Atredis Partners

We decided to revisit an old research problem with some new LLM powered tooling. Check out our latest blog post to see how we approached this research, and the new Java deserialization gadget chains it discovered in just two days! buff.ly/CeAQZ2B

On a recent engagement, we exploited a previously disclosed privilege escalation bug in Tenable's Nessus Agent. No public PoC was available, so we made one; check it out here buff.ly/IMMQWEo

Atredis identified a vulnerability in the way Rapid7's Nexpose was generating passwords to protect its Java KeyStore which is used to encrypt saved credentials. This vulnerability was reported to Rapid7 and a patch is being rolled out today! Details here: buff.ly/U7qaplX

Command & Conquer'd: Worming RCEs through a classic multiplayer game. Check out the full writeup from our @DistrictCon Junkyard submission here: buff.ly/tp7EzQ8 By @dronesec and @jordan9001 #Security #modding #rce

@d0tslash I bet @jessie_chab can give you a hint or two... Have fun!

Haha @Atredis left out how to make your own cards… I had @OpenAI @ChatGPTapp bang it out right quick. One shot got us a turtle that didn’t come in her card pack. chatgpt.com/share/694dad11…

Kate got a drawing robot. My gut was to look into hacking it, sure enough my friends at @Atredis already had. atredis.com/blog/2025/9/30…

Last week, hardware. This week, firmware! Sam is back with a deep dive into his LiDAR Detector and demos a couple prototypes! buff.ly/b1QnKt2

Say Cheese, Computer! Designing a Sensor for Passive Detection of iPhone TrueDepth LiDAR buff.ly/ObnpsT2

Let's Hack Something Cute! A Reverse Engineering Journey into the Drawbot with Jessie buff.ly/yEWSICJ

In case you missed it, be sure to watch Atredian Matt Burch's (@emptynebuli) @HackSpaceCon talk, Where's the Money: Defeating ATM Disk Encryption! buff.ly/RqUmthH

Check out our latest blog from Matt Burch (@emptynebuli) detailing new supplemental findings from his DefCon32 talk Where's the Money: Defeating ATM Disk Encryption: buff.ly/lBtjQe7

ICYMI, @synacktiv's Pwn2Own walkthrough, exploiting a Tesla Wall via the charging port is a good Friday read. After a firmware downgrade, they found a debug shell via the access point used during setup, ultimately using this to gain EIP. buff.ly/fnlgviX

We recently identified a number of privilege escalation vulnerabilities in Lenovo Vantage on Windows; check out our latest blog for a technical deep dive buff.ly/eKMcZLg

Be sure to watch Matt Burch's (@emptynebuli) @CypherCon talk, Where's the Money: Defeating ATM Disk Encryption! buff.ly/wWaSlle

Where do the Ads in Trackmania come from? In-game ads and reverse engineering tips in this mini-post from Jordan buff.ly/nTITAwc

Sam wanted to answer the question "can you 3D print pogo pin harnesses?" So, he ran some experiments this week to find out. Check out the blog post and grab the models to try for yourself! buff.ly/xWcWE5W #pogopin #probe #3dprinting #atredis

In case you missed it. Don't miss @emptynebuli presenting at @hackspacecon in Cape Canaveral on May 14th! 💰 🚀 buff.ly/tRaisC8

Don’t miss Atredian Bill Carver talking about Ransomware Readiness @BsidesBuffalo - Hope to see you there on June 7th! buff.ly/aoPaPNH

Don't miss @emptynebuli presenting at @hackspacecon in Cape Canaveral on May 14th! 💰 🚀 No ticket? No Problem! 👀 We have a few extra 👀 Reply to the post and we will hook you up! buff.ly/tRaisC8

Sam @bespokebugs wanted to answer the question "can you 3D print pogo pin harnesses?" So, he ran some experiments this week to find out. Check out the blog post and grab the models to try for yourself! buff.ly/xWcWE5W #pogopin #probe #3dprinting #atredis