Ori @vbCrLf
Security Researcher and Software Engineer. Playing with @pastenctf orilahav.me Joined November 2008-
Tweets5
-
Followers37
-
Following54
-
Likes63
Ori retweeted
Sometimes the most interesting connections are the unexpected ones. @Oranav and @vbCrLf showed how PostgreSQL internals can play a role in exploiting AI orchestration zero-days.
1
3
13
1K
0
View Details
Over the last few months, I researched Langflow, n8n, and Activepieces. The result is 9 zero-days and a BlueHat IL talk 🛠️ 🚨 CVE-2026-7524 (Critical - 9.8) 🚨 CVE-2026-48519 (Critical - 9.6) ⚠️ CVE-2026-7528 (High - 7.1) 🐛 CVE-2026-42228 (Moderate - 6.3) 🐛 CVE-2026-48520 (Moderate - 6.1) 🚨 CVE-not-yet-published (Critical - 9.0) 🚨 CVE-not-yet-published (Critical - 10.0) ⚠️ CVE-not-yet-published (High - 8.6) ⚠️ CVE-not-yet-published (High - 8.3) Thanks to the vendors for the cooperation and fixes. @Oranav and I will be breaking down some of these on stage at BlueHat IL 2026 Registration closes soon. Write-ups will be published after the con. Abstract: microsoftrnd.co.il/bluehatil/conf… @BlueHatIL @msftsecresponse
Excited to share my research was accepted at @BlackHatEvents USA 2026! 🎩 I'll present how I achieved interactive access to users' AI assistants by chaining: 🔓 Prompt injection 🔓 Privilege escalation 🔓 Path traversal 🔓 `.toml` injection 🔓 and finally an `LD_PRELOAD` exploit The impact: 🚨 CVE-2026-32193 (Critical) 🏆 $48,000 bug bounty from Microsoft ChatMate: Remote Prompt Execution on AI Assistants through Sandbox Escaping blackhat.com/us-26/briefing… Special thanks to @msftsecresponse for the brilliant collaboration! See you in Vegas 👋 #ChatMate #CVE_2026_32193 #BHUSA @BlackHatEvents @rubrikInc @Oranav
gk98 @98erKAG
44 Followers 2K Following
Gilad Reti @gilad_reti
41 Followers 673 Following
Oryan De Paz @OryanDP
3K Followers 466 Following Interested in infosec, especially in Windows Internals 💙 Reverse Engineering 💚 and CTFs ❤ (oh and did I mention Windows Internals already? 😉)
Mena @Sec_Follower
2 Followers 36 Following
guyru @guyru_
2K Followers 556 Following Vulnerability research, cryptography, FOSS, finance and random stuff. Leading @cellebrite's iOS research.
Luna @Luna_0xFF
0 Followers 462 Following
MaYil @mayl8822
84 Followers 4K Following
x3xpl05iv3x @x3xpl05iv3x
16 Followers 195 Following Jailbreaking, hacking, reverse engineering, motor sports, pool, pc repair, technology, space, engineering, pig farmer, general nice bloke altho speak my mind!
Imri Goldberg @lorgandon
567 Followers 1K Following Programmer, also doing other stuff from time to time
Nir Krakowski @nirkrakowski
316 Followers 329 Following
Oran @Oranav
4K Followers 390 Following Co-founder and CTO at @laminarsec, acquired by @RubrikInc. CTFing with @pastenctf.
mikecotic @mikecotic
252 Followers 2K Following
haloww @asteriskstr_
8 Followers 10 Following
Uri Shaked @UriShaked
6K Followers 2K Following Maker ◆ Voiding warranties at @WokwiMakes ◆ Keepin' it Chippin' at @TinyTapeout ◆ What I'm doing now? https://t.co/q9mIBsJVzS
Myway @Myway69928899
7 Followers 698 Following
chen @rvrsec
1 Followers 69 Following
The Phoenix @The_9h03n1x
0 Followers 34 Following
Eldad Rudich @d3bu9
237 Followers 435 Following Founder and CTO - Daylight Security. Cybersecurity, AI and everything in between
The Last Monkey 🐵 @The_Last_ED
519 Followers 1K Following אני סאחי טכנולוגי דתי אז אל תהיו מופתעים מהציוצים שלי
Gerry Askefalk @GAskefalk
23 Followers 82 Following Java architect and developer. Been coding since i was 16, love it!
SecDocs @secdocs
7K Followers 6K Following Hacking and security documentation: slides, papers, video and audio recordings. All high-quality, daily updated. Spreading hacking knowledge, for free, enjoy!
VX Heaven @vxheavenorg
3K Followers 3K Following The most complete computer virus library on the net.
ClemmieBouveron @ClemmieBouveron
105 Followers 503 Following I hate it when I text someone and I get no reply.
FlorenzaNegrell @FlorenzaNegrell
61 Followers 207 Following Don't promise when you're happy, Don't reply when you're angry, and don't decide when you're sad.
VerniaCress @VerniaCress
387 Followers 1K Following
Muscle and Fitness @muscle_fitness4
208 Followers 617 Following
Dream.In.Code @DreamInCode
4K Followers 2K Following The #1 Programming Help Community! 300,000+ Members. C++, Java, VB6, http://t.co/5jeBPhZJyF, C#, PHP, Ruby, Python, HTML, CSS, JavaScript, more...
