40630
The largest collection of malware source, samples, and papers on the internet. Password: infected https://vx-underground.org/
New research thingie.
Stupid callbacks
https://malwaresourcecode.com/home/my-projects/proof-of-concepts/stupid-callbacks-for-malware-evasion
Everyone sobbing and crying over the Razer Project AVA 3D Anime Waifu Hologram companion is being a big baby
The device Razer is selling requires a connection to a Windows device over USB. Hence, this device requires (in some capacity) drivers (kernel mode components). What I suspect (pure speculation) is when you purchase this device you'll need to install a Razer service (program running constantly) which will run as a service (Windows service, SYSTEM-level authority) somewhere on the machine. I suspect a user-mode component will be displayed which allows you to configure your 3D Waifu thingie.
I am profoundly curious what this looks like under the hood. "Hologram" technology aside, I want to look at the user mode components, the kernel mode components, the network requests it makes. I want to know what it's written in. Python compiled to .exe? Is it an Electron app (common now)? C/C++? Trendy and hip in Rust?
I am also deeply curious on the pricing model they push.
This (in my opinion) is a really interesting piece of technology. I really, really, really want to poke it with a stick to see how it works internally. What happened to nerds being curious and excited about stuff? Jesus
HOLY SHIT. Razer has demoed Razer Project AVA, a 3D Hologram AI companion.
Dawg, it's a fucking AI HOLOGRAM DESKTOP WAIFU
Dawg, if you've received a fake letter in the mail from someone impersonating the government, and it's got a USB stick in it, that's a fucking bomb (probably not, I don't know)
Читать полностью…
I love Microslop
Copilot is enabled by default in the Microsoft Word 365 Copilot App. You have to go to settings and disable Microsoft Word 365 Copilot App Copilot
Earlier today I made a post about over 900 malware research papers being released in 2025. Some people expressed confusion about this. Let's talk about malware research, what it entails, blah blah blah.
Malware research can be broken down into two distinct categories and from there it can be broken down further into more unique categories. Let's keep it shrimple.
- Offensive malware research
- Defensive malware research
Offensive malware research is trying to find new malware techniques. This is pretty broad. I won't go too much into detail on this. This isn't the thingie we're discussing here.
Defensive malware research is documenting new malware campaigns, tracking existing malware campaigns, reverse engineering malware and correlating it and/or tying it to other malware campaigns, techniques on malware detection, etc. This can be pretty broad too because malware detection, malware campaigns, anti-malware research, etc. will be vastly different on Windows, Linux, MacOS, mobile-devices, etc.
When I write that there was 996 malware research papers released what it means is (approx.) "996 vendors released papers sharing information on malware campaigns, reverse engineering malware, sharing malware detection techniques, malware family lineage discoveries (shared code across malware campaigns), etc".
Every single day I see vendors release paper documenting malware campaigns, what they're seeing on their side, and methods to detect the malware payloads. How they're discovered is also a different discussion for a different day.
Places where malware research is released:
- Basically every government on the planet
- Hundreds of independent researchers
- Google
- SentinelOne
- ESET
- Microsoft
- Kaspersky
- CrowdStrike
- RecordedFuture
- Cisco Talos
- VMWare
- CloudFlare
- Akamai
- HuntressLabs
- BitDefender (also Huntress?)
- Fortinet
- AVAST / AVG
- TrendMicro
- Sophos
- F-secure
- Panda
- Comodo
- Qihoo
- Dr. Web
- NVIDIA
- Norton
- MalwareBytes
- Secureworks
- ZScaler
- Okta
- Chainalysis
- Trustwave
- Nextron Systems
- GDATA
- AT&T
- Walmart
- StealthMole
- Censys
- AhnLab
- PtSecurity
- OxSecurity
- Securonix
- Koi-AI
- Palo Alto Networks
- CheckPoint
- Huorong
- Oligo
- Cyderes
- DarkTrace
- K7Computing
- CyberArmor
- ... more ....
In 2025 there was approx. 996 malware defense and/or detection research papers released.
Читать полностью…
Link for education: https://www.youtube.com/shorts/plM7CMmlwlg
Читать полностью…
I can't post this on Twitter because the nerds on Twitter wouldn't get it. Telegram gets it though.
Читать полностью…
tl;dr misinformation online, uk says not involved, wouldnt be surprised if uk involved, us and uk are best frens and always doing something sketchy together
Читать полностью…
It should be noted that this is not unheard of. The Russian government, Chinese government, and (historically) the United States government have performed similar actions in the past. It is ICS/SCADA malware. Most notably, Stuxnet and BlackEnergy
Читать полностью…
Ubisoft's Rainbow Six Siege has been compromised (again). Social media is filled with players complaining about being banned for "67 days", a reference to the "Six Seven" meme.
