Piotr Bazydło
@chudyPB
Followers
4K
Following
4K
Media
43
Statuses
959
Principal Vulnerability Researcher at watchTowr | Previously: Zero Day Initiative | @[email protected]
Joined October 2017
My OffensiveCon 2024 talk about Exchange PowerShell Remoting is available. Includes a chain of 3 vulns to RCE (file write + file read + DLL load). https://t.co/dDdhAmD0yA
3
102
296
Happy Friday - join us on today’s journey through Monsta FTP
labs.watchtowr.com
Happy Friday, friends and.. others. We’re glad/sorry to hear that your week has been good/bad, and it’s the weekend/but at least it’s almost the weekend! What’re We Doing Today, Mr Fox? Today, in a...
1
24
70
Wrapping up #Pwn2Own Ireland 2025. The three day event saw some amazing exploits and traumatic failures. We laughed, we cried, we shouted. Check out the highlights and see who won Master of Pwn. #P2OIreland
https://t.co/WW45Lkzj3d
1
8
34
First and foremost, Thank you God for all of this. Second, our eternal respect to the amazing teams @thezdi and @TrendMicro for making this competition possible! Third, thank you to the film crew (blackrabbitint) working with zdi to make all of those great videos of us!
$1,024,750 - 73 unique bugs - a week of amazing research on display. #Pwn2Own Ireland had it all. Success. Failure. Intrigue. You name it. Congratulations to the Master of Pwn winners @SummoningTeam! Their outstanding work earned them $187,500 and 22 point. See you in Tokyo for
29
17
283
📢 Confirmed! @SinSinology and @_mccaulay of @SummoningTeam used a pair of bugs to exploit of the Synology ActiveProtect Appliance DP320. That rounds their day off with another $50,000 and 5 more Master of Pwn points. (And clean that screen!) #Pwn2Own
1
8
83
A successful attempt against the Home Assistant Green, albeit a collision 💥 with @stephenfewer 😅
We have our 1st bug collision of #Pwn2Own Ireland. McCaulay Hudson (@_mccaulay) of Summoning Team (@SummoningTeam) successfully exploited the Home Assistant Green with 4 bugs - 1 unique SSRF and 3 collisions. They still earn $12,500 and 2.5 Master of Pwn points. #P2OIreland
2
1
28
I recently had the opportunity to talk about Evilginx on the Click Here podcast from The Record. I reflected on the moral considerations surrounding the double-edged nature of developing offensive security tools. Enjoy the Frankenstein reference 😅 https://t.co/41jKsfq3sB
therecord.media
Polish developer Kuba Gretzky wanted to prove that multi-factor authentication wasn’t foolproof. He succeeded — maybe too well. What happens when a cybersecurity warning becomes the threat itself?
2
18
65
yIKEs, is it 2025? Join us today as we dive into WatchGuard’s CVE-2025-9252, a stack-based buffer overflow in the IKEv2 service. https://t.co/jlKSM8e6bb
labs.watchtowr.com
Note from editor: Before we begin, a big welcome to McCaulay Hudson, the newest member of the watchTowr Labs team with his inaugural blog post! Welcome to the mayhem, McCaulay! Today is the 8th of...
3
45
136
Inspired by tweet from our new YouTube subscriber I looked at our statistics. We have passed 2 million views and have over 65k subs. It’s impressive for me considering we only have 10 videos on our channel. My personal favourite is the DNS exploitation series. And yours?
5
7
63
Fun times with Telerik UI and DoS by default (it will hit for a long time I think). Sometimes it may lead to more fun, like RCE :) Gadgeting inspired by @pwntester, Oleksandr and @steventseeley
Today, we publish our analysis of CVE-2025-3600 that we discovered in Telerik UI, a prolific library used in hundreds of thousands of applications. Tagged as a Denial of Service vulnerability, today we go deeper and demonstrate RCE scenarios.. https://t.co/RzHmW1Mrgu
2
8
53
Today, we publish our analysis of CVE-2025-3600 that we discovered in Telerik UI, a prolific library used in hundreds of thousands of applications. Tagged as a Denial of Service vulnerability, today we go deeper and demonstrate RCE scenarios.. https://t.co/RzHmW1Mrgu
labs.watchtowr.com
Welcome back. We’re excited to yet again publish memes under the guise of research and inevitably receive hate mail. But today, we’ll be doing something slightly different to normal. “Wow, watchTowr,...
