Looks like #SYS01 TA is a Manchester United fan 😅

Check out our latest research on the #Mispadu (aka #URSA) latest campaign blog.morphisec.com/mispadu-infilt…

Join me, Arnold Osipov and Shmuel Uzan at #DEFCON32 this year for our presentation, "Outlook Unleashing RCE Chaos: CVE-2024-30103" where we'll share technical details and a POC. We will be revealing additional RCEs once they are patched. You should patch your devices today!

#Defcon we are coming! Second RCE in outlook just released - #CVE-2024-38021 Stay tuned for more 🔥

Check out this #phishing #PDF posing as a #CrowdStrike updater for Windows hosts. It originates from the #Handala_Machine and ultimately delivers a #wiper using a variant of #CypherIT. PDF: cdfa4966d7a859b09a411f0d90efbf822b2d6671 ZIP: 66fbe2b33e545062a1399a4962b9af4fbbd4b356

Super excited to get into the Q2 top 10 Office researchers! 🎉 Security Response - Thank you for the opportunity 🙏 #CyberSecurity #Research #Microsoft

“Chilling” out before our talk with Michael.Gorelik 🔥 DEF CON #Defcon32

Don't forget to patch - CVE-2024-38173 Our latest RCE discovery in Outlook msrc.microsoft.com/update-guide/e… #CVE #RCE

📩 Arnold Osipov & Michael.Gorelik have uncovered and aided Microsoft in patching another Outlook vulnerability, CVE-2025-21357. 🔎 See the details in our brand new web experience: bit.ly/40AqTA3 #cybersecurity #outlook #microsoft #cyber #patchtuesday

Who said what? xiu L0Psec I wrote about the infection chain a bit here - morphisec.com/blog/captcha-c…

🚀 Thrilled to share that I’ve been invited to Microsoft’s Zero Day Quest event in Redmond, Washington in 2025! 🔥 Over the past year, I’ve reported 4 RCE vulnerabilities and several other security issues to MSRC. Big thanks to Security Response for organizing this unique event!

Having time off from a long exciting day hacking Microsoft products. With Arnold Osipov and Shmuel Uzan at #ZeroDayQuest Security Response

Day 1 of the Zero Day Quest Onsite Hacking Event is in the books and we’ve kicked off Day 2. We welcomed top security researchers from around the world to Microsoft’s Redmond campus for a day of live hacking, collaboration, and connection. Researchers worked side-by-side with

Clippy is that you? 🍹🥃 Security Response #ZeroDayQuest

Day 2 of #ZeroDayQuest brought even more hacking, problem-solving, and unforgettable moments. We then went to Carmine’s for incredible food and even better conversation, connecting over exploits, defense strategies, and a shared passion for protecting customers.

Day 2 of #ZeroDayQuest brought together brilliant minds from around the world for more hands-on hacking and meaningful community connections. Catch the energy in our recap video! Tom Gallagher Jeremy Tinder Wendy [email protected]

Joining the MCP trend with windbg-ext-mcp 🐛Now you can vibe debugging your Windows kernel: github.com/NadavLor/windb… Example of asking Claude to hide explorer.exe by unlinking it from EPROCESS + PspCidTable: #windbg #mcp

Yesterday, Microsoft patched two Remote Code Execution vulnerabilities in Outlook that we discovered. 🙃 1. CVE-2025-47171 --> msrc.microsoft.com/update-guide/e… 2. CVE-2025-47176 --> msrc.microsoft.com/update-guide/e… ⚠️ More findings on the way — stay tuned.

Proud to share that Michael.Gorelik and my talk, “Signature of Destruction: Outlook RCE Strikes Again”, got accepted to BlackHat Canada (SecTor)! New Outlook RCE, new vector — details soon #sectorca Black Hat