
Neodyme
@Neodyme
Followers
5K
Following
369
Media
78
Statuses
338
We secure software with deep-dive audits, cutting-edge research, and in-depth trainings. Secure your solana program with Riverguard @ https://t.co/VmxVHzx2U2 🏞️💂
Germany
Joined August 2021
Introducing Riverguard 🏞️💂. A new security tool for Solana program deployers. 🧵.
13
71
95
We reported a vulnerability in Parallels Client via @thezdi last year. 🔥 The issue (CVE-2025-6812) - now fixed: A privileged service searched for an OpenSSL config file in an unsecured location, enabling LPE. ➡️ Advisory here: .☂️ Patch your systems!.
neodyme.io
The AppServer service installed with Parallel Client searches for an OpenSSL config file in an unsecured location, which allowed low privileged users to escalate their privileges.
0
5
12
Think your speech model is secure?.It might be quietly leaking what it was trained on. In a new blog post, we explain membership inference attacks and why they matter for cyber security experts. 🔗
neodyme.io
This post explores a recent research paper on membership inference attacks targeting Automatic Speech Recognition (ASR) models. It breaks down how subtle signals like input perturbation and model...
0
3
8
Meet our colleagues at the "Festival der Zukunft" at @DeutschesMuseum in Munich. Don't miss our talk on July 3 at 4pm! .Check it out here:
0
1
6
Cybersecurity needs more than tech, it needs people who care. ❤️.That's why Neodyme is committed to supporting Nachwuchsförderung IT-Sicherheit e.V. not just financially, but with time, energy, and heart from our team.
Congratulations to the winners of the German Hacking Championship 2025:.1️⃣ Team KuK Hofhackerei.2️⃣ Team Organizers.3️⃣ Team Boomers :-).Incredible work by all teams: 33 hours of pure teamwork, and tech brilliance. 👏
0
1
3
We're thrilled that Nachwuchsförderung IT-Sicherheit is organizing the @DHM_ctf 2025! 🇩🇪🧠.It's a fantastic event for the next generation of cybersecurity minds, we can't wait to see what they bring to the challenge! 💙.
💥 It’s ON! The German Hacking Championship 2025 kicks off now. Top teams from across Germany and beyond are tackling tough challenges in this 33-hour CTF marathon. 🧠💻. Best of luck to all teams! 🛡️
0
0
2
🏆 Throwback to Pwn2Own Toronto 2022: "Routers are just Linux boxes with antennas." So we treated one like it. At #Pwn2Own 2022, we turned a Netgear RAX30 into a stepping stone for a full LAN pivot. Story:
neodyme.io
Three years ago, Neodyme took aim the "SOHO Smashup" category at Pwn2Own Toronto 2022, targeting a Netgear RAX30 router and an HP M479fdw printer. We successfully gained remote code execution on both...
0
6
28
Part 3 of our Riverguard series is out! .We're looking under the hood at the "fuzzcases" Riverguard uses to catch real-world bugs in Solana smart contracts. Still shocked how often some of these pop up. Check it out 👉
neodyme.io
Riverguard, the first line of defense for all Solana contracts
0
6
8
At #Pwn2Own Ireland 2024, we successfully targeted the SOHO Smashup category. 🖨️.Starting with a QNAP QHora-322 NAS, we pivoted to the Canon imageCLASS MF656Cdw - and ended up with shellcode execution. Read the full vulnerability deep dive here 👉
neodyme.io
This blogpost starts a series about various exploits at Pwn2Own 2024 Ireland (Cork). This and the upcoming posts will detail our research methodology and journey in exploiting different devices. We...
2
15
67
Day 2 at @offensive_con has just started and our colleagues Kolja Grassmann and Alain Rödel are right in the middle of it! 🔥.Can't wait to hear the insights they bring back from some of the sharpest minds in offensive security. If you're there too, make sure to say hi!
0
4
22
From iframes and file reads to full RCE. 🔥. We found an HTML-to-PDF API allowing file reads and SSRF - then chained it into remote code execution via a Chromium 62 WebView exploit. 👉 Read the full write-up here:
neodyme.io
In a recent engagement, we found an HTML to PDF converter API endpoint that allowed us to list local directories and files on a remote server. One of the PDF files we created, revealed that the...
1
29
74