[INTERNSHIPS 🇫🇷] We just published our offers for the 2022-2023 season! We're ready to be flooded by your resumes 😆 Apply now! #pentest #reverse #dev #infra #dfir synacktiv.com/nous-rejoindre…

Time to disclose how David B and vdehors hacked the @tesla car during the #Pwn2Own competition! It’s happening right now at Hexacon. #HEXACON2022

The Grails team has confirmed a security vulnerability found in the Grails Spring Security Core plugin. Read more about this in our latest blog post. #Grails hubs.li/Q01sZQRC0

If you enjoy sailing the sea, beware! Major_Tom has found a critical security vulnerability in Raft™, allowing 0-click RCE on any online player. The vendor has remained silent for 5 months, so here are the details: synacktiv.com/sites/default/…

Who would win, Grails Spring Security Core or one little semicolon? Our ninjas Taryax and Benjamin SEPE discovered an authorization bypass vulnerability on versions <= 5.1.0 of the plugin during a security assessment. Read more here: synacktiv.com/sites/default/…

Pirater une Tesla model 3 en 2 minutes et repartir avec, l'exploit de Eloi Benoist-Vanderbeken et David Berard de Synacktiv 🗨️"Le concours est annoncé environ 3 mois avant l'événement. Et on va avoir la liste des cibles qui font partie de l'événement notamment la Tesla" 🎙️ David Berard

Last sponsor we want to introduce is a special one: it's Synacktiv, the company organizing #HEXACON2023. Leader in offensive security, Synacktiv helps companies assess their networks's security. There will be a lot of ninjas in the conference, feel free to talk to them! 🤗

Retrouvez sur le site de Synacktiv, nos offres de stages 2023 🤩 #reverse #pentest #devoffensif

We are starting a new series of blog posts on post-quantum cryptography! Check-out our first article which gives an introduction to modern cryptography concepts. synacktiv.com/en/publication…

Registration for #HEXACON2024 awesome trainings will open next Monday! ➡️ hexacon.fr/trainings/ 9⃣ High-quality courses 📆 4 days | 30/09-03/10 2024 💶 4200€

The next article by Antoine Gql in our post-quantum series tackles hash-based signature schemes, including XMSS and the freshly standardized SLH-DSA (aka SPHINCS+). Sometimes, you don't need fancy maths to build robust schemes! synacktiv.com/publications/q…

Our ninja Benjamin SEPE identified a high-impact XSS in Netwrix Directory Manager. The CVE-2025-47189 vulnerability can be exploited from the Windows lock screen to gain administrator privileges on a workstation. synacktiv.com/advisories/net…