why is it doooooown

>>105581037 (OP)

>>105581037 (OP)
>Yesterday, a threat actor claimed to have breached cock[.]li using the latest RCE vulnerability affecting RoundCube (which cock[.]li uses).

>The leak appears to be authentic, containing data on approximately 1,023,800 users (dating from 2016 to 2025) and around 93,000 contacts.

>The compromised data does not include passwords or plaintext emails, but it does contain names, email addresses, and login attempt timestamps.
https://x.com/ReyXBF/status/1933555211185819835

>>105583016

>>105582963
Damn. This is sad.

>>105583016
ah yeah, xss. Famous forums where skids can exchange their 'extraordinary' python scripts to hack the school wifi lol

VINCEEEEEEEEEEEEEEEENT AAAAAAAAA

>>105583562
>The new certificate was issued on April 16
>The warrent canary hasn't been updated since April 21 https://cock.li/canary.asc.txt
Vincent isn't here anymore, and the glowies couldn't be bothered to update the roundcube install

>>105583595
>there's a canary AFTER the renewed cert
Nothingburger, surely Vincent will post a new pgp signed message soon!

>>105583595
>Until further notice, THIS CANARY SHOULD BE UPDATED EVERY 72 HOURS. Under no
>circumstances should we let this canary go 96 hours without an update unless a
>PGP-signed message changes the schedule.
oh nyo

>Written in: PHP
No one could have predicted this.

>>105585232
>The bug stems from unsanitized $_GET['_from'] input, enabling PHP object deserialization and session corruption when session keys begin with an exclamation mark.
>The flaw, which impacts Roundcube versions 1.1.0 through 1.6.10, spanning over a decade
>Shortly after the patch was released, hackers reverse-engineered it to develop a working exploit, which they sold on underground forums.
https://www.bleepingcomputer.com/news/security/over-84-000-roundcube-instances-vulnerable-to-actively-exploited-flaw/

>still down
owari da

>no one on /g/ even cares anymore
what happened

>>105583016
lmao

>>105587318
friday

>>105583016
How exactly do you expect someone to send you over $100k on a pinky promise you'll hand over a bunch of mostly useless metadata? Do these guys use escrow or something?

Is Vincent kill? Why no tweet or blogpost

>>105587318
>>105588475
cock.li has long been seized by the feds, vincent is no more

What happened to piss mail?

>>105588966
Nothing? Looks up to me

>>105588977
Hey it's working! I'll have to try it on my pc. It and cock wasn't working and I tried brave and chrome

>>105581037 (OP)
Right after they returned the nigge.rs domain, lol. And get rekt, for anyone who uses a meme email service named cock.li seriously.

>>105589284
what are you using your 'serious' email for faggot receiving orders from your boss? end your life.

>>105588586
it's over

>>105583024
what is this cracking webforum

>>105581037 (OP)
Why are you using this service without configuring a male client to fetch and send the emails? Are you people really using the web browser interface? It still works for me.

>>105591931
airmail.cc isn't working for me, which domain is working for you

>>105592022
Airmail.cc

>>105583016
Oh no no fellow users of an email address with cock in the name

>>105587558
Usually grey market brokers from what I understand. They're trusted enough by both sides and would lose all credibility otherwise

>>105581037 (OP)
@national.shitposting.agency
o7

>>105592168
You know they offer like 15 different domains right

isn't this a honeypot?

>>105591931
can confirm my cockmail still works

>>105592470
All email is a honeypot. All email traffic goes through the Utah datacenter.

>>105583016
>but it does contain names, email addresses, and login attempt timestamps
>34790234908723 failed login attempts for peepeepoopoo@nigge.rs

>>105593692
>for that i ask between 1 BTC or 2 BTC, ok)))
>spasiba harasho

>>105593764
kek

>>105583016
no one is gonna pay 1 btc for that

>>105583051
are you stupid or retarded (or both)?

>>105593692
>>105593764
putinbros how do we recover