Me: Threat-hunting rare DNS lookups in a corporate network. Confluence: https://www.google.com/search?&q=%22atlassian-domain-for-localhost-connections-only.com%22 …pic.twitter.com/pse4VwORiZ
U tweetove putem weba ili aplikacija drugih proizvođača možete dodati podatke o lokaciji, kao što su grad ili točna lokacija. Povijest lokacija tweetova uvijek možete izbrisati. Saznajte više
Wait... are you serious? They... actually embed the private cert somewhere? I was just laughing at the domain name.
Yes, it happens sometimes, as soon as someone pulls out the key the CA is required to revoke it. They probably did it to avoid mixed-content warnings, as you can probably guess... it's not the correct solution. Anyone using this app is vulnerable to trivial MITM 
Reading the documentation is my favorite way to find vulnerabilities.
Docs: “See, it works like this.” Me: “I sure hope not.”
all the best companies report 0 days in their products on their own support sites 
This whole thread 


Wait. How is it dropping a zero day if it's in their public docs? Now I'm confused. Regardless, right on with the CVE!
Or did you ? 
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.