I’m pleased to share that our team Platinum has won first place in the Saudi Teams category at Black Hat MEA CTF 2025 for the third consecutive year. We’re especially proud to have secured first blood 🩸 on a hard web challenge.

الحمدلله Certified Red Team Operator (CRTO)

Turki الف الف مبرووك يا تركي كنق AD 🎉

He is right, just in the case of playing bad quality ctfs (strings to find the flag, use rockyou and pray,etc) u will not gain much knowledge. But when u play high quality ctfs u will gain insane knowledge. ( i can defend my point 24/7). Ctfs allows u to interact with great minds

finally solved all python jail challenges @ pwn.college

CWEE 🔥🔥

I just completed module Prompt Injection Attacks in HTB Academy! academy.hackthebox.com/achievement/12… #hackthebox #htbacademy #cybersecurity

I just completed module File Transfers in HTB Academy! academy.hackthebox.com/achievement/12… #hackthebox #htbacademy #cybersecurity

TOP 94 all time✅ Just scored a reward Intigriti, check my profile: app.intigriti.com/profile/lhr #HackWithIntigriti

Dave Jones easy, mr. linux himself uses fedora

الحمد لله.

This is what it feels like when something larger than you quietly takes your place. Not all at once, not with noise, but with a steady certainty that leaves no room to argue back. One day you are needed, the next day you are optional, and then eventually you are nothing at all in

اللهم احفظ بلادنا وبلاد المسلمين

One of our engineers just did a detailed writeup for one of his Google kCTF kernel exploits. The bug is 20 years old and has been there since Linux 2.6.12! open.substack.com/pub/calif/p/a-…

Found a 0-day that just became an N-day 😔 #BugBounty #bugbountytips

Finally :)

Stealthy WMI lateral movement - StealthyWMIExec.py ghaleb0x317374.github.io/2026/03/15/Ste…

kernelstub kangel well 0day means a vuln no one knows about it, but in this case he and anthropic and google know about it :)

CVE-2026-4887 A flaw was found in GIMP. This issue is a heap buffer over-read in GIMP PCX file loader due to an off-by-one error. A remote attacker could exploit this by convincing a… cve.org/CVERecord?id=C…

i wrote a blog about the art of xs-leak attacks, i did a deep dive into chromium source code for an xs-leak oracle, have fun 😄 x6vrn.github.io/xsleaks-part1.…