🚧 München was Superproduktiv. 🎥 Check out this weekend’s highlights from #BuildStationMunich!

In collaboration with cirosec GmbH, we've identified several privilege escalation vulnerabilities in multiple popular antivirus and EDR solutions. Our secret? A novel attack surface: COM hijacking 🔥 1/2

We completed an audit of Streamflow's protocol including their new airdrop feature.🕵️‍♂️ Happy to announce there were no major issues, and they've been a great team to work with🫡

Looking to bulletproof your @Solana smart contracts? 👀 Dive into our latest blog post where we walk you through the easy steps to onboard with our automated vulnerability scanner Riverguard and secure your projects! Link in replies⬇️

Do you know how to use Token22 securely? Are you sure? Read our latest blogpost! 👀 neodyme.io/en/blog/token-…

We have a very talented team working on things other than smart contracts and Blockchains btw, in case anyone wants their infrastructure audited neodyme.io/en/pentests/

Nice! Team Neodyme (Neodyme) wasted no time exploiting the HP Color LaserJet Pro MFP 3301fdw printer. They head off to the disclosure room to provide the details. #Pwn2Own #P2OIreland

💥When security software itself becomes a target! 💥 Learn how we've uncovered critical vulnerabilities in Wazuh, turning a powerful security tool into an unexpected attack vector. 👉 Read more about the findings: neodyme.io/en/blog/wazuh_…

wake up babe, a Solana consensus blogpost just dropped

Your laptop was stolen. It’s running Windows 11, fully up-to-date, device encryption (BitLocker) and Secure Boot enabled. Your data is safe, right? Think again! This software-only attack grabs your encryption key. Following up on our #38C3 talk: neodyme.io/blog/bitlocker…

🪝Introducing HyperHook! 🪝 A harnessing framework for snapshot-based #fuzzing using Nyx. ⚒️ HyperHook simplifies guest-to-host communication & automates repetitive tasks, making snapshot-fuzzing easier & more efficient! 🔗 Read more: neodyme.io/en/blog/hyperh…

Neodyme about to go downhill (but just on these Utah slopes) ⛷️ Catch one of these guys at mtnDAO v7 to get your Neodyme beanie.

Once again this year, a few colleagues couldn’t resist jumping into the HTB CTF to take on experts from around the world. 💻 A great challenge with a wide range of categories. The result: 1st place in 🇩🇪 and top 3 in 🇪🇺.

Part 3 of our Riverguard series is out! We're looking under the hood at the "fuzzcases" Riverguard uses to catch real-world bugs in Solana smart contracts. Still shocked how often some of these pop up. Check it out 👉 neodyme.io/en/blog/riverg…

GMX 🫐 V1 has been hacked. Here is how:

I'm giving a talk at Solana Events on an interesting side-project we did at Neodyme. Every smart contract uses PDAs, but there has never been a materialized view of which program derives which PDA from which seeds. So we decided to build it. Stay tuned 👀

Our Solana PDA database is live at solana-pda.neodyme.io. Go check it out to get some alpha.

FULL TALK: What is the richest protocol on Solana? sintemal from Neodyme

Drones are hot - their security is not. Here is how removed the NAND, dumped firmware, and reverse-engineered ECC on a consumer drone. Stay tuned for part 2! neodyme.io/de/blog/drone_…