Читать полностью…
Drama and discourse online as news circulates that Microsoft has "quietly removed the official way to active Windows 10 and/or 11 without internet connectivity".
As is tradition, nerds went fuckin' spazzo without reading into the issue more or questioning how and/or why this has happened.
Historically nerds unironically called Microsoft to activate Windows. Attempting to call Microsoft now to activate Windows you're greeted with an automated message informing you that you need to activate Windows online through the Microsoft Product Activation Portal
As is tradition, it is still possible to activate Windows (or install Windows) without an active internet connection. This can be performed by modifying the Windows installation files (installer.ISO image), using frameworks such as Windows Assessment and Deployment Kit.
tl;dr Microslop making things a pain in the ass, spazzo slightly less justified, 99% of people don't activate Windows over the phone (it's not 1995), but it's nice seeing people angry at Microslop
In 2016 StackOverflow had over 200,000 questions asked per month.
At the end of 2025 StackOverflow averaged less than 10,000 questions asked per month.
The United States government has announced, and confirmed, the successful capture of Venezuela President Nicolas Maduro and his wife Cilia Flores.
Additionally, the United States Department of Justice has announced Mr. Maduro and his spouse have been formally charged with:
- Narco-Terrorism Conspiracy
- Cocaine Importation Conspiracy
- Possession of Machine guns and Destructive Devices
- Conspiracy to possess Machine guns and Destructive weapons against the United States
The United States government shared a photo online of Mr. Maduro's capture
When everyone was crying about Copilot on Windows, I didn't see anyone (to my knowledge, I dunno) actually try to poke it with a stick to see what it was doing under the hood. I poked it and people read about it (and got some super cool feedback too). What happened to your curiosity? Why is everyone so fucking grumpy now? It's interesting stuff, dawg.
Читать полностью…
Dawg, the split second I saw I could have that niche Japanese internet celebrity lady living in a fucking jar on my desk, I immediately pre-ordered this fucking thing
Читать полностью…
The unfortunate reality is that I know dozens of people who have tried to notify vendors, or government agencies, of vulnerabilities or potential problems. For reasons I do not understand, sometimes things are brushed aside, or forgotten, or mishandled, and nothing is resolved.
Interestingly, and for reasons I do not understand, if they (the person who found the potential problem or vulnerability) notify me of the problem and I make a post on social media about it (to nearly 400,000 people), suddenly the issue is far more important and it is magically resolved.
I hate to say it, but sometimes you kind of have to bully and/or shame places into fixing things. I don't necessarily blame the security teams, I think it is a bureaucracy issue and/or management issue.
No, Ubisoft was not compromised from their "anti-cheat".
No, Ubisoft was not compromised by a rogue agent.
No, Ubisoft was not compromised as a result of a Threat Actor infecting an employee with information stealer malware.
Ubisoft technically* wasn't "compromised" (hacked) in the traditional usage of the word. I can't go into too much detail, because I don't want my knee caps broken with a baseball bat, but the event we all witnessed was the result of API abuse
In simpler terms, nerds discovered an exposed API endpoint (computer where instructions are sent to) and abused the poop out of it. This endpoint received commands for all sorts of stuff (bans, credits, etc). Normally another program sends instructions to this endpoint.
Under normal conditions, this endpoint requires authentication with a "key" (instead of using a username and password), but nerds ... sort of ... found a way to bypass the API key requirement. I'm using the word bypass here extremely liberally. What happened was extremely silly.
Ubisoft is aware of what happened. They're not dumb. The fix for the issue they're encountering is kind of a pain in the ass to fix, it'll take some time, I'm not surprised nerds managed to metaphorically kick in the door (abuse the API endpoint) again.
Ubisoft itself was not compromised. No employee data was stolen. No customer data was stolen. Nerds basically beat Siege servers with a stick until it did stuff.
It should be noted that each vendor, or government, releases research which is tailored to them or their audience.
As you could probably assume, Microsoft rarely discusses MacOS malware.
Another interesting quirk is each vendor tailors research to their region. Vendors in China or Russia will discuss threats to the country they reside in. Hence, you can get unique insight into what is targeting countries outside the United States or NATO.
Believe it or not, while the United States says Russia and China launch offensive cybersecurity operations, China and Russia also accuse the United States (and allies) of targeting them as well! Strange stuff!
AND YALL MFERS ASKING "OHHH HOW DO I GET INTO MALWARE REVERSE ENGINEERING" READ LITERALLY ZERO
wAK=E UP BRO, LOCK IN
Microsoft is so fucking stupid.
Microsoft renamed Microsoft Office to Microsoft 365 Copilot App
I'm not joking
The internet is cool and badass. You can just do things.
