40629
The largest collection of malware source, samples, and papers on the internet. Password: infected https://vx-underground.org/
> web article about unis
> 90% of students using ai to cheat
> uni educators and staff frustrated
> call for revolution of education
> critics say school is cooked now
> phd lady writes article about it
> look inside
> "its not x—its y"
> "why it matters"
> be United States Senate
> fast track legislation on ID verification for AI usage
> passed initial review unopposed
> bipartisan support
> need to be 18 years old to use AI
> realize Copilot comes with Windows
do we need to do age verification to use Windows ... ???
United States government is fast tracking legislation to do ID verification on AI usage.
Apparently AI is extremely dangerous to children and every AI product must perform age verification to ensure you're at least 18 years of age.
> saturday
> go outside
> go to event thingie
> talk with normal people
> them: "what do you do for a living?"
> answer question
> them:
One of these days remind me to show you my folder of shame.
I have probably a hundred or more failed malware ideas. When I have a malware idea I don't even label it correctly anymore. I have project names like "aaaaa", "aaaaa(1)", "dsthingie", "firewallstuff", "tmpproject".
It's mountains of failed code. I am the grand emperor of failure.
> be insurance, but for ai slop
> in case ai sends money to stranger or nukes prod
> fast forward
> "ai is conscious, bro"
> man goes on social media
> beep boop to grok
> grok (totally conscious) transfers $150,000 to stranger
ITS AS THE PROPHECY FROM CORGI FORTOLD
Someone used AI prompt injection to crypto drain $150,000... from a tweet.
I would share the write-up and more information on it, but the person who did the write-up blocked me (I have no idea who they are).
Instead, have a picture of the write-up so you can look them up.
Here's the thing no one wants to tell you about AI:
1. It's the worlds largest Python script
2. It runs on Linux, Windows Defender slows it down
3. It uses lots of numbers (nobody knows why)
4. It requires a bunch of GPUs (for gaming)
5. No, you can't have sex with it
I've been extremely busy. Haven't been able to malware as much.
Here is what I saw:
- Linux security nerds big angry at some dude named Eric because he has been ignoring security things, or something, I don't know. Some drama about CopyFail and some Android stuff
- cPanel CVE destroying normies, botnets, compromises, spam spamming stuff
- Google not wanting to bug bounty as much because of AI slop. Bug bounty nerds throwing hands everywhere
- A bunch of nerds arguing about the WeezerOSINT guy, saying he's a criminal, others saying he is cool and badass
- A bunch of nerds angry at the Lunduke guy
- Will Dormann going ham sandwich on CopyFail
- More updates on those dorks who were in ALPHV but also cybersecurity negotiation people, they're cooked
- 15 year old arrested for cybercrime in France (stuff with Breached, I guess, I don't know).
- Everyone yapping about Fast16 still
- China tests spooky deep sea oceanic internet cable cutter thingy
- More NPM malware
- Apple Claude md thingie oopsie doopsie
Did I miss anything?
One of the most frequent questions I'm asked is "how do you stay up to date on malware stuff?"
Okay, here is a pro tip:
1. Google OTX AlienVault
2. Make account
3. Look at latest
4. Scroll until you find posts from a guy named Petr something-something (has numbers in his name).
4. Follow his account
He monitors all the big malware places and shares the URL, hashes, etc. from malware vendors. I've been following this random ass dude for years and getting updates on everything.
I have no idea who he is. I don't know where he's from. All I know is his setup is absolute fire and he keeps you up to date on literally everything malware related 24/7 365. He also has stuff from vendors in China, Russia, Japan, etc.
Every morning I log into OTX and check up on my boy Petr to see what fire he's bringing me. I love him.
Just got done talking at Georgia Institute of Technology.
I was introduced to a bunch of cybersecurity students as "cybercrime TMZ", a person who "collects pictures of cats", "fills computers with mayonnaise", and discusses things with "Dragon Ball Z" references.
On paper this shit makes me look like a lunatic.
The entire room was dead silent as I vaped and spoke schizophrenic nonsense.
Chat, I DO NOT think they'll be inviting me back
Toronto Police launched Project Lighthouse in November, 2025 after police were tipped off about an unknown person(s) operating an SMS Blaster in downtown Toronto.
Watch the video for an actual explanation. The fancy Detective lady gives a run down on what happened.
tl;dr three chinese dudes some how built a custom made portable cell phone tower thingie in a van, drove around toronto with it. peoples cell phones automagically connected it to (its literally a cell phone tower thingie). when a cell phone connected to their portable cell tower thingie it would automatically send the connected phone a text which appeared to be from their bank or somewhere important. they interupted real cell phone towers 13m times lmfao. they were trying to steal passwords and stuff. no details released on how three random nerds managed to do this
Now we wait and see.
https://x.com/vxunderground/status/2048126003185172890
This is why it's important to NEVER use Linux. Linux is ILLEGAL and for NERDS. Use Windows, enable ALL telemetry, and use Copilot. It's the only safe option.
