RomHack - Job opportunities
Check for RomHack sponsor's job opportunities
๐๐ฟ Hackers!
Are you a Red Teaming Wizard ๐ง๐ฟ looking for a new challenge? @shielder.com is hiring a Red Teaming Lead to join our crew!
More info โฌ๏ธ (share appreciated) #hiring #redteaming
romhack.io/job-opportun...
07.08.2025 19:38 โ ๐ 2 ๐ 3 ๐ฌ 0 ๐ 0
Working with folks from @lucasfilm.bsky.social, @ilmvfx.bsky.social, and Apple to secure some of the OSS foundations the movie and entertainment industries rely on was so cool!
Big shout-out ๐ฃ to the @ostifofficial.bsky.social and ASWF for making this possible.
31.07.2025 15:23 โ ๐ 4 ๐ 1 ๐ฌ 0 ๐ 0
The TumpiCon experience will start tomorrow!
Can't wait to meet y'all in Pinerolo ๐๏ธ
Schedule is out: tumpicon.org
25.06.2025 20:23 โ ๐ 7 ๐ 2 ๐ฌ 1 ๐ 0
Woah - thanks Nestlรจ and @intigriti.com!
23.05.2025 09:34 โ ๐ 6 ๐ 0 ๐ฌ 0 ๐ 0
It's so cool working with the GoogleVRP team - folks over there are amazing.
I love the concept of "you report something, then we work together with you to escalate it as much as possible".
High bounties are also a nice addendum :)
#BugBounty #bugbountytips
20.05.2025 18:53 โ ๐ 7 ๐ 0 ๐ฌ 2 ๐ 0
RomHack Conference 2025
Schedule, talks and talk submissions for RomHack Conference 2025
Romhack is coming up and the CfP is still open!
Got novel research youโd love to present in front of an eager audience, with the stunning Roman landscape as your backdrop, and on the same stage where @jameskettle.com will deliver the keynote?
Submit now!
cfp.romhack.io/romhack-2025/
27.04.2025 06:35 โ ๐ 2 ๐ 1 ๐ฌ 0 ๐ 0
We are so excited to announce the publication of our audit of PHP core! This work was made possible through a collaboration between OSTIF, @thephpf.bsky.social, and @quarkslab.bsky.social with funding provided by @sovereign.tech. For the report and further links, check out ostif.org/php-audit-co...
10.04.2025 19:12 โ ๐ 5 ๐ 3 ๐ฌ 0 ๐ 0
Is there a way I can wipe this from my brain?
Jim Carrey any recommendations?
mobapc.it/prodotto/sha...
10.04.2025 06:47 โ ๐ 2 ๐ 0 ๐ฌ 0 ๐ 0
Just published some talks on tumpicon.org
Wanna join us? Follow the trail ๐ฅพ
09.04.2025 09:35 โ ๐ 6 ๐ 3 ๐ฌ 0 ๐ 1
Last week Apple released MacOS 13.4 which contains a fix for a vulnerability @suidpit.bsky.social exploited to escape the Sandbox.
Update now and stay tuned for the technical details!
Ref: support.apple.com/en-us/122373
07.04.2025 08:58 โ ๐ 9 ๐ 5 ๐ฌ 0 ๐ 0
Woah -- more Google Chrome VRP swag in my mailbox today!
Wondering how to get some yourself? Find vulnerabilities in Chrome!
More info here: bughunters.google.com/about/rules/...
03.04.2025 12:20 โ ๐ 4 ๐ 1 ๐ฌ 0 ๐ 0
Security Code Audit of Mullvad VPN ยท Zoom ยท Luma
Join us for a presentation and meetup with Markus Vervier and Eric Sesterhenn of X41 D-Sec GmbH around their company's audit of Mullvad VPN.
Markus Vervier isโฆ
Our next meetup is a presentation from our friends at X41 D-Sec GmbH. Join us next Wednesday, March 26th, at 14:00 CDT for a presentation and discussion with Markus Vervier and Eric Sesterhenn on their audit of @mullvad.bsky.social. We can't wait for this one! RSVP at lu.ma/wreregye
17.03.2025 19:50 โ ๐ 3 ๐ 3 ๐ฌ 0 ๐ 0
A deep dive into Cellebrite: Android support as of February 2025
A deep dive into Cellebrite: Android support as of February 2025
We recently analyzed the latest Cellebrite device support matrix published in February 2025.
The reality is worrisome. It can be used to unlock most of the mobile devices we use every day.
Read our report:
(ENG) osservatorionessuno.org/blog/2025/03...
(ITA) osservatorionessuno.org/it/blog/2025...
17.03.2025 10:34 โ ๐ 6 ๐ 7 ๐ฌ 0 ๐ 1
My pixel 7 almost melt down in my hands -- but yes!
14.03.2025 13:01 โ ๐ 2 ๐ 0 ๐ฌ 0 ๐ 0
Is this the year of cracking on smartphones?
14.03.2025 07:08 โ ๐ 2 ๐ 0 ๐ฌ 1 ๐ 0
Swag day -- thanks ChromeVRP and @amyre.bsky.social
13.03.2025 11:11 โ ๐ 7 ๐ 0 ๐ฌ 1 ๐ 0
In Lausanne for @1ns0mn1h4ck.bsky.social? Donโt miss the chance to meet our very own @not4nhacker.bsky.social! If you're into cursed OAuth hacking techniques or breaking mobile apps, find a comfy spot -- you might be there for a while!
13.03.2025 09:43 โ ๐ 7 ๐ 5 ๐ฌ 0 ๐ 0
Hey hackers!
Weโve started sending out the first invites โ check your inbox! ๐
Didnโt get one? Take the fast track and submit a talk!
06.02.2025 11:32 โ ๐ 11 ๐ 7 ๐ฌ 1 ๐ 1
tmux and chill
07.03.2025 06:48 โ ๐ 2 ๐ 0 ๐ฌ 1 ๐ 0
๐ฃ๏ธ
06.02.2025 11:36 โ ๐ 2 ๐ 0 ๐ฌ 0 ๐ 1
On my way to @fosdem.bsky.social!
If you are into securing open source code then we should definitely have a chat -- looking forward to meeting y'all!
01.02.2025 03:08 โ ๐ 0 ๐ 0 ๐ฌ 0 ๐ 0
GET /%0D%0ASet-Cookie: foo=bar
403 Forbidden
GET /%E4%BC%8D%E4%BC%8ASet-Cookie: foo=bar
200 OK
Set-Cookie: foo=bar
Discover blocklist bypasses via unicode overflows using the latest updates to ActiveScan++, Hackvertor & Shazzer! Thanks to Ryan Barnett and Neh Patel for sharing this technique.
portswigger.net/research/byp...
28.01.2025 14:01 โ ๐ 39 ๐ 22 ๐ฌ 0 ๐ 0
Shielder - Karmada Security Audit
Karmada Security Audit, sponsored by the CNCF (Cloud Native Computing Foundation), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.
๐จ New Open Source Audit Alert! ๐จ
Shielder, with @ostifofficial.bsky.social & @cncf.io, audited karmada-io:
๐ 6 issues found (1 high, 1 medium, 2 low, 2 info)
โ๏ธ Most fixed, others planned.
๐ฃ๏ธ to @suidpit.bsky.social and @thezero.org
Full details in the blog post!
www.shielder.com/blog/2025/01...
16.01.2025 16:01 โ ๐ 6 ๐ 5 ๐ฌ 0 ๐ 2
Love when we can publish the results of our effort!
16.01.2025 16:33 โ ๐ 2 ๐ 0 ๐ฌ 0 ๐ 0
The second edition of TumpiCon is here!
๐
June 27-28, 2025
๐ Somewhere near Turin, Italy
๐ Invite-only
No flashy stages. No fluff. Just raw, technical, and unfiltered hacking.
More details? If you know, you know.
Follow the trail: tumpicon.org
12.01.2025 11:52 โ ๐ 6 ๐ 5 ๐ฌ 1 ๐ 3
Added to the list! โ๏ธ
12.01.2025 16:13 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0
bsky.app/profile/tump...
12.01.2025 11:56 โ ๐ 1 ๐ 0 ๐ฌ 0 ๐ 0
Looking for a chill, invite-only, and uncensored conference?
Then you are in the right place :)
12.01.2025 11:55 โ ๐ 3 ๐ 0 ๐ฌ 0 ๐ 0
CTF player with The Flat Network Society - bug bounty & web security research
Principal Security Researcher at GreyNoise. https://skullsecurity.org
Mostly post about work stuff, maybe some improv stuff and maybe even magic some day. Seattle-based (originally Canadian), queer, cybersecurity nerd.
(He/him)
Work like hell,
Share all you know,
Abide by your handshake,
Have fun. - Dan Geer
AppSec & Offensive Security
zigzagging my way through cursed code and bugs
[bridged from https://infosec.exchange/@swapgs on the fediverse by https://fed.brid.gy/ ]
professional security border collie and VDP manager | pop culture glutton | outdoor super enthusiast | looking at birds & making up music videos in my head | she /her / hers
Organizzazione di Volontariato No-profit per la tutela del diritto alla privacy, il diritto allโanonimato, la libertร di informazione, espressione e comunicazione ed in generale i diritti digitali in rete.
https://osservatorionessuno.org/it/associazione/
Ransomfeed empowers businesses and individuals with datadriven insights on #ransomware threats | #ransomfeed | 100% made in ๐ฎ๐น
๐ ransomfeed.it
๐ค t.me/RansomFeedNews
๐ผ linkedin.com/company/ransomfeed
IT Security Conference in Turin area (Italy) | 27-28 June 2025
Security Researcher and Software Engineer at GitHub Security Lab
Security Engineer at Zellic, a.k.a vakzz when doing bug bounties and CTFs with Perfect Blue - https://devcraft.io
Security Researcher with @GHSecurityLab. CTF #int3pids. Opinions here are mine!
Security researcher?
| Icon: https://twitter.com/MelvilleTw
| Keybase: http://keybase.io/ryotak
| Threads: http://threads.net/ryotkak
| Misskey: http://misskey.io/@ryotak
