1/6 What started as a routine 24-hour vulnerability research of PostHog turned into quite the rabbit hole... 🕳️🐇 I ended up finding a way to chain a simple SSRF, a ClickHouse Postgresql Table functions SQL Escape 0-day, and default DB credentials into a full RCE. It’s a fun

Want to learn more about our approach into auditing complex libraries and writing cool exploits? Attend @OSTIFofficial's meetup where our very own @Th3Zer0 and @suidpit will talk about the "Security Audit of OpenEXR" 🗓️: Dec 02 🕗: 20:00 CET RSVP:

can we please get the libxml2 and ffmpeg people some cold cash, lambo's and decent quality blow as a token of appreciation for all the ASAN splats we throw over the fence and want to have fixed pronto? I know one man's trash (CVE's) is another man's treasure, but we gotta respect

You’ve done everything right: least privilege, PAM solution deployed, users don’t even know passwords. What could go wrong? Paolo Cavaglià (@Paupu_95) from Shielder has the answer in his #TheSAS2025 talk, "Grand Theft Credential: Ransomware Gangs’ Wet Dream" 🏰 His team spent

Last week @Apple released MacOS 13.4 which contains a fix for a vulnerability @suidpit exploited to escape the Sandbox. Update now and stay tuned for the technical details! Ref: https://t.co/fSRCbM8WbQ

Except @TumpiConIT of course

A bit late but who cares. This week I was lucky enough to attend @1ns0mn1h4ck, and it was a great event, probably my new favorite conf

In Lausanne for @1ns0mn1h4ck? Don’t miss the chance to meet our very own @not4nhacker! If you're into cursed OAuth hacking techniques or breaking mobile apps, find a comfy spot -- you might be there for a while!

Hey hackers! We’ve started sending out the first invites — check your inbox! 👀 Didn’t get one? Take the fast track and submit a talk!

During a recent engagement @Mindlaess_ hacked his way through @vtigercrm which led to discover a privilege escalation and a SQL injection. Learn more in the dedicated advisories: - CVE-2024-42994 #sqli https://t.co/dRCKRNwFS0 - CVE-2024-42995 #privesc https://t.co/FyzBVR04xx

Back in December 2023 our researchers @Th3Zer0 @suidpit and @Mindlaess_ performed an audit sponsored by @awscloud and facilitated by @OSTIFofficial on boost. It resulted in 7 findings and 15 new fuzzers. The report is now public, check the details here:

We recently partnered with @OSTIFofficial to perform a security audit sponsored by @awscloud on @brefphp. The audit resulted in 5 findings promptly addresses by @matthieunapoli. The report is now public, check the details here:

Hey hackers - attending @nullcon? Pop to say hi and talk about AppSec and VR! You can find @smaury92 @Th3Zer0 @suidpit @not4nhacker around 🖖🏿

https://t.co/vgM1JExCiq

PoV: You try to submit a solution to a @Ch0pin challenge:

Ever wondered how to binary diff router firmwares to write n-day exploits? Learn how @Th3Zer0 and @suidpit combined unblob, binexport, ghidra, Qiling, and an Asus router to write an exploit for CVE-2023-39238. The outcome was unexpected ... 1/7

A 🧵 of peer reviewed published scientific research where the authors left out a key coauthor 😉: “As an AI language model…” @MicrobiomDigest

"I use Linux as my operating system," I state proudly to the unkempt, bearded man. He swivels around in his desk chair with a devilish gleam in his eyes, ready to mansplain with extreme precision. "Actually," he says with a grin, "Linux is just the kernel. you use GNU+Linux." I

The last week on Twitter has been really an amazing string of WTF, even by the impressive standards of Elon. It's really funny when you put all the pieces together. it's important to start at the beginning. Twitter's pretty broke. (amusing thread)

Marco Rubio CANNOT read 💀