Gilad Reti @gilad_reti
41 Followers 673 Following
Daniel Bachmat @DanielBachmat
40K Followers 583 Following דניאל בכמט | כותב על צבא ומתמטיקה (ולפעמים שחייה) מזווית קצת אחרת
🥝🏳️🌈 Be... @gentilkiwi
62K Followers 291 Following A kiwi coding mimikatz & kekeo github: https://t.co/eS3LVgU6i0 Head of security services @banquedefrance Tweets are my own and not the views of my employer
Jeff Dean @JeffDean
446K Followers 6K Following Chief Scientist, Google DeepMind & Google Research. Gemini Lead. Opinions stated here are my own, not those of Google. TensorFlow, MapReduce, Bigtable, ...
guyru @guyru_
2K Followers 556 Following Vulnerability research, cryptography, FOSS, finance and random stuff. Leading @cellebrite's iOS research.
Jiří Vinopal @vinopaljiri
10K Followers 567 Following Security Researcher at @_CPResearch_ All opinions expressed here are mine only. https://t.co/bNWc3kafmd
Microsoft Security Re... @msftsecresponse
145K Followers 214 Following We are the Microsoft Security Response Center. To report security vulnerabilities or abuse in Microsoft products, visit https://t.co/kxEbdfMny1.
Microsoft Security @msftsecurity
344K Followers 320 Following Be first to know about AI, threats, and new tools. Quick hits, expert tips, and real-time security news—follow for smarter, safer ops.
Black Hat @BlackHatEvents
425K Followers 2K Following The World's Premier Technical Cybersecurity Conference Series
BlueHat IL @BlueHatIL
6K Followers 534 Following
Imri Goldberg @lorgandon
567 Followers 1K Following Programmer, also doing other stuff from time to time
Nir Krakowski @nirkrakowski
316 Followers 329 Following
Gabriel Almeida @ogabrielluiz
223 Followers 452 Following Founder & CTO @Langflow_ai ⛓️Discord: https://t.co/Q8IsKDfexl
Elvis @elvissun
45K Followers 372 Following 2x dad building the agentic PR stack in public: 🚀 https://t.co/aq7DBz7en5 ⚡ https://t.co/JcWBKKqdWw
Rubrik @rubrikInc
44K Followers 1K Following Rubrik (NYSE: RBRK), the Security and AI company, operates at the intersection of data protection, cyber resilience and enterprise AI acceleration.
Internal Tech Emails @TechEmails
594K Followers 890 Following Internal tech industry emails that surface in public records. 🔍
Danny Leshem ⚡ @DannyLeshem
5K Followers 342 Following L̶o̶o̶k̶i̶n̶g̶ ̶f̶o̶r̶ ̶m̶y̶ ̶n̶e̶x̶t̶ ̶c̶h̶a̶l̶l̶e̶n̶g̶e̶.̶
Saar Amar @AmarSaar
18K Followers 359 Following
Bill Gates @BillGates
63.9M Followers 571 Following Sharing things I'm learning through my foundation work and other interests.
Hexagate @hexagate_
5K Followers 94 Following Hexagate prevents exploits, hacks, and risks for protocols, chains, exchanges and asset managers. Acq. by Chainalysis. Get access today: https://t.co/n9UkoC25wH
Eliya Cohen @CoEliya
130 Followers 156 Following Software Developer | Creator of SafeQL (https://t.co/Q9Lm7Gow4O)
vitalik.eth @VitalikButerin
6.7M Followers 547 Following I choose balance. First-level balance. mi pinxe lo crino tcati https://t.co/gCQrmCby7P
Mohamed Al Khaja @AmbAlKhaja
52K Followers 188 Following Ambassador of the United Arab Emirates to Israel
Uri Shaked @UriShaked
6K Followers 2K Following Maker ◆ Voiding warranties at @WokwiMakes ◆ Keepin' it Chippin' at @TinyTapeout ◆ What I'm doing now? https://t.co/q9mIBsJVzS
Strange Parts @strangepartscom
48K Followers 336 Following Adventures from the technological fringe. Join my newsletter to receive wonderful tidbits I find along my journey - https://t.co/94gknrtkbc
vmalloc @vmalloc
302 Followers 161 Following
lcamtuf @lcamtuf
40K Followers 499 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
Shahar Tal @jifa
6K Followers 1K Following A father and hexdump tattoo owner. Opinions are my own, except when they are my wife's. he/him.
Matthew Garrett (@mjg... @mjg59
27K Followers 273 Following Not here. Fedi: @[email protected] Bsky: @mjg59.eicar-test-file.zip Signal: @mjg.59 Blog: https://t.co/CVivdtMBWe
James Forshaw @tiraniddo
49K Followers 336 Following Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. Mastodon: @[email protected]
spurdo @spurdoethtoken
3K Followers 14 Following SPURDO COIN REEDY TO RISE LIKE NO TOMORRO! SPURDO IS DA TRU OG MEME AND FINALLY REEDY TO SHAKE DE SPACE! https://t.co/BdmV888JdS
Travis Goodspeed @travisgoodspeed
26K Followers 4K Following Merchant of Dead Trees and Licensed Proselytizer of the Gospel of the Weird Machines with Pwnage, PoC, and Secular Rock.
Eldad Rudich @d3bu9
237 Followers 435 Following Founder and CTO - Daylight Security. Cybersecurity, AI and everything in between
Alex Ionescu @aionescu
47K Followers 2K Following Chief Technical Innovation Officer @crowdstrike. Windows Internals author and trainer. He/Him. RTs are not endorsements, opinions are my own.You might like
GreenAvenger02
@GAvenger02
114 Followers
Bar-El Tayouri
@BarelTayouri
115 Followers
Idan Dardikman
@IDardikman
2K Followers
Alon Shakevsky
@shakevsky
120 Followers
Tamir Bahar
@tmr232
1K Followers
Amirshk
@amirshaked
130 Followers
Oded Ben Dov 🧬🧙...
@odedbendov
177 Followers