voydstack

678 posts

voydstack banner
voydstack

voydstack

@voydstack

VR @Synacktiv | CTF with @RMUBYGG, @Hexagonctf, @ECSC_TeamFrance 20/21/22/23/24

France Katılım Ağustos 2018
984 Takip Edilen2K Takipçiler
voydstack retweetledi
Seth Jenkins
Seth Jenkins@__sethJenkins·
Just derestricted a now-fixed kernel bug in Pixel 10. I think this ranks as the most easily exploited kernel bug of all time😬 Thanks to @tehjh for collab'ing on this driver and full credits for noticing this bug in the first 5 minutes of auditing😂 project-zero.issues.chromium.org/issues/4634382…
English
5
43
188
15.1K
kiddo
kiddo@kiddo_pwn·
@voydstack @freddo_1337 it was nice to meeting you! synacktiv entries seemed like different level 🤯
English
1
0
2
114
kiddo
kiddo@kiddo_pwn·
After a long rest, I’m happy to share Team DDOS (or known as KIMCHI and YOGURT 😅) got 2nd place !! My first appreciation goes to my best teammate, @freddo_1337. And congrats to all the teams - there's no doubt how much effort we all put into this! Lastly, thanks to all friends I met and chatted with there, including ZDI and researchers! Wishing you all the best after the competition 💙
TrendAI Zero Day Initiative@thezdi

$1,047,000 USD - 76 unique 0-day vulnerabilities - three days of incredible research on display. #Pwn2Own Automotive 2026 had it all: bold exploits, clever techniques, and collisions. Congrats to Fuzzware.io (@ScepticCtf, @diff_fusion, @SeTcbPrivilege), Master of Pwn with $215,500 and 28 points! #P2OAuto

English
4
2
68
7K
voydstack retweetledi
Major_Tom
Major_Tom@MajorTomSec·
Proud to finally share the write-up of our VMware Workstation escape from P2O Berlin 2025, featuring a generic bypass for Windows LFH mitigations using side-channels. I hope it will be as fun to read as it was to exploit! x.com/Synacktiv/stat…
Synacktiv@Synacktiv

At #Pwn2Own Berlin 2025, a full exploit chain against VMware Workstation was demonstrated via a heap overflow in the PVSCSI controller. Despite Windows 11 LFH mitigations, advanced heap shaping and side-channel techniques enabled a reliable exploit. 🔍 Full technical write-up 👇 synacktiv.com/en/publication…

English
1
28
191
17.6K
voydstack retweetledi
Synacktiv
Synacktiv@Synacktiv·
At #Pwn2Own Berlin 2025, a full exploit chain against VMware Workstation was demonstrated via a heap overflow in the PVSCSI controller. Despite Windows 11 LFH mitigations, advanced heap shaping and side-channel techniques enabled a reliable exploit. 🔍 Full technical write-up 👇 synacktiv.com/en/publication…
English
4
153
533
48.1K
voydstack retweetledi
Synacktiv
Synacktiv@Synacktiv·
On the podium at #Pwn2Own Automotive 2026 🥉 Synacktiv ranked 3rd in Tokyo 🇯🇵 after successful attacks on #Tesla Infotainment (USB), #Sony XAV-9500ES (USB) and #Autel MaxiCharger (NFC). 📍Next stop: Berlin!
Synacktiv tweet mediaSynacktiv tweet media
English
0
4
68
4.9K
voydstack retweetledi
TrendAI Zero Day Initiative
TrendAI Zero Day Initiative@thezdi·
The a highlight from Day 2 of #Pwn2Own Automotive, the team from @synacktiv is at it again. This time, they leverage NFC(!) to exploit the #Autel MaxiCharger with a stack-based buffer overflow. Amazing! We've never seen an NFC exploit like this one before.
English
0
7
32
6.2K
voydstack retweetledi
TrendAI Zero Day Initiative
TrendAI Zero Day Initiative@thezdi·
Confirmed! Synacktiv (@synacktiv) chained three vulnerabilities to gain root-level code execution on the Sony XAV-9500ES, earning a full win of $20,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto
TrendAI Zero Day Initiative tweet mediaTrendAI Zero Day Initiative tweet mediaTrendAI Zero Day Initiative tweet media
English
0
7
24
3.7K
voydstack retweetledi
TrendAI Zero Day Initiative
TrendAI Zero Day Initiative@thezdi·
Verified! @synacktiv chained two vulnerabilities - an information leak and an out‑of‑bounds write - to achieve a full