://t.co/9UkWUH9qaBPortal @Portalcoin
375K Followers 1 Following The next-gen gaming platform and publisher. Redefining the way games and gamers connect. Game on!If you remove all the bots and multi-account users in @Ronin_Network and @pixels_online their DAU will still be greater than all other gaming chains combined Here's the bitter truth... Your games don't have bots probably because it's not worth botting in the first place.
How was your Friday night? I'm on my way home 😃🏡 #WOW3
@ApprenticeHand @PozosAxie @CyberKongz Yes just a pet peeve of mine.. I don’t usually like it when an ecosystem has two coins. I see Banana as the heart of the ecosystem, I hope that vision remains in tact
@0xCaco @CyberKongz What I see!! Mint NFT CK, then CK bébés, then CK VX then CK genkai, and now new NFT ( Prometheans) Tokens Banana , and soon new token!! I feel it's going ugly for assets holders!! Team just creating new narrative evertime !!
GM GM ☀️ ☕️ Coffee with @WOW3_Official #WOW3
Solana has destroyed the credibility of all cryptocurrencies. Anyone know if there have been reports made to the SEC about any of this yet?
👑
7/ Thesis #1: 50-1000x better than peers Ronin has 1000x more UAWs, 80x more transaction count and 50x more dapp volume than its peers We think this alone should warrant higher valuations for RON, yet BEAM trades at a 60% MCap premium while IMX trades at a 260% MCap premium
Me and the gang spamming our vx runs today #OOH
me and the gang on the wire figuring out our adventure run plan
@whatslukedoing Pro: good idea as long as data can’t be skewed by a single holder (few holders). Con: why limit the openness of Pixels? smaller niche projects could be introduced here and you can be their launchpad. Id say you rather want to make Pixels accessible for as many ppl as possible to…
🤝 Excited to share our Smart Contract Audit success, securing ✨ 50,000 ETH in TVL during NFT Sale. Working with @SkyarkS, we've protected users' assets through thorough code reviews and simulations. Thanks for trusting #Verichains! >> Read full report: verichains.io/?search=SkyArk
Here is my take on work-life balance: 1. Work is both your main job and self-development; don't separate them. 2. You will tend towards either work or life; there is hardly a balance. 3. If you choose work, bust your ass for 5 to 10 years; you can afford to relax a bit later.
I spent 10% of my life contributing to the development of the #VisionPro while I worked at Apple as a Neurotechnology Prototyping Researcher in the Technology Development Group. It’s the longest I’ve ever worked on a single effort. I’m proud and relieved that it’s finally…
We are seeking sponsors to support 03 Vietnamese students to join International Cybersecurity Challenge (IC3) held in San Diego, US. Join us in making a meaningful impact. Your generosity is greatly appreciated!❤️ko-fi.com/vnsec/goal?g=18
Our team has successfully reproduced PoC for CVE-2023-2825 GitLab Arbitrary file read via uploads path traversal. Only effect to GitLab 16.0.0 version. Patch it ASAP 😁😉.
I just got my highest bounty of $5,500 from @GHSecurityLab for CodeQL query to detect ZipSlip bugs in Ruby🎉🎉
Verichains has released a new security advisory VSA-2022-120, exposing a key extraction vulnerability in Multichain's fastMPC. Kudos to @MultichainOrg for the swift response and bug bounty. Keep an eye out for upcoming advisories on critical attacks blog.verichains.io/p/vsa-2022-120……
The old search engine backend will be used by the AI to gather relevant information and links, which will then be summarized for the user. It's like asking a professional human researcher to do the work, except the AI will instantly do what would take many minutes for a human
This JWT CVE makes literally no sense. This is poor argument validation, but a vulnerability? How anyone believes it could lead to an RCE is beyond me.
Also I don't understand CVE-2022-23529. There doesn't seem to be a fix for it and the threat model doesn't make sense. github.com/auth0/node-jso…
The reason for this massive theft is that hackers have hijacked the latest installation package 7.2.9 with the following version, and users are advised to transfer funds immediately: