RT @phrack: Phrack turns 40. The digital drop is live. Download it. Archive it. Pass it on. 💾 #phrackat40 #phrack72….

RT @chompie1337: I've been asked countless times how to learn VR & xdev. The answer is always: "do something you think is cool". It's hard….

What do you want to know?.

RT @jbx81: @metasploit opened a survey to collect feedback on what is preventing you from using Metasploit in certain contexts. Every input….

RT @todayininfosec: 1998: Cult of the Dead Cow (cDc) debuted the program Back Orifice at DEF CON 6. The controversial remote system adminis….

RT @infosectcbr: New blog post: Exploiting the Synology TC500 at Pwn2Own Ireland 2024.We built a format string exploit for the TC500 smart….

RT @thezdi: Announcing #Pwn2Own Ireland for 2025! We return to the Emerald Isle with our new partner @Meta and a $1,000,000 WhatsApp bounty….

RT @oct0xor: Check out our analysis of the SharePoint ToolShell vulnerabilities: how the ITW exploit works, how it was patched, and why the….

RT @_l0gg: Blog for ToolShell.Disclaimer: The content of this blog is provided for educational and informational purposes only. https://t.c….

I just completed the reimplementation of the in-the-wild gadget to use the Msf::Util::DotNetDeserialization routines, so that part is much cleaner now, no more sketchy blobs of base64 😅.

We now have a (draft) @metasploit exploit module in the pull queue for the recent Microsoft SharePoint Server unauthenticated RCE zero-day (CVE-2025-53770), based on the in-the-wild exploit published a few days ago. Check it out here:

RT @watchtowrcyber: Happy Friday! We're ending the week by publishing our analysis of Fortinet's FortiWeb CVE-2025-25257. https://t.co/….

RT @exploitsclub: BEST day of the week 📰 EC 77 Out NOW! . 🎉Binja Giveaway complete - check your email to see if you've won 🎉. @stephenfewer….

Our @metasploit auxiliary module for the new Brother auth bypass is available. The module will leak a serial number via HTTP/HTTPS/IPP (CVE-2024-51977), SNMP, or PJL, generate the devices default admin password (CVE-2024-51978) and then validate the creds:

Today @rapid7 is disclosing 8 new printer vulnerabilities affecting 742 models across 4 vendors. After 13 months of coordinated disclosure with Brother Industries, Ltd, we're detailing all issues including a critical auth bypass. Full details here:

Today @rapid7 disclosed two vulns affecting NetScaler Console and NetScaler SDX, found by Senior Security Researcher Calum Hutton! 🎉 Our blog details the authenticated arbitrary file read vuln (CVE-2025-4365), and the authenticated arbitrary file write vuln (Which the vendor has.

RT @ret2systems: What does it take to hack a @Sonos Era 300 for Pwn2Own? . Take a look at our process of adapting existing research, establ….

RT @xaitax: Needed Reflective DLL Injection for Windows on ARM64 for a project, but public examples were nowhere to be found. So, here you….

A new @rapid7 Analysis of CVE-2024-58136 was just published to AttackerKB, courtesy of Calum Hutton 🔥 Affecting the Yii framework, this analysis details the root cause and how it can be leveraged for RCE via a dirty file write to a log file:

RT @Neodyme: At #Pwn2Own Ireland 2024, we successfully targeted the SOHO Smashup category. 🖨️.Starting with a QNAP QHora-322 NAS, we pivote….

In another great body of research from @the_emmons, this disclosure chains 3 new vulns in SonicWall's SMA 100 appliances to go from a low privileged account to full RCE as root!! Awesome work as always 🔥🔥🔥.