WOOT 2025 closing Keynote "Escaping Cantor's Find-Fix Cycle" by @FalconDarkstar from @dartmouth and @aiven_io

Last papers session "Exploit All the Things" (Chair: Cristine Hoepers) - Soufian El Yadmani: SecurePoC—detecting malicious GitHub exploits - Andrea Mambretti: SoK on kernel vuln discovery & auto exploit generation - Junho Lee: BOOTKITTY—stealth bootkit-rootkit for modern OSes

WOOT 2025 late morning session: Application Security (Chair: Yves Younan) - Gabriel Karl Gegenhuber: Prekey Pogo—WhatsApp handshake weaknesses - Manuel Karl: Formula injection in real-world spreadsheets - Jannik Hartung: PHP foot-gun case study (Best paper award !)

WOOT 2025 Day 2 starts with another Physical Attacks session (Chair: A. Zonenberg) - Valentin Huber: Deep dive into FRAM fault injection effects - Boyapally Harishma: Side-channel reality check on ARM Cortex-A72 - Wooyeon Jo: PLC memory exploitation in industrial systems

WOOT 2025 last session today Network Security : - Mehrdad Hajizadeh: DeepRed: AI-driven red teaming vs ML-NIDS - Shujie Zhao: Stealth BGP hijacks under uRPF - Anqi Chen: FUZZVPN: Hunting OpenVPN vulns

WOOT 2025 1st session of the afternoon, "Hacking at a Distance" with: - Tommaso Sacchetti on large scale Bluetooth Security Testing - Chengsong Diao: Vulnerabilities in Master Lock Smart Locks - Seyyed Ali Ayati @itayaila Acoustic Side-Channel on keyboards

WOOT 2025 schedule, all papers are now online open access: https://t.co/i5io1U8uNk Talks are recorded, and should be online in a few weeks.

First session, on hardware security: Two talks on attacking the @Raspberry_Pi RP2350 by @nSinusR and @azonenberg One talk on exploiting software using hardware fault injections by Zhenyuan Liu

Thanks to WOOT Conference 2025 sponsors: @Meta, @binarly_io @Bloomberg, @Google and @craignewmark

This year artefact evaluation was mandatory! Thanks, Marcel Busch @0ddc0de for chairing the artifact reviews!

WOOT 2025 Conference starting in Seattle. The program prepared by @noopwafel and @naehrdine includes sessions on hardware security, wireless attacks, network security. And tomorrow physical attacks, application security. And Keynote by @FalconDarkstar

The Bootkitty story continues on the @wootsecurity stage!

Discounted early bird registration for WOOT '25 is open until Monday - https://t.co/bEvwBFx15q - join us in Seattle on Aug 11/12 (right before USENIX Security) for talks and discussions on all kinds of cutting-edge offensive security research (program at https://t.co/i5io1U7WXM).

Reviewer 2 just rejected your latest offensive security paper? Or didn't submit it anywhere yet? There's still more than a day left to (re)submit to USENIX WOOT '25 and get reviews from a community who love clever hacks, weird bugs 👾 and fun exploits!

Only a week and a half left for USENIX WOOT '25 conference submissions - deadline March 11 AoE. We’re looking forward to seeing even more of your amazing offensive security papers this year! And still a few days for up-and-coming track (March 4). CfP at

USENIX WOOT '25 submissions are due March 11. One month to go - still plenty of time to write a paper about your latest fun offensive security research! Or if you want more guidance to get a paper into shape, up-and-coming track deadline is March 4. CfP at

USENIX WOOT Conference on Offensive Technologies 2025 (WOOT '25) CFP is online! Deadlines: - Up-and-coming track: March 4th, 2025 - Academic track: March 11, 2025 https://t.co/HdNwNnUiAs

📢 The WOOT 2024 presentations are now all available on YouTube: https://t.co/i5nkEbJwDG Enjoy!

Bike component maker Shimano issued a software update to the pro cycling teams who use its wireless gear shifters after researchers found that hackers can spoof or jam the shifters' signals to sabotage riders. Consumers get the patch later this month.

Our computer scientists @UCSanDiego not only found a vulnerability in bikes' #wireless gear shifters, they also figured out how to patch it. The work was presented @wootsecurity this week. Excellent coverage by @a_greenberg @WIRED