Kudos to our own @cydave.bsky.social // for finding severe vulnerabilities in the 'Canto Extension' of TYPO3! His keen skills made the digital world a safer place by preventing potential #SSRF and #RCE. We're proud of you, Dave! <3 🎉 #TYPO3 #RCE #SSRF #Exploit ➡️typo3.org/security/advis…

cyllective is #hiring! We seek a skilled Security Engineer / Penetration Tester, primarily focusing on white box penetration testing of web apps. Hack the application process with the CTF challenges provided💻🪓➡️cyllective.com/jobs/postings/… #pentest #job #cybersecurity #switzerland

➡️ Zurich - Nov 30-Dec 2, 2023 - gobugfree.com/gohack23 Proud to team up with GObugfree on this event. 🪲🆓 Happy hunting & see you there ‼️ #cybersecurity #conference #switzerland

During a #DLP (Data Loss Prevention) audit, we had to find a way to copy files off a computer with restricted USB functionality. Using microcontrollers, software engineering skills, and a neat browser feature called #WebSerial, we developed #COMfiltrat0r. cyllective.com/blog/post/comf…

Join us at #GOHack23, Nov 30-Dec 2! Cyber symposium, expert talks on #ethicalhacking, #ITsecurity, and a live #BugBounty challenge. Dive into trends, tech, and careers! 🛡️💼 #Cybersecurity #GOHack23 #bugbounty GObugfree gobugfree.com/gohack23?utm_s…

A heartfelt thanks to our customers, partners, häckers, and like-minded friends for a fantastic year! 🤝🖖 We look forward to creatively (mis)using hardware and software again in the coming year. 🤖 👾 Happy Holidays and a happy New Year 2024! 🎄🎁🎉 Best regards, cyllective

same procedure as every year 🙇 the hackbar.ch event in Bern, Bahnstrasse 44 - 27.-30.12.2023: streaming the CCC talks, lockpicking, hacking on CTFs and having fun 💖 for more details visit hackbar.ch 💻📡🛰️♾️🧑‍🔬🍹🎵🤖🌃🎩🌭💖🚀📟🔐✅

#CyberSecurity #SwissTech #ForwardTogether

We are excited to have Cyllective as a Silver sponsor supporting the AREA41 conference - Thank you🥳 See you 6-7.June in Zürich DC4131 - DEFCON CH cy//ective

🚨 New Blog Post! 🚨 🕸️ Discover our journey of identifying a critical stored XSS vulnerability in Collabora Online, CVE-2024-29182🐞💻 Our latest blog post provides an in-depth analysis of how @cydave.bsky.social // found the flaw. #web #cve #collabora ➡️ cyllective.com/blog/posts/cve…

🚀 Verstärkung gesucht! 🚀 Wir suchen eine Person, die uns im Backoffice unterstützt und eine Schlüsselrolle im Unternehmen übernimmt. 🤝 Bist du interessiert dich in einem KMU im Bereich Cybersicherheit zu verwirklichen? 🤖 👾 cyllective.com/de/jobs 👈 #Cyber #Hiring #Job

🚨 New Blog Alert! 🚨 We've found 53 zero-day vulnerabilities in Atlassian plugins! Discover how to safeguard your environment. Read more: cyllective.com/blog/posts/atl… #CyberSecurity #Atlassian #ZeroDay #Infosec #Cyberraum

Creating a Malicious Atlassian Plugin 📦 In our latest post, we dive into the dark side of Atlassian plugins. Discover how we created a malicious plugin capable of hiding from admins, exfil. data, and even running a reverse shell. 🔍 cyllective.com/blog/posts/atl… #Atlassian #infosec

Huge thanks to Risky Business® Media for mentioning the #ghmlwr project! 🎉 📰 news.risky.biz/risky-biz-news… 🔗 ghmlwr.0dave.ch - @cydave.bsky.social // #Infosec #GitHub #ThreatIntelligence

👾 During his personal research Manu has discovered an XXE vulnerability in a Java library affecting tax applications used across 11 cantons in Switzerland. 💥🚀 mkiesel.ch/posts/swiss-ta… #CyberSecurity #PenTesting

👾🔥🎉 Vulnerabilities in Swiss tax apps uncovered by Manuel Kiesel (Manu) made it to mainstream media! Huge congrats and thanks, Manuel. 🤝🥷🏻🤓 📄 Read the 20min article: 20min.ch/story/cybersic… #Cybersecurity #ITSecurity #Switzerland #TaxSoftware #cyllective

🚀 New from cyllective: 𝐎𝐀𝐮𝐭𝐡 𝐋𝐚𝐛𝐬 🔒 🔑 Master OAuth 2.0 with hands-on Docker-based labs: -JWT signature flaws -Open redirect risks -Claim validation issues 💻Devs & pentesters: sharpen your skills! 👉cyllective.com/blog/posts/oau… #OAuth #Cybersecurity #Training

The first CVEs of 2025 are live! 🚨 We discovered ~10 vulnerabilities in Cordaware bestinformed, leading to 4 CVEs. They can be chained for an unauthenticated compromise of the server and all connected clients. 👾 CVE-2025-042{2..5} cyllective.com/blog/posts/cor… #blogpost #CVE #infosec