A modern tale of Blinkenlights, cheap Christmas shopping and curiosity, narrated by @dcauquil Firmware extraction and reverse engineering of a smartwatch FTW! https://t.co/IviJdBLm5m

K7 Antivirus: Named pipe abuse, registry manipulation and privilege escalation. A story of endpoint post-exploitation by @kaluche_ https://t.co/qcOoYOR3tq

Ep. 3 of Nationwide Amplified: Tai McNeely, co-founder of His & Her Money, shows how purpose + determination turn obstacles into opportunities—and inspire community along the way.

Quarkslab is sponsoring @GrehackConf 2025! @rayanlecat is proposing an Active Directory Pwning workshop and our team #qsec will also be there for the CTF. Come & say hi!

Quarkslab engineers @RobinDavid1, @MihailKirov1 and Kaname just completed the first public security audit of Bitcoin Core, led by @OSTIFofficial and funded by @bitcoinbrink. Details on the blog post: https://t.co/xPkDEV7LDy Congrats to developers for such software masterpiece !

🔥 Another returning sponsor for this year’s edition, @quarkslab ! Their team combines deep expertise in software security, cryptography and automotive systems to build tools and solutions that strengthen cybersecurity worldwide. 🧠🔐 🤝We thank them for their support!

We are pleased to announce that the KubeVirt Security Audit report has been published, in collaboration with @quarkslab and @OSTIFofficial Check out our blog post for all the details:

KubeVirt is open source virtualization technology for Kubernetes. Recently we worked with the @kubevirt team on a security audit sponsored by @OSTIFofficial 👃 Read a summary of our findings and find the full report here: https://t.co/IF57DQnRFD

Bring the LTX-2 API into real production pipelines, powering 4K, 50fps, synchronized-audio video generation

Our 2025-2026 internship season has started. Check out the list of openings and apply for fun and knowledge! https://t.co/gtBAc1Shx0

From kernel oops to kernel exploit: How two little bugs (CVE-2025-23330, CVE-2025-23280) in #NVIDIA open GPU #Linux driver can lead to full system compromise. Full technical breakdown inside, #vmalloc exploitation technique included! https://t.co/lVx97yzxyU

Finding a buggy driver is one thing, abusing it is another. In his latest blog post, Luis Casvella shows you how BYOVD can be used as a Reflective Rootkit Loader ! 🚀 ➡️ https://t.co/frVCTiqVTB

Quantum computers are not quite here yet, but now's the time to get ready. After updating their protocol in 2023, @signalapp is now proposing a post-quantum version of their Double Ratchet for message encryption. Let's see what Signal looks like now! https://t.co/wvOh0olejl

BYOVD is a well-known technique commonly used by threat actors to kill EDR 🔪 However, with the right primitives, you can do much more. Find out how Luis Casvella found and exploited 4 vulns (CVE-2025-8061) in a signed Lenovo driver. 👇 https://t.co/yKVfTYi61L

RTFM they say but if you read the manual and copy code examples from it you may inadvertently introduce vulns in your code 🙀 In April we audited the PHP code. Now we followed up with a review of the code snippets in PHP documentation and found 81 issues👇 https://t.co/hQjpahI3FW

The two bytes that make size matter: Reverse engineering Apple's iOS 0-click CVE-2025-43300 improved bounds checking fix, by Madimodi Diawara https://t.co/EgSvDqoOEz

We changed our account settings to receive DMs from anyone. Send us your request for the ticket before midnight (CEST) today.

Hacking & Barbecue in the south of France. What could possibly be better? We are giving away a @_barbhack_ ticket to a student near Toulon looking to live the experience. Send us DM with your name and school. We will notify the winner tomorrow night. https://t.co/DWwXPP4G8r

🚀Ever heard of ControlPlane, software to help you automate tasks on macOS? Turns out, it might also help you become root. Oops! 😱@coiffeur0x90 found a Local Privilege Escalation vulnerability. Read before someone automates your admin rights 👉 https://t.co/aVvD6GfGEk

You finally pwned the Holy Confluence server. What now? Create a user? Reset a password? 🚨Best way to trigger an alert What if you craft your own Personal Access Token 🔑 for the Admin account? Find out how in this blog post by Quarkslab's Red Teamer YV https://t.co/7CrgRd8HoK

leHack (@_leHACK_ ) starts tomorrow at the Cité des Sciences et de l’Industrie in Paris. We will be there to meet with peers and friends. 3 talks, a cool challenge and our famous Car in a Box to play with. Come and say hi at booth 20. Full program here: https://t.co/K1LILWobGe

Are you a network protocol reverse engineer? Tired of writing Wireshark plugins in memory unsafe or esoteric languages named after celestial objects? Now you can do it in a few lines of Go, Python or Rust with Wirego. Benoit Girard explains how here: https://t.co/X2w4y6o0S8