CatKat13

Contrary to MAGA’s meltdown…

Nobody at the “Hands Off!” protest:
– Stormed a Capitol
– Smeared anything on walls
– Burned Teslas
– Looted stores
– Got paid to show up

Crazy, right?
A protest without cosplay or chaos.
Just real people wanting real change

8 weeks ago, MAGA screamed for lower grocery prices. Today they have been convinced to celebrate a recession. You can't fix fucking stupid

High Vulnerable JS Library Description The identified library appears to be vulnerable. URL https://www.tesla.com/_flysystem/s3/js/is gsA9PO6-BpnT3SIk_dFbw47XyxPYAEdI3WOa-2wGsvQ.js Method GET Parameter Attack Evidence $ VERSION=*1.0.2",$.BROWSER=R([u,f,"major*]).$.CPU= Other Info The identified library ua-parser-js, version 1.0.2 is vulnerable. CVE-2022-25927 https://github.com/advisories/GHSA-fhg7-m89q-25r3 https://nvd.nist.gov/vuln/detail/CVE-2022-25927 https://github.com/faisalman/ua-parser-js/commit/a6140a17dd0300a35cfc9cf1999545f267889411 https://github.com/faisalman/ua-parser-js https://github.com/faisalman/ua-parser-js/ security/advisories/GHSA-fhg7-m89q-25r3 https://security.snyk.io/vuln/SNYK-JS-UAPARSERJS-3244450 URL https://www.tesla.com/sites/default/files/js/js_-D7OHetwlgoEm9eEhtGhdMNcoqWlc_ NVmCtZ7_9BoRQ.js Method GET Parameter Attack Evidence /*I handlebars v2.0.0 Other Info The identified library handlebars, version 2.0.0 is vulnerable. CVE-2021-23369 CVE-2019-20920 CVE-2019-19919 CVE-2021-23383 CVE-2015-8861 https://github.com/wycats/ handlebars.js/commit/cd38583216dce3252831916323202749431c773e https://github.com/wycats/handlebars.js/blob/master/release-notes.md#v453---november-18th-2019 https:// github.com/advisories/GHSA-3cqr-58rm-578 https://github.com/advisories/GHSA-q42p-pg8m-cqh6 https://github.com/wycats/handlebars.js/issues/1495 https://github.com/handlebars-lang/handlebars.js/pull/1633 https://nvd.nist.gov/vuln/detail/CVE-2021-23369 https://github.com/wycats/handlebars.js/blob/master/release-notes.md#v430--september-24th-2019 https:J/ github.com/wycats/handlebars.js/pull/1083 https://github.com/advisories/GHSA-g9r4-xpmj-mj65 https://nvd.nist.gov/vuln/detail/CVE-2021-23383 https://snyk.io/vuln/SNYK-JS- HANDLEBARS-174183 https://nvd.nist.gov/vuln/detail/CVE-2019-20920 https://github.com/advisories/GHSA-2cf5-4w76-r9qv https://www.npmjs.com/advisories/1316 https://github.com/ advisories/GHSA-

Untitled Session - ZAP 2.16.1 File Edit View Analyse ATTACK Mode Report Tools @ Sites Import 国 Contexts • Default Context • HUD Context Sites -J https://location-services-prd.tesla.com https://digitalassets.tesla.com https://cua-chat-ui.tesla.com HU http://www.tesla.com http://tesla.com https://www.tesla.com - https://tesla.com Export Online Help Quick Start → Request - Response 6 Requester Header: Text v Body: Text НTTP/1.1 200 0K Content- Type: application/javascript ETag: pUWCOrcaGGT4ML -BZR3WEAF fhL87sc Iz5Yq99t2EC7o Last-Modified: Wed, 02 Apr 2025 22:27:44 GMT X-UA - Compatible: IE=edge Content -Language: en X-Generator: Drupal 9 (https://www.drupal.org) : X-Cache-UUID: Cache -Control: max-age=300 _ Script Console X Break i History * Search m Alerts s Li Output > Ru Advanced SQL Injection - Microsoft Access bo Ju Advanced SQL Injection - Microsoft SQL Serve Ru Vulnerable JS Library (2 • GET: https://www.tesla.com/_flysystem/s3 GET: https://www.tesla.com/sites/default/f Ri Absence of Anti-CSRF Tokens > Fu Content Security Policy (CSP) Header Not Set packground=m.getAttribute("data-placeholder-background")) ;return{observe: function) {for (var e=o(n this.setUA=function(e) {return r=typeof e===c&&e.length>255?F(e,255) :e,this},this.setUA(r),this};$ A Content Modified Active Scan| WebSockets * Spider + Vulnerable JS Library URL: https://www.tesla.com/_fysystem/s3/s/js_gsA9PO6-BpnT3SIK_dFbw47XyxPYAEdI3WOa-2wGsvQ.js Risk: Fu High Confidence: Medium Parameter: Attack: Evidence: $. VERSION="1.0.2", $.BROWSER=R ([u,f,"major"']), $.CPU= CWE ID: 1395 WASC ID Alerts - 14 PU 30 Main Proxy: localhost:8080 ourrent Status 00 80 01 0020 #0 #0 00 *0 @o

#Anonymous has just breached Tesla systems during #OpMusk compromising file systems. Vulnerabilities have been found in the JS library which is responsible for pre written code. Things are about to get interesting #ElonMusk Anonymous is still coming

The White House v @WhiteHouse ICE 24/7 TIP LINE E < 866-DHS-2-ICE (866-347-2423) 7:42 PM • 4/6/25 • 1.3M Views 1.2K L, 8.1K 27K Follow 3.7K

Flood those lines
#DeportElonMusk

Feeding and housing the poor will do more to reduce crime than any amount of punishment ever will.

@memtwitter.bsky.social pretending to be an Anonymous account, selling for $100 now that the account has hit almost 18,000 followers.

We've mentioned "fake" Anonymous accounts before. Unfortunately this one is yet another example. Kindly lend a hand and report it. Nobody who runs a legitimate Anonymous account, would EVER sell their social media presence. @youranonriots.bsky.social @youranona.bsky.social @puckarks.bsky.social

Just so you understand,

the USA will never be the same.

Our global standing will never be the same.

We may, in time, be able to repair some of this shit.

But it will never be the same.

the Dunkin’ logo has never felt more accurate

Close-up of cherry blossoms leaves taken March 28, 2025, the first day of “peak bloom” for the trees along the Tidal Basin in Washington, D.C. Credit: National Park Service.

The cherry blossom trees along the Tidal Basin in Washington, D.C., have officially reached peak bloom!

Take a peek 👓 (not peak!) at the blooms pictured here, taken today (3/28) by the National Park Service.

Visit nps.gov/cherry for more.

Well, they lied. Obviously.

Predictable outcome: Judge Boasberg rejects Trump administration call to rescind his restraining order, saying the Venezuelans marked for deportation under the Alien Enemies Act are likely to win — because they are entitled to individual hearings/due process. ecf.dcd.uscourts.gov/cgi-bin/show...

White power

Tesla server down

Tesla servers down

#Anonymous attacking Tesla servers currently

35.85.174.122

54.76.135.36

83.243.247.138

These are Tesla servers, each server is used for one purpose, those are now broken #OpElonMusk
HⒶcKeᴅ By KʀokeᴛⒶɴⒶᴛoriO

list of known Anonymous accounts on Bluesky... @youranonnews.bsky.social @youranonriots.bsky.social @anonopsunited.bsky.social @youranona.bsky.social @anonymousgermany.bsky.social @youranonart.bsky.social @thestripesgirl.bsky.social @opmentalhealth.bsky.social @anonymoushatewatch.bsky.social @oplove.bsky.social @anontroyano.bsky.social @anon2world.bsky.social

There's been a significant increase in "Anonymous" accounts here over the past couple months. This screenshot is from a YAN post a few months ago, when a number of established/well-known Anonymous accounts became active here. It's still an accurate list and can be used as a guide of who to follow.

The fight against fascism, MAGA, and Musk isn't only a technical one. We need people to call and write their federal, state, and local representatives to push back on Trump and DOGE policies. Don't buy good & services from companies that support Trump & Musk. These things work!

A Large Anti-Trump March in DC Is Scheduled for April 5 - Washingtonian Indivisible is one of the groups behind the march, which will take place on the Washington Monument grounds.

Protest on April 5th in Washington DC
www.washingtonian.com/2025/03/17/a...

Moscow
Agents
Governing
America

ACLU's response

"If the government’s position is that it will not under any circumstances disclose to the court highly relevant information regarding whether it *deliberately violated a federal court order,* there is no good reason why it should not explain why it believes its position is lawful."

ACLU Lee Gelernt to a judge over the Trump admin's response to Judge Boasberg's order:

"There has been a lot of talk the last couple of weeks about a constitutional crisis. I think we’re getting very close to that."

Judge Boasberg dispatches with Trump DOJ's claim that he had no jurisdiction once the planes were out of US airspace:

"The problem is, the equitable power of United States courts is not so limited."

Judge Boasberg presses the DOJ lawyer on what the govt could have done with a ruling they believed to be unlawful: appeal or seek to modify it.

“Isn’t then the better course — to return the planes to the United States and figure out what to do, than say, ‘We don’t care; we’ll do what we want’?”

The hearing over the Trump admin's response to Judge Boasberg's order about the flights to El Salvador has ended.

Judge Boasberg orders further briefing by noon tomorrow before deciding how he will proceed.

It's open both in person and through a telephone audio line:

"The hearing will proceed by videoconference for the parties and by telephone for members of the public. Toll free number: 833-990-9400. Meeting ID: 049550816."

🇺🇲

“Illegal immigrant” was their first success.

Now comes
“Illegal boycott”
“Illegal protest”
“Illegal votes”
“Illegal posts”

Until the “illegal” is you. #3E

Not 100% verified but looks very likely. Dark Storm Team has taken credit for disrupting Xitter today. Operation DreadNought is calling for digital disruption and physical protest. If I could bake cookies for these white hats I would.
opdreadnought.com
#OpDreadNought

174 police officers were injured that day. 5 people died.