Even mentalist Lior Suchard thinks it's time to add a little magic to your life and join our cyber challenge - The Kusto Detective Agency is back with Call of the Cyber Duty – are you ready to crack the case? Register now:

Cyber wizards, start your engines and assemble your squads: The Kusto Detective Agency is back with Call of the Cyber Duty – a brand new competition that’ll push your skills to the limit. And yes, this showdown comes with insane prizes. Register now:

Cyber vibes, sharp minds, and non-stop action. Huge thanks to the BlueHat IL Class of 2025 — you aced it.

We’re wrapping up BlueHat IL with a brilliant talk by our very own Efim Hudis Keynote: "The 3 Laws of Robotics and How (Not) to Build Secure AI Agents" — from understanding The Intent, through Least Agency Principles, all the way to Preparing for Shift-Up, and beyond.

Is Your Private Repository Actually Public? @BLanyado & @DrorOphir are taking us on a wild journey full of shocking discoveries and important insights, that began when they encountered a post claiming, "ChatGPT has access to private repository data.

Arad Cohen just blew our minds  with a groundbreaking talk on "Breaking TLS with LLMs"! By combining fuzzing with Large Language Models, he's pushing the boundaries of vulnerability detection in TLS implementations. The future of cryptographic security is here.

Netanel Ben Simon & Meir Bloya just took us on a deep dive into Windows boot security at #BlueHatIL! From UEFI to boot chain vulnerabilities, they uncovered key findings on securing the boot process and shared their innovative fuzzing approach. What a session!

Security researchers @avi_lum & @GalElbaz1 just dropped a bombshell at BlueHatIL! They revealed a zero-day vulnerability exposing localhost services to remote attacks, showing how Chrome and others are at risk—and why Microsoft Edge is the unsung hero in protecting you!

Time to hack like a robot! Omer Nevo guides us through the logic of LLM-based vulnerability hunters—exploring what they excel at, where they fail spectacularly, and how they've evolved over the past two years.

Is this some strange Breakfast Club reboot or just our BlueHatIL design for the year? Mystery of the century. Just kidding — it’s totally option B.

Vulnerability Researcher @yarden_shafir takes the BlueHatIL stage to explore surprising ways kernel pointers can still be accessed, even with modern security measures in place. From ASLR to event logs, she dives into the creative techniques researchers use to uncover new attack

Day two of #BlueHatIL kicks off with a powerhouse keynote by @cglyer, unravelling the dark evolution of ransomware. From profit-driven gangs to state-aligned hackers using it as a smokescreen for cyber warfare - where extortion meets espionage and the stakes get higher.

Thanks @Adrian__T for an awesome talk 🙌🏻.

Kicking off Day 2 of #BlueHatIl! On the menu: epic talks, tough challenges, special surprises - and pita with chocolate spread. Don’t judge us.

Bluehat IL day one was a blast! Can’t wait to see you tomorrow for more awesome talks and surprises!

The one and only @gentilkiwi is back at BlueHatIL with a special keynote: Everything You Never Dared to Ask About Mimikatz—including the infamous question: “Did he really write it just to learn C”?

Ring, ring… who’s hacking? @inbarraz cracked open Israel’s iconic Telecard payphones—literally—unraveling their 80s-era tech and uncovering secrets hidden in their embedded systems. A deep dive into nostalgia, hacking, and a touch of telecom history.

Let’s be Authentik - or let attackers do it for you? Maor Abutbul exposed how flaws in open-source IdPs like Keycloak and Authentik can hand over full system control. From ORM Leaks to web race conditions, when your IdP falls, so does your entire organization.

Now you see him, now you don't! @oridavid123 takes us deep into VBS Enclaves, a technology that isolates a region of a process's memory, making it completely inaccessible to other processes, the process itself, and even the kernel.

Adrian Tiron, Co-Founder of FORTBRIDGE, took the BlueHat IL crowd on an exciting ride, turning a theoretical attack into a real-world threat by exploiting reduced seed entropy in Bash $RANDOM. He showed how attackers can predict random values, compromising passwords and tokens.