Messing with Zigbee at Pwn2Own

[RSS] On the clock: Escaping VMware Workstation at Pwn2Own Berlin 2025 www.synacktiv.com -> Original->

Our experts will be at #Pwn2Own Automotive in Tokyo 🇯🇵 After taking 1st place in 2024 by uncovering #Tesla and automotive vulnerabilities, they’re back to explore new attack entry points! Stay tuned 🔍

Synology Beestation Plus pre-auth exploitation and full system takeover www.synacktiv.com/en/publicati... Write up Arnaud Gatignol and Théo Fauché #infosec

My #Hexacon talk with Etienne on exploiting the Bluetooth stack (fluoride) is now available on YouTube youtu.be/wYulofbUDqY?...

A big shout-out to the #Synacktiv team for their strong performance at the latest #Pwn2Own competition in Cork! They proudly secured third place overall 👏 Next stop: Tokyo for the upcoming edition 🇯🇵 👀 More details on the targets and participants here ℹ️ www.zerodayinitiative.com/blog/2025/20...

Following their presentation at @hexacon.bsky.social, @mtalbi.bsky.social & Etienne detail how they exploited CVE-2023-40129, a critical vulnerability affecting the Bluetooth stack in Android ⬇️ www.synacktiv.com/en/publicati...

Impressive exploitation strategy!! bsky.app/profile/thez...

Confirmed! David Berard of @synacktiv.com used a pair of bugs to exploit the Ubiquiti AI Pro in the Surveillance Systems category. The impressive display (incl. a round of Baby Shark) earns him $30,000 and 3 Master of Pwn Points. #Pwn2Own

🎥 Eyes wide shut! David Berard of @synacktiv.com just breached the @Ubiquiti AI Pro surveillance system at #Pwn2Own. He also serenaded us with round of "Baby Shark" played through the speaker. He's off to the disclosure room with an ear worm and the details.

Confirmed! The team from @synacktiv.com used a buffer overflow to exploit the Phillips Hue Bridge. Their unique bug earns them $20,000 and 4 Master of Pwn points. #Pwn2Own

Congrats to tek and anyfun for landing the first successful entry at #Pwn2OwnCork - exploiting a stack overflow on Synology BeeStation Plus for $40,000 and 4 Master of Pwn points in the process 💥 Let’s keep pushing 💪 #P2OIreland #Synacktiv

Impressive work from our team today at #Pwn2Own! @mtalbi.bsky.social and Matthieu just pulled off an exploit on the Philips Hue Bridge without laying a finger on the device! Great demonstration of Synacktiv’s offensive expertise 👏 Come on 🔥

Exploit inside #pwn2own

📢"Paint it Blue: Attacking the Bluetooth stack" by Mehdi Talbi and Etienne Helluy-Lafont

Aaaand the first talk to be announced is... 🥁 Exploiting the Undefined: PWNing Firefox by Settling its Promises by Tao Yan & Edouard Bochin

It's already #SSTIC2025 day 2! @remi-j.bsky.social and us3r present the Windows kernel shadow stack mitigation 🪟

📢 Our Call For Papers is open until 14 July! ➡️ Details & benefits: www.hexacon.fr/conference/c... Also, conference tickets will be on sale today at 4PM (UTC+2)

In iOS 18.4, Apple introduced a bug in dynamic symbol resolutions for some specific exports. @0xf4b.bsky.social took a long journey down a rabbit hole to understand its root cause. www.synacktiv.com/en/publicati...

Hackers rejoice! We are releasing the Phrack 71 PDF for you today! Don't forget this year is Phrack's 40th anniversary release! Send in your contribution and be part of this historical issue! The CFP is still open, you can find it and the PDF link at phrack.org

Ten Years of Rowhammer: A Retrospect (and Path to the Future) fahrplan.events.ccc.de/congress/202... From Convenience to Contagion: The Libarchive Vulnerabilities Lurking in Windows 11 fahrplan.events.ccc.de/congress/202...

We updated our CFP for Phrack 72! The deadline is now April 1st 2025. Check the site for specifics on how to contribute, as well as some inspiration! We also posted a link to purchase physical copies of Phrack 71, and a donation link too. Enjoy! phrack.org