Vin01’s Blog

How are cyber criminals rolling in 2025?

Abusing title reporting and tmux integration in iTerm2 for code execution

Abusing url handling in iTerm2 and Hyper for code execution

You can not simply publicly access private secure links, can you?

SSH ProxyCommand == unexpected code execution (CVE-2023-51385)

Insecurity of Docker-machine as a virtual machine manager

Self-hosted github actions using docker machine and gitlab runners

Argument injection in Hagrid keyserver

Unauthenticated Gitlab SSRF