Come and register for the speedrun CTF! Eloi Benoist-Vanderbeken and I will comment the finals at 9PM 🎤

Hey folks! We’ve received many requests for more tickets, and we’re thrilled by your enthusiasm –especially since we had three times more tickets this year! 🤯 We’ll be releasing a few additional tickets Monday October, 14 at 7pm. Keep in mind, it’s a small batch! So, be ready 🏁

📱 Even with newer cellular technologies available, GPRS stacks are still found in many phones, making them a bullseye for attackers. 🎯 Join Dyon Goos and nSinus-R (@[email protected]) at #hw_ioNL2024 Know More: hardwear.io/netherlands-20… #GPRS #fuzzing #mobilesecurity

🔧Join azox & Baldanos at #Ph0wn2024 for an Intro to Hardware Hacking with hydrabus.com! Learn to ID components, dump memory, and extract firmware in this hands-on workshop. 🛠️🔍 More info: ph0wn.org/workshops24/#h…

🔥 One week for r2con! 🔥 Checkout the schedule and meet us in Barcelona if you can make it! radare.org/con/2024 #r2con #radare2

Until October 30, Okta generated "the cache key" by using bcrypt to "hash a combined string of userId + username + password", which allowed full password auth bypass for usernames of 52+ bytes and apparently required only partial knowledge of the password for other long usernames

Thanks for the shoutouts Sylvain @ #blackalps24 but where are the pliers?!? see you at beerontuesday.ch BlackAlps

Meanwhile, at @[email protected] track, people are concentrated marking bits #r2con2024

And now @[email protected] and azox will show how to use #radare2 searching crypto-related stuff #r2con2024

Asymetric crypto secrets uncovered with the latest commands included in #radare2 by @[email protected] and azox #r2con2024

Decompiling with #decai provides a really nice output, as you can see in the example below. But even with more complex binaries the results are surprising. #r2con2024

🔥Back from #r2con2024 🔥 Shoutout to the organizers and paπcake 🌱 🏴󠁥󠁳󠁣󠁴󠁿 for this wonderful event and for the goodies ! Also a special thanks to Travis Goodspeed for the workshop and the book ! It was a lot of fun !

I've been diving into electromagnetic (EM) side-channel attacks with Correlation Power Analysis (CPA) these past few weeks and just published a blog article about my journey: collshade.fr/articles/cpa/c…

Last week with Nishacid we dug into YesWiki, an open-source wiki system recommended by the French government OSS agency. We identified 3 "high" vulnerabilities: CVE-2025-24017, CVE-2025-24018, CVE-2025-24019 Feel free to check GitHub's advisories: github.com/YesWiki/yeswik…

Just published the slides from McCaulay and my talk at Insomni'hack on Pioneer IVI hacking. We got a pretty interesting spyware demo too where we extract a bunch of data from the compromised IVI! nccgroup.com/uk/research-bl… vimeo.com/1062015713

My friend Manaf and I have created an AI hacker! 👨‍💻 It can find 0-days in web applications with 0% false positives, and it also works on CTF challenges! What you see ⬇️ is Haicker solving a web challenge from UMassCTF 2025 (only 45/557 teams were able to solve it!)

The SDR community is about to get a new tool. Professional specs. Accessible pricing. Open source code. All details in less than 20 days. Follow the countdown: hydrasdr.com Stay Tuned

For a deeper dive into BLS signatures, building aggregation, and multi-signatures, check out our recently published blog post below: zellic.io/blog/bls-signa…

🚀 THE COUNTDOWN IS OVER! 🚀 hydrasdr.com is NOW LIVE with MAJOR open-source release ! ✅Complete host tools / API and firmware ✅SDR++ / SatDump (until official support is available) ✅SoapyHydraSDR, GNU Radio (gr-osmosdr) ✅urh, luaradio support ✅Full software

We have sent out all invites for this year. Make sure to check your inbox, as well as your spam folder :) some "+1" are still to be contacted.