Has reliance on SSO left orgs with a single point of exploitation? Our latest research by @lacerenza_fra explores various IdP compromise scenarios as well as how to harden and detect attacks in @goteleport installations. #doyensec #teleport #security https://t.co/e7KmVUDIIN

We’re super excited to welcome Yassine Bengana (@cousky_) to the Doyensec team! 🎉 He’s bringing serious AppSec skills and great vibes — can’t wait to see the cool stuff we’ll break (and build) together 🔥 #AppSec #infosec #Doyensec

The #Doyensec team is back from another great retreat! This time we toured Ireland 🇮🇪 and even met a working 🐑sheep dog ! A great chance for our remote team to connect IRL. Also, a big thank you 🙏 to our tour guide Antonio! #security #appsec #remote

Going to be near Dublin this Wednesday (10/22)? come join #Doyensec for an evening of drinks ( 🍻/☕ ), networking, and great conversations about all things #appsec & #cybersecurity. RSVP here: https://t.co/A2xzoh1KSQ #Infosec #Pwn2Own #BSidesDublin #OWASPIreland #security

🚨 Details on a serious #vulnerability from our @MaitaiThe's research. An information disclosure in error messages allows a remote attacker to identify security tokens/credentials when #squid is used. Perfect for SSRF!🚨 #doyensec #appsec #security https://t.co/Bm0JTqv9rS

If you want, you can also RSVP via email at dublin@doyensec.com

Live in or passing through #Dublin enroute to #pwn2own ? If you're in #appsec join #doyensec to talk #security over drinks (🍺/☕️) Oct. 22nd! Want to talk about our job openings or your projects? That's great too! RSVP here: https://t.co/UFqVIRwGwd @BSidesDublin @owaspireland

In our final ksmbd research post, @73696e65 provides a detailed walkthrough for exploiting a local privilege escalation vulnerability. If you're interested in learning more about exploitation on modern systems - check it out! https://t.co/RPMvj0grOS #doyensec #appsec #security

🧞Your wish has been granted - the latest @pagedout_zine edition is out! In it, our @tell1c0 takes a quick look at #vibecoding, walking through the creation of an AI agent🤖. Check it out today! #doyensec #appsec #ai #Security https://t.co/s6279LYJzI

📢 Our latest blog post shows why VBScript’s Randomize + Rnd are terrible for cryptographic token generation. See how attackers can easily recover seeds and secrets. 🔗 https://t.co/YzWkvuudGN #doyensec #appsec #security #crypto

🚨Security Advisory🚨 Systemic SQL Injection vulnerability in pREST. Details from our @viktorot's bypassing the initial fix were also published: https://t.co/7wgJchnsGk #Doyensec #AppSec #Security #PostgreSQL #SQLInjection

🚨Security Advisory🚨 Systemic SQL Injection vulnerability in pREST! Initial report details published: https://t.co/HcMp9PxE77 #Doyensec #AppSec #Security #PostgreSQL #SQLInjection

We'd like to welcome our newest addition Marcelino Siles Rubia (@imarcex_)! Another success story from our #internship program! The future of #appsec is looking bright 😎 at #doyensec!

📢It's here! Part 2 of Norbert Szetei's (@73696e65) research into ksmbd. See how customized fuzzing & the appropriate sanitizers led to discovering 23 Linux kernel CVEs, including use-after-frees & out-of-bounds reads/writes. https://t.co/LmigwJtB2c #doyensec #appsec #security

📖Read about a real-world C# #cryptography vulnerability we've discovered in the wild in our latest blog post! No math required (unless you're into that sort of thing)! https://t.co/tV3LZ2oPRz #doyensec #appsec #security #csharp

Are you located in the US/EU? passionate about #appsec? Maybe you follow #bugbountytips or are an avid #ctf player and are ready to take the next step. If so, we're looking for our next #intern, so consider applying today - https://t.co/PGpjmTKxtA. #doyensec #security #internship

🚨Security Advisories🚨: multiple vulnerabilities in Retool (@retool), including host header injection and CSRF - discovered by Doyensec and the Robinhood (@RobinhoodApp) Red team! https://t.co/pGVzkxIlu3 https://t.co/r8YXQQj9Im #doyensec #appsec #security #retool #robinhood

Our latest 🚨Security Advisory🚨 includes multiple vulnerabilities affecting the immersed platform (@immersedXR). The findings include an RCE via Session Overwriting, an RCE via CSRF and a Privilege Escalation flaw. https://t.co/bnFgjIb9OF #doyensec #appsec #security

📢Just published - Our new white paper comparing @semgrep's Code and Community editions! We dove into both versions of this popular tool to see what the differences were and how they performed against each other. https://t.co/RLvHuupK06 #doyensec #appsec #security #semgrep

Several members of the @doyensec team are heading to @TumpiConIT 🇮🇹 for our Norbert Szetei's (@73696e65) presentation on his awesome ksmbd security research. If you're around, make sure to talk to @lucacarettoni & the team! #doyensec #appsec #TumpiCon https://t.co/DjJ5rB91Xm

🚀We have just released a new Security Advisory for @NASA's CFITSIO library 🛰️. Click the link for details on the Heap Overflow, Type Confusion, Out-of-Bound Writes and other vulnerabilities discovered by our @a_denkiewicz ! https://t.co/7X6YVBzhdo #doyensec #appsec #security