Читать полностью…
I'm so tired of all the Linux larps bro
Nobody gives a fuck that you use Linux. It's just an OS bro.
Want to impress people? Go into the forest with a hatchet and make a computer from dead insects, tree bark, and your feces
One of my good friends was deployed to the Middle East about 17 years ago.
He did a 6 year stint in the military.
He got out and had some mental health issues and had problems integrating back into the world outside the military.
After nearly 8 years of struggling with PTSD, depression, anxiety, and alcohol issues, I'm happy to share he's finally got his head back on straight.
He told me he's attending university for cybersecurity. He got himself a really nice girlfriend who seems very supportive of him. He's got a nice home to call him own.
He's doing really, really good. It all worked out.
Proud of my boy.
As is tradition, it's total bullshit. The United States government doesn't care about children. It's yet another privacy violation.
Читать полностью…
Read some news articles today that people from the United States government met with various faith leaders across the United States on April 27th for a secret meeting
Faith leaders disclosed that the United States spooky people told them that the Trump administration will soon be unsealing various documents about UFOs.
Supposedly the United States will be releasing documents so profound it may cause a religious crisis in the United States (and the world). Faith leaders said the spooky government people talked about space reptiles and stuff.
Is any of this true? I have no idea. It's from Daily Mail, MSN, some various social media profiles, and speculative thinking from Donald Trump's social media posts.
Excited to see what happens. Realistically however, it'll probably be mildly interesting, everyone will discuss it for a few days, then a large majority will forget.
GitHub is for nerds.
Share your code as a text file on some shitty HTML site.
It's what God would want
I've got a really silly idea for malware.
Windows 11 now have Windows.Graphics from the Windows Runtime API.
You can use it for taking screenshots. It's supposed to be better than the native WINAPI method because something about GPU rendering stuff, I don't know, I can't remember.
Anyway
Windows 11 also ships with an OCR library from the Windows-something-something in the WinRT as part of their AI stuff.
The point being: I think I can take a fancy screenshot of an application, like Slack, Microsoft Teams, or Discord, using WinRT then use WinRT to OCR it into readable and parseable text from C/C++
It is basically a really convoluted way to do keylogging or espionage, or whatever.
For extra flavor, use WinRT to upload the OCRd text to a remote host. Why do this instead of WinHTTP or Windows Sockets? Literally no reason other than curiosity. I have no idea how this would appear under the scope of an EDR.
Sometimes you need to try silly things.
It's always interesting to scroll social media and find an account who blocked me.
I'm like, "dayum, this person HATES ME and I have no idea who they are or what I did".
In all fairness, I do post some dumb shit, so it's completely understandable.
Did your slop Python script accidentally transfer $10,000,000 to a stranger?
Did your vibe coded app accidentally leaked 300,000 peoples phone numbers, e-mail addresses, and passport?
Don't worry, fam. The folks over there at ... Corgi ... now provide AI insurance.
I also got a shit load of DMs but I don't have the willpower to read and reply. Some of you write GIANT messages and it makes my brain hurt (I'm dumb as hell)
Читать полностью…
> new cpanel cve thingie
> proof of concept released
> neat
> check on internet degenerates
> tons of united states gov thingies compromised
> tax places compromised
> another day of internet schizophrenia
CVE-2026-31431 a/k/a CopyFail
> Linux LPE
> Description sounds like AI slop
> Exploit is legit
> Impacts every Linux kernel from 2017 - Now
> Proof-of-concept released
> It's Wednesday?
https://copy.fail/
Hello,
If you're one of the many little people who lives inside my phone, and enjoy malware, I have good news: I have more malware for you.
The bad news is I forgot to sync the update log. I'll do it tomorrow, maybe later tonight, I don't know.
Pic unrelated
Telegram nerds, I've decided this Saturday I'm going to make Windows posts and see how Linux users on social media react.
Will they rage? Will they get the joke? It's science
I made an intentionally hyperbolic joke poking at all of the Linux posts on social media, some people were not happy about it
Here is what I've learned:
- I'm stuck in the clutches of Windows
- Linux is about freedom, or something
- My Mom
- I don't do anything technical (anymore?)
- People are tired of my whining
- I'm mad
- I'm a Winblows cock sucker
- I'm on a computer
Chat, do NOT tell Linux users to build a computer in the forest with a hatchet.
> be malware
> try to be evasive
> "I know! I'll put in backup domains!"
> "I'll also put in fake domains!"
> "It'll be brilliant!"
> "This strategy will bypass everything!"
> Look inside
> 4786 DNS requests
Wow, so subtle bro