🎙️ Welcome to the Hack Responsibly Podcast! A new series hosted by VP Research @kfosaaen. First guest: Director of Social Engineering Patrick Sayler discusses real-world stories, MFA fatigue, and device code phishing. Listen to the full episode! https://t.co/5lQDnn3zAg

Immerse yourself in the pentesting world and join NetSPI University – a 6-month training opportunity in Minneapolis. Apply today to get hands-on experience with penetration tests & the opportunity to work on web application customer projects! https://t.co/rXgDNdiK0v

Read our new blog post written by @kfosaaen: Decrypting VM Extension Settings with Azure WireServer https://t.co/nuROLXAQfU Karl dives into leveraging the Azure WireServer service to decrypt protected settings, offering scripts for both Windows & Linux VMs.

Think bug bounty programs are just about software vulnerabilities? Think again. https://t.co/EFWLyOhKFE

Want to start your career in #pentesting? Join NetSPI U to get hands-on penetration testing experience and work on web application projects. Apply today: https://t.co/FKNOu1om0o #Portland #Oregon #careers

Apply to become part of NetSPI University in Minneapolis, MN – a 6-month in-person training opportunity to get hands-on penetration testing experience and work on web application pentesting projects: https://t.co/VlEgYsfHZv

Join NetSPI University to get hands-on penetration testing experience and learn about NetSPI’s Proactive Security approach. Read our full job description and apply today: https://t.co/XGwXfJnunF #NetSPIUniversity #pentesting #career #hiring

From phishing emails to impersonation tactics, attackers are constantly finding new ways to exploit human behavior. Read about real-world social engineering stories that highlight the tactics used by threat actors. https://t.co/6QMbZmTU1w #cybersecurityawarenessmonth

Can AI write secure code? We put it to the test. Our Director of Technical Enablement, Mel Miller, shares the results of our latest experiment: building & testing a web application coded almost exclusively by AI. Read the full analysis here: https://t.co/CMWlLnolry

Today we celebrate International Women in Cyber Day—honoring innovators, leaders, & trailblazers driving cybersecurity forward. Thank you to the women protecting our digital world & inspiring the next generation of talent. #womenincyber #internationalwomenincyberday #pentesting

New research from NetSPI from @kfosaaen & Thomas Elling reveals how Azure tenant IDs leaked through Entra ID authentication maps cloud resources to their owners. Check out the new ATEAM tool for automated discovery. Full technical breakdown: https://t.co/VKUJiDtiTt

New Azure App Services security research by NetSPI's @kfosaaen TL;DR: Users w/ Contributor permissions can extract & decrypt authentication tokens to impersonate other users accessing the application. Read more: https://t.co/YJt36AFZte #Azure #CloudSecurity

New Vuln Research: NetSPI Principal Consultant Ceri Coburn exposes how Forescout SecureConnector agents can be hijacked via a named pipe vulnerability (CVE-2025-4660), turning endpoint security tools into attacker-controlled C2 channels. Read more: https://t.co/BYe2CjiWHk

NetSPI Security Consultant Mayuri Bochare has published an insightful deep-dive on securing Java Spring applications through code review. 👉 Read the full article: https://t.co/TVEm9zW3Jw #proactivesecurity #JavaSecurity #SecureCodeReview

NetSPI Principal Security Consultant Jason Juntunen recently published findings on a Remote Code Execution vulnerability in SailPoint's IQService component. 👉 Read the full technical breakdown: https://t.co/wPrCglC58X #proactivesecurity #VulnerabilityResearch

New NetSPI research by @kfosaaen reveals Azure Load Testing attack vector via JMeter/Locust configs. Read more: https://t.co/EGdDwcsNrn

Microsoft Defender for Identity vulnerability (CVE-2025-26685) allows unauthenticated attackers to capture Net-NTLM hashes and potentially gain AD access. Security tools can become attack vectors - understanding this risk is crucial: https://t.co/mQGrn7tDNo

NetSPI's @PANTH13R and Larry Trowell developed RayV Lite—a low-cost laser fault injection tool that makes advanced hardware security testing accessible beyond nation-states using open-source hardware & inexpensive IR-leaking lasers. ➡️ https://t.co/13uoSiH1ON

⚡️ Introducing our latest e-book, Continuous Threat Exposure Management (CTEM) For Dummies, NetSPI Special Edition – your ultimate intro to #CTEM! Dive into the world of #proactivesecurity with this comprehensive guide. Get your free copy now ⬇️ https://t.co/SkNLK5wIcR

Read the details on how multiple arbitrary SYSTEM file delete flaws (CVE-2025-23009, CVE-2025-23010) can be exploited for privilege escalation. ✅ SonicWall has patched these issues in NetExtender v10.3.2 https://t.co/mtiFvkrzmB