For the second year in a row, we managed to get first place at the #HackTheBox Business #CTF 2025! 🥇 Congratulations to GMOサイバーセキュリティ byイエラエ株式会社【公式】 and Downscope and thanks to Hack The Box for the fun challenges! 🥳

Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by Guillaume André and Wil. synacktiv.com/publications/n…

💣 Hello 💣 Rien de prévu le 1er Juiller au soir ? Cool. Maintenant oui ! 😎 RDV Mardi 1er Juillet à 21h sur twitch.tv/thelaluka ! STOP, je te connais ! Ouvre tout de suite ton gcal/outlook/kcal/any et note cette date >maintenant< avant de l'oublier ! 😂 Au programme ! -

Finally, here’s the detailed article where I walk you through, step by step how to find this vulnerability in real bug bounty programs. Now you can learn more effectively and apply it with confidence infosecwriteups.com/the-most-under…

How not to do multi-tenant apps. Nice find by ᅟ from modzero, compromising Synology Active Backup client secrets (from the Synology tenant) during installation 🤦 modzero.com/en/blog/when-b…

🔐 Data encryption in Laravel environments is based on one secret: the APP_KEY. Our ninja Remsio studied the impact of its leakage on the internet during an entire year. synacktiv.com/en/publication…

Red teaming will go back ten years ago. Proxy Socks (nothing better than chisel) and no Fork&Run / BOF ... Only proxychains

🚨 Shocking impact from the SharePoint vulnerability we found at Pwn2Own! 😱 Despite our efforts to patch it 🤝, many systems are still at risk ⚠️. Secure yours now! 🔒 Details: blog.viettelcybersecurity.com/toolshell-a-cr…

Vous êtes vous déjà demandé pourquoi PARFOIS il n'y a pas stream ??? Well, soit boulot, soit... CA ! 😇 youtube.com/watch?v=6gkX2Y…

Catch us at #DEFCON33! @quent0x1 and Wil will show how to turn your Active Directory into the attacker’s C2. They'll dive deep into how Group Policy Objects can be leveraged for stealthy enumeration and privilege escalation! defcon.org/html/defcon-33… #DEFCON #ActiveDirectory

Don't miss kalimero at #DEFCON33! His talk, "SCCM: The Tree That Always Bears Bad Fruits", covers modern attack paths and abuse techniques in Microsoft SCCM, with a focus on internals, post-exploitation, and persistence! defcon.org/html/defcon-33… #DEFCON #SCCM

gpoParser, which I presented at #leHACK2025 and #DEFCON, is available here: github.com/synacktiv/gpoP… It is a specialized utility designed to enumerate Group Policy Objects (GPOs) and identify potential security misconfigurations.

I don’t think people realize how bad this bug could have been. The fact they were vending a multi-tenant GitHub app private key into a customer container is just 🤯. How can you look at yourself and ship that? research.kudelskisecurity.com/2025/08/19/how…

We're back - returning to the scene of the "crime" - to demonstrate 2 pre-auth RCE chains against Commvault (CVE-2025-57788, CVE-2025-57789, CVE-2025-57790, CVE-2025-57791) Enjoy, and speak soon 😉 labs.watchtowr.com/guess-who-woul…

If you didn't find my Black Hat / Def Con slides yet, they are available on dirkjanm.io/talks . Also includes the demo videos where I use actor tokens from on-prem to access SharePoint online and get Global Admin.

A new tool: Slice 🔪 With the help of build-free CodeQL and Tree-Sitter, Slice can help GPT-5 can reliably reproduce discovery of CVE-2025-37778: use-after-free vulnerability in the Linux kernel! noperator.dev/posts/slice/

Looking at a Roadrecon collection through the lenses of SQLiteBrowser may pay dividends. It allows you to perform custom SQL queries and, overall, search intelligently. For this purpose I'm publishing a list of Roadrecon-compatible SQL queries stmxcsr.com/micro/roadreco…

DCOM is everywhere, but its inner workings feel like black magic. 🪄 Unveil the mystery with Kévin Tellier's new article on DCOM basics. Trust us, it's way cooler than it sounds! synacktiv.com/en/publication…

I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…

How safe is your browser? Our ninja, Riadh Bouchahoua, uncovers how attackers can exploit Chromium extension loading to steal data, maintain persistent access, and breach confidentiality on Chromium-based browsers. Read more here ⬇️ synacktiv.com/en/publication…