2
66
175
Crafting a Full Exploit RCE from a Crash in Autodesk Revit RFA File Parsing: Trend ZDI researcher Simon Zuckerbraun shows how to go from a crash to a full exploit - & he provides you tools to do the same, including his technique used to get ROP execution.
zerodayinitiative.com
In April of 2025, my colleague Mat Powell was hunting for vulnerabilities in Autodesk Revit 2025. While fuzzing RFA files, he found the following crash ( CVE-2025-5037 / ZDI-CAN-26922 , addressed by...
0
31
168
The watchTowr Labs team is back, providing our full analysis of the Oracle E-Business Suite Pre-Auth RCE exploit chain (CVE-2025-61882). Enjoy with us (or cry, your choice..) https://t.co/ffDKb723N6
labs.watchtowr.com
We bet you thought you’d be allowed to sit there, breathe, and savour the few moments of peace you’d earned after a painful week in cyber security. Obviously, you were horribly wrong, and you need to...
5
137
384
We just posted our AttackerKB @rapid7 Analysis for the recent Cisco ASA 0day chain; CVE-2025-20362 and CVE-2025-20333. The auth bypass appears to be a patch bypass of an older 2018 vuln. The buffer overflow is in a Lua endpoint, but unsafe native code operations allow a buffer to
attackerkb.com
On September 25, 2025, Cisco published advisories for two new vulnerabilities, CVE-2025-20362, and CVE-2025-20333, which are known to be exploited in-the-wild …
4
70
205
Happy Friday! Enjoy our analysis of CVE-2025-36604, a pre-auth Command Inj in Dell's UnityVSA that we discovered and reported in March. https://t.co/kawjpEH94m
labs.watchtowr.com
Welcome back, and what a week! We’re glad that happened for you and/or sorry that happened to you. It will get better and/or worse, and you will likely survive. Today, we’re walking down the garden...
0
41
113
Getting feedback like this makes it all worth it! 💜 Just finished teaching 4 days (32 hrs) of "Advanced .NET Exploitation" at RomHack (@cybersaiyanIT) 15 brilliant students, 16 CVEs, and plenty of pop-calc moments. See you in the next one... (to be anounced)
Just had .Net Exploitation Training from @SinSinology and it was great. A lot of real world targets covered and definitely makes appetite for more.
1
7
65
We've received credible evidence suggesting ITW exploitation of Fortra's GoAnywhere MFT CVE-2025-10035 since at least Sep 10th 2025. Sincere thanks to a friend who shared this info and trusted us to share it with the wider industry. Disappointing. https://t.co/TuwWNSmuj5
labs.watchtowr.com
We’re back, just over 24 hours later, to share our evolving understanding of CVE-2025-10035. Thanks to everyone who reached out after Part 1, and especially to the individual who shared credible...
0
30
74
CVE-2025-23298: Trend ZDI's @gothburz covers an RCE in the #NVIDIA Merlin Transformers4Rec library. He details the root cause and the patch to fix it. Finally, he highlights highlights several important lessons for the AI/ML security community.
zerodayinitiative.com
While investigating the security posture of various machine learning (ML) and artificial intelligence (AI) frameworks, the Trend Micro Zero Day Initiative (ZDI) Threat Hunting Team discovered a...
5
12
57
GoAnywhere MFT, CVE-2025-10035, conspiracy theories, quiet advisory updates and IoCs with no ITW exploitation. Welcome back. https://t.co/NgbQ0JU27q
labs.watchtowr.com
File transfer used to be simple fun - fire up your favourite FTP client, log in to a glFTPd site, and you were done. Fast forward to 2025, and the same act requires a procurement team, a web interf...
1
42
91
I've done small (but fun) .NET Framework research, and I found a new exploitation primitive (vulnerable behavior). In many cases, it may directly lead to RCE. I'll discuss it during Black Hat EU and I'll drop a paper afterwards 🫡 https://t.co/DexBZt048t
3
25
171