I found a man on YouTube who has repeatedly recorded himself knocking himself unconscious by performing WWE-like stunts onto things such as microwaves.
I'm not entirely sure of his motivations, but this person is so unusual I went WAY out of my way to acquire their autograph.
I subsequently framed it and placed it on my wall.
Hello,
I've pushed some updates to the malware store. Please look at the malware and/or download the malware. I pushed more after Christmas, but I forgot I did, but whatever.
pic: unrelated
https://vx-underground.org/Updates
Note:
Initially when it was reported the United States government utilized offensive cyber security operations to terminate power in the Venezuela capitol it was reported online the United Kingdom government was involved.
However, Sir Keir Starmer has denied these accusations. Starmer asserts the United Kingdom has no knowledge prior of what was happening in Venezuela and "the situation is unfolding rapidly".
In Starmer's defense, it is plausible it was SPECULATED the United Kingdom was involved (because they have been historically) and the speculation was misreported and/or regurgitated as fact (classic misinformation).
Politicians in the United Kingdom have called on Starmer to condemn the United States government, as well as President Donald Trump, for the operations which occurred in Venezuela.
Opinion:
It appears it was misinformation online, hence Starmer had to go on the record and deny involvement. However, it would not surprise me if the United Kingdom was actually secretly involved (in a currently unknown capacity). The United States government and United Kingdom government have referred to each other as "their strongest ally(ies)" and have for decades been strong partners in offensive cybersecurity operations.
This partnership was solidified in or around 2014 (via Snowden Leaks) the United Kingdom GCHQ, in collaboration with the United States NSA, developed "Regin", which was (unironically) an incredibly sophisticated malware payload designed for telecommunication espionage. Additionally, the United Kingdom GCHQ was tied to Operation Socialist, TEMPORA, and still classified ISIS-related offensive cyber operations (confirmed by the United States government).
This information is nearly a decade old.
Do I think the United Kingdom has stopped partnering with the United States government for state-sponsored offensive cybersecurity operations (hacking)? No.
Would it be surprisingly the United Kingdom was involved in operations against Venezuela? No.
Do I believe the United Kingdom would deny involvement? Yes
Reports surfacing the United States government, working with allies from the United Kingdom, programmatically terminated electrical power to parts of Venezuela's capitol prior to United States military arrival.
tl;dr compromised Industrial Control System, turned off power
tl;dr teenager, later adult, role-plays in video game. is it terrorism? role-play? first amendment? real threat?
The United States Federal Bureau of Investigation is big mad.
In June, 2025, James Wesley Burger was all over social media when the United States Federal Bureau of Investigation indicted Mr. Burger, alleging he was planning a terrorist attack on Roblox. The insanity of this caused online discourse (mostly memes, mocking his name and mug shot), whereas people discussed the absurdity of planning terrorism over Roblox.
The United States Western District Court of Texas has told the FBI (in not so simple words) "nah lol prolly not".
Mr. Burger was an alleged Islamic State sympathizer and discussed plans of terrorism on Roblox. However, according to Mr. Burger's lawyer, and the Honorable Judge Alan Albright, the attempted prosecution of Mr. Burger is a First Amendment Violation (right to free speech). Mr. Burger's case has been dismissed.
The reason WHY it was a first amendment violation is because CONTEXT was missing from Mr. Burger's prosecution. In summary, the screenshots the FBI took of Mr. Burger on Roblox come from a role-playing game called "Church" where users making "anonymous" confessions and pretend to be historical, mythical, or fictitious characters. The United States Federal Bureau of Investigation assert Mr. Burger made concerning posts elsewhere too, such as 4chan, and he illustrated a behavior of attempted concealment, planning, etc.
The defense of Mr. Burger argued that Mr. Burger was trolling. Although he said dangerous things on the internet (Roblox), Mr. Burger does not and has not done anything in-real-life which would constitute him being a threat to anyone, including himself. Additionally, the defense asserts the FBI left out key details on Mr. Burger. Per court documents retrieved from Roblox, Mr. Burger was in "Church" (role-playing game) as an ANTIFA member, a neo-nazi, and subsequently an Islamic State sympathizer. The defense asserts the FBI was, in essence, seemingly indifferent or unaware of "extremist" role-playing until he role-played as a Jihadist.
Judge Albright has officially dismissed the case which has deeply frustrated the FBI. The FBI has stated they will make an appeal.
AI killed StackOverflow [message marked as duplicate] [removed by moderator]
Читать полностью…
tldr kidnap president of Venezuela before going full disclosure on Jeffrey Epstein
Читать полностью…
I guarantee other parents will read this and say, "oh ya, haha, one time my child did ______" and share a similar horror story.
Читать полностью…