🎄 The Wizmoji holiday pack is here! 🎄 Your Slack & WhatsApp just got way more festive… and a little more secure. Some favorites: - santa-oncall, - 0-day-before-xmas, - grinch-stole-data https://t.co/Hez397bdaW

🚨 Heads up: A stolen GitHub PAT can open your cloud. Attackers don't need skill, just patience - one NPM supply-chain hit is enough. Our IR team shows how PATs are abused to pivot from code ➝ cloud ⬇️ https://t.co/513hx2nIls

Quickly and easily evaluate borrowers' income with our award-winning Income Calculator. Let our technology work harder for you, so you can do great work for your borrowers. Learn more.

An interesting update to Wiz's react2shell article has been made by Gili Tikochinski who investigated an advance in the attacks where a fileless backdoor is now being used. See the section "Fileless Backdoor". https://t.co/FzysVXNU80

📣 Wiz real-time CSPM is now GA. Misconfigurations are the #1 cloud risk. Now you can stop them instantly. Detect issues the moment they’re created, with 3,400+ rules and graph-based context to focus only on what matters. https://t.co/WuITPTmjeK

Great to see this article from Wiz. Those in the SSC space have been sounding the alarm on just how bad PAT compromise could get for years, but real world cases mean the threat is real and not just "Oh, only security researchers do this." I hope more victims of GitHub PAT-based

https://t.co/IysoiKvaI4 https://t.co/L51eKbFTpN https://t.co/ENwTwfIyDQ

🎙️ AI is changing cyber rules, are you keeping up? Eden chats with Ryan Nolette, John Miller, & @41thexplorer on AI threats, cloud defense & the future of security 👇 🍏 https://t.co/ENwTwfIyDQ

Our CTF Winners Team: operationcrownfall! @cr0wn, @ZetaTwo, @mr_nankeencr0wn dominated our on-site CTF, winning both Best Overall and Best in the Cloud & Web track. In a last minute hacking session, they shut down Egor - the evil AI Robot - and won a total of $15,000!

@emil_lerner hit Redis with a crafty exploit chain that got him RCE and $30,000. Deep understanding, smart exploitation, and another strong Redis win.

Team Skateboarding Dog (Joseph Surin, John Stephenson, and @ThatEquus): @ThatEquus from Team Skateboarding Dog went on stage and within a minute popped a shell on Redis, winning her team $30K. They also won the unofficial best exploit art reward, netting them an additional $0!

Yoni Sherez had the privilege of going on stage first, along with the jitters that came with it. He kept his cool and within seconds exploited a post-auth RCE on Redis - winning him $30,000!

Team CCC (@u1f383 & @farazsth98): Team CCC dropped a Linux Kernel 0-day vulnerability that won them 3rd place (tied) and $40,000. Clean exploit, big win, and stronger Linux security.

Team Bugz Bunnies (@stdoutput & @pspaul95): Team Bugz Bunnies delivered twice, getting RCEs on Grafana & PostgreSQL, grabbing a total of $40,000 and winning 3rd place!

Daniel Firer uncovered powerful post-auth RCEs in both Postgres and Redis, winning him the second place and a total $60,000! The smile says it all:

Our CHAMPIONS - Team XINT Code (@tjbecker)! Team XINT Code went AI-first. With 0 human intervention, their tool found critical 0-day RCEs in Redis, PostgreSQL, and MariaDB - sweeping the DB category and winning them $90K. They also grabbed $5K winning our CTF.

https://t.co/iULfuMs1tL WINNERS THREAD 🧵

https://t.co/pr7GC5uRqu 2025?… UNREAL. 2 days. $340k in prizes 🤑 Live exploits on stage that literally shook the room. THANK YOU to everyone who came! You made history. You made the cloud safer.

Do you know what IPoAC stands for? 🔤 @AmitaiCo asked hackers after 36hrs sleep deprivation: to explain these acronyms. The results? Pure FUN. 💣

Final day at https://t.co/pr7GC5uRqu was W1LD.🧑‍💻 Today’s successful exploits >> RCEs in Redis (x2), PostgreSQL, and MariaDB - all demonstrated live on stage. Congrats to XINT Code for being the https://t.co/pr7GC5uRqu CHAMPIONS!

⚠️ Gogs 0-day (CVE-2025-8110) is being exploited in the wild. Wiz Research confirms 700+ compromised servers. Patch pending - lock down your Gogs instances. https://t.co/Ha2v5mbH10