👋🏿 hackers! I'm looking for an #AppSec 🥷🏿/🧙🏿 to join our team at Shielder! If you are looking for a chill company which will invest in you and give you paid #research time, please hit me up! #hiring #vr More info ⬇️ (RT appreciated) romhack.io/job-opportunit…

🛡️

Attending TheSAS2025 in the beautiful Bali🏝️? Make sure not to miss Pit's talk about his novel research on the macOS 🍎 sandbox and how to bypass it. 🗓️ Wednesday, October 23 - 15:10

Pit rocking at #TheSAS2024 stage, talking about macOS sandboxing escape

Muy buena la charla “Riding the DYLD Rocket: Escaping from macOS Sandbox at Mach 1337” de Pit en #theSAS2024

🚨 New Open Source Audit Alert! 🚨 Shielder, with OSTIF Official & CNCF, audited Karmada: 🔍 6 issues found (1 high, 1 medium, 2 low, 2 info) ✔️ Most fixed, others planned. 🗣️ to Pit and TheZero 🍉 on BlueSky Full details in the blog post! shielder.com/blog/2025/01/k…

It was smooth sailing with the Karmada maintainer team, Shielder, and the CNCF for this audit!

#Karmada showed camaraderie with their security audit! Navigated with support from the CNCF and auditing by Shielder, the work is now available publicly- read on below! 👇

In Lausanne for Insomni'hack? Don’t miss the chance to meet our very own Francesco Enrietti! If you're into cursed OAuth hacking techniques or breaking mobile apps, find a comfy spot -- you might be there for a while!

Last week Apple released MacOS 13.4 which contains a fix for a vulnerability Pit exploited to escape the Sandbox. Update now and stay tuned for the technical details! Ref: support.apple.com/en-us/122373

[ZDI-25-657|CVE-2025-54440] Samsung MagicINFO 9 Server MagicInfoWebAuthorClient Unrestricted File Upload Remote Code Execution Vulnerability (CVSS 9.8; Credit: Paolo Cavagli, Abdel Adim Oisfi, and Nicola Davico of Shielder) zerodayinitiative.com/advisories/ZDI…

[ZDI-25-655|CVE-2025-54438] Samsung MagicINFO 9 Server downloadChangedFiles Directory Traversal Authentication Bypass Vulnerability (CVSS 9.8; Credit: Paolo Cavagli, Abdel Adim Oisfi, and Nicola Davico of Shielder) zerodayinitiative.com/advisories/ZDI…

👋🏿 Hackers! Are you a Red Teaming Wizard 🧙🏿 looking for a new challenge? Shielder is hiring a Red Teaming Lead to join our crew! More info ⬇️ (share appreciated) #hiring #redteaming romhack.io/job-opportunit…

👀 Cyber Saiyan | RomHack Conference, Training, Camp

Attending #TheSAS2025? Don't miss our gangster Paolo Cavaglià pull off a credential heist, taking down a PAM and going from no info to full infra compromise!

Attending #theSAS25? Meet Paolo Cavaglià for his PAM pwnage talk! It won't be recorded and it might *wink wink* contain a cool drop you don't want to miss 👀

🔥🔥🔥

Great achievement of our very own Paolo Cavaglià 🎉