Eden 💀Chaos Incarnate

@[email protected]
169 Followers
130 Following
191 Posts
Goon @ SOC (DEFCON) || Former AppSec Village's Chaos Wrangler || Security Operations Analyst || Community Creator @ Digital Overdose || non-binary, they/them, your favorite themfatale🏴
My websitehttps://skelli.win/
My communityhttps://digitaloverdose.tech/
PronounsThey/them
Eden 💀Chaos IncarnateFeb 27

I'm back and coming in hot with a 0day!

Writeup here:

https://hadrian.io/blog/client-side-template-injection-in-gitblit

Client-Side Template Injection in GitBlit

A critical Client-Side Template Injection (CSTI) vulnerability exists in all released versions of GitBlit, a widely deployed open-source Java Git server.

Eden 💀Chaos IncarnateFeb 22

I hacked two websites using a Supabase backend. The results were catastrophic, with thousands of users PII leaked

https://skelli.win/posts/supabase-shenanigans/

Supabase Shenanigans | Skelli

Cyberpunk nonsense and writeups

Eden 💀Chaos IncarnateJan 1
internetarchiveDec 31
Power outage in San Francisco has taken archive.org offline. Back online as soon as possible.
Eden 💀Chaos IncarnateNov 24
RenNov 23

"Linux is too complicated for anyone"

Windows users:

#Linux #Microsoft #FuckAI #Windows11

Eden 💀Chaos IncarnateNov 24
BeyondMachines Nov 24

7-Zip vulnerability enables remote code execution through malicious ZIP files

A critical directory traversal vulnerability (CVE-2025-11001) in 7-Zip allows remote code execution on Windows systems when users open malicious ZIP files, with a public proof-of-concept exploit available since October 2025. Although patched in version 25.00 (July 2025), the lack of automatic updates means many systems remain vulnerable and require immediate manual upgrade to version 25.01.

**Update your 7-Zip software on Windows to version 25.01 or later ASAP. There's an vulnerability that is exploitable just by opening a malicious ZIP file. And there's a public exploit PoC, so criminals can just copy it in their attacks. Don't ignore this one**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/7-zip-vulnerability-enables-remote-code-execution-through-malicious-zip-files-k-o-8-v-x/gD2P6Ple2L

7-Zip vulnerability enables remote code execution through malicious ZIP files

A critical directory traversal vulnerability (CVE-2025-11001) in 7-Zip allows remote code execution on Windows systems when users open malicious ZIP files, with a public proof-of-concept exploit available since October 2025. Although patched in version 25.00 (July 2025), the lack of automatic updates means many systems remain vulnerable and require immediate manual upgrade to version 25.01.

BeyondMachines
Eden 💀Chaos IncarnateNov 24
abadideaNov 12
fixed it
Eden 💀Chaos IncarnateOct 18
Cat 🐈🥗 (D.Burch) Oct 18
 unattended laptops will be upgraded to the arch linux operating system 
Eden 💀Chaos IncarnateOct 18
#caturday
Eden 💀Chaos IncarnateOct 17
Tanya Janca | SheHacksPurple  Oct 17

My talk from @defcon is finally out! Watch 'Secure Code Is Critical Infrastructure: Hacking Policy for Public Good' here:
https://twp.ai/4is4i0

If you like it, please give it a thumbs up. 👍

Eden 💀Chaos IncarnateOct 17
Chilly  🛡️ Oct 17

Honestly the two resources I recommend the most often for privacy

Are
@privacyguides https://www.privacyguides.org/
and @eff 's Surveillance Self Defense https://ssd.eff.org

Privacy Guides

Established in 2021, Privacy Guides is the largest impartial, non-profit media outlet focused on finding privacy tools and learning about protecting your digital life.

Privacy Guides