Introducing Riverguard 🏞️💂 A new security tool for Solana program deployers... 🧵 https://t.co/LGgTiXA0lj

Heading to @hack_lu? 🔐 Our colleague Felipe will discuss how partial emulation and DFA can be used to study a legacy version of Widevine L3, Google's software-based DRM. ➡️ Dive into the past to strengthen future DRM security. 🗓️ Oct 23 at 2:15pm https://t.co/5hMljQ8DfE

⚡️ Lenovo DCC contained an easy-to-exploit LPE: a weak ACL bug → local privilege escalation → full admin 🖥️👨‍💻 We break it down with reverse engineering, process tracing, & two exploit strategies. Read Part 1 of our deep dive: 👉

▶️ We built a proof-of-concept post-quantum FIDO authenticator. It's phishing- AND quantum-resistant. ✅️Bonus: it even outperforms Google's prototype. 👀 Full write-up here:

☀️Teamwork doesn't just happen at the desk. This week, our crew is in Mallorca, building ideas, strengthening bonds, and enjoying some well-deserved sunshine together.🌴 Great collaboration comes from trust, connection, and a shared good vibe✨

🔗 We're sponsoring the TUM Blockchain Conference 2025! @tbc_munich 🗓 Sept 11–12 📍 House of Communication, Munich We're giving away 10 free tickets 🎟️ Want one? 👉 Comment why you want to attend Winners will be announced soon. Don't miss it!

Very proud to support the TUM Blockchain Conference taking place September 11-12, 2025.

Stopping sandwiching requires more than patches, it requires principles.

Note that this isn't just savings in P-Token instructions. It's savings relative to the overall throughput of the blockchain, failed and vote transactions included. IBRL!

From 2025-08-03 up to and including all of 2025-08-11, using P-Token would have saved a total of: - 8.90T CUs with logging enabled, - 9.14T CUs with logging disabled. This constitutes an impressive saving of 12.0% and 12.3% of TOTAL used blockspace respectively.

Using our infrastructure at https://t.co/LGgTiXzsvL, we executed every mainnet transaction from the past few months twice, once with the original Token Program, and again with P-Token. We checked that the output does not differ, and also measured CU savings:

We've concluded our audit of P-Token, Solana's new token program build with Pinocchio. It promises impressive savings in Compute Unit (CU) usage. But what exactly does this mean in practice? We've investigated 👇️

Back from @BlackHatEvents & @defcon! 🎉 Our colleagues delivered insightful trainings on crypto hacking and binary exploitation and got amazing feedback from the crowd 🙌 Missed it? We offer tailored security trainings for companies too. Just reach out.

We reported a vulnerability in Parallels Client via @thezdi last year. 🔥 The issue (CVE-2025-6812) - now fixed: A privileged service searched for an OpenSSL config file in an unsecured location, enabling LPE. ➡️ Advisory here: https://t.co/snjiUw8gLt ☂️ Patch your systems!

🔧✨ On our company retreat this week, we're diving into hardware and protocol hacking: fingerprint sensors, smart locks, drones and Bluetooth speakers. A great mix of hands-on research, creative exploration, and team bonding over board games!🎲

We now have all the puzzle pieces to understand how the exploit worked. In GMX's contract structure, the normal flow of a position increase is as follows: The Position Manager is called by the keeper and triggers the position increase in the orderbook and vault. It then updates

3. Complicated cache design: Another component in GMX, the GlpManager, is responsible for minting or burning pool shares in the form of GLP tokens. To accurately price these tokens, it has to track profits from shorts which the protocol has generated but not yet realized. This

2. Loose access restriction: The vault's increasePosition instruction, which allows an increase in short positions, is only allowed when "leverage is enabled". This is a global flag that the Position Manager sets to true before calling the vault, and back to false after

Let's start with 1, the control flow hijack: Users can register the intent to decrease their position with GMX. The actual execution of this is done by a "keeper", an off-chain bot that is the only one that can directly modify positions. In this case, the attacker caused the