We have already received some incredible submissions for the 4th edition of @BSidesTirana . From hacking Machine Learning models to deep dives into Vehicle Security. The lineup is shaping up to be our best yet!. Think you’ve got a talk that belongs on that stage?.We’d love to

RT @midwestneil: Turns out you can just hack any train in the USA and take control over the brakes. This is CVE-2025-1727 and it took me 12….

RT @SinSinology: Another Falls! Fortinet PSIRT really needs to go out and touch grass ☠️

RT @retBandit: Come join us and learn how to attack AI platforms, model registries, training infrastructure, and backdoor models (and how t….

RT @the_yellow_fall: Fortinet released a critical patch for FortiWeb (CVE-2025-25257, CVSS 9.6). This unauthenticated SQL injection flaw al….

RT @filip_dragovic: Today MSRC fixed two vulnerabilities I reported a couple months ago. EoP in Windows Update service (affects only window….

RT @Horizon3Attack: Session keys and passwords aplenty, here’s our deep-dive for CVE-2025-5777, aka CitrixBleed 2. Apart from the normal ro….

RT @harmj0y: Happy Friday! @tifkin_ and I are happy to announce that we have cut the release for Nemesis 2.0.0 - check out the CHANGELOG fo….

RT @filip_dragovic: CVE-2025-49144: An elevation of privilege "vulnerability".Requirement: You need to execute installer as admin 🤣🤣🤣.

RT @nickvourd: @0x09AL on 🔥!

RT @FuzzySec: Really awesome research on abusing malicious browser extensions by @0x09AL at #OffensiveX2025 😍

RT @Oddvarmoe: Really interesting talk about browser attacks from @0x09AL at @TheOffensiveX

RT @chudyPB: And domain-level RCE in Veeam B&R fixed today (CVE-2025-23121). My first (and hopefully not last) CVE, where I'm credited toge….

RT @h4wkst3r: New research just dropped I'll be presenting at @WEareTROOPERS next week - Attacking ML Training Infrastructure.💥 Model poiso….

RT @Synacktiv: Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromi….

RT @TKYNSEC: Windows 11 24H2 broke a popular malware evasion technique! The Lloyd Labs self-deletion method now fails because of NTFS chang….

Oh you thought surprises were over for @BSidesTirana 2025 ?. This year, we’re bringing Sina Kheirkhah - Pwn2Own "Master of Pwn".(@SinSinology) to run a full-day workshop on Advanced .NET Exploitation based on his course that normally goes for €4,000. He’s been kind enough to

RT @_xpn_: New blog post is up! Stepping out of my comfort zone (be kind), looking at Meta's Prompt Guard 2 model, how to misclassify promp….

RT @BSidesTirana: Only 19 days left to submit your talk and join an incredible event centered around innovation and connecting with some of….

RT @SinSinology: Launching a student-only free workshop: ".NET Exploitation Basics" 🪲.If you're a student (or know one), let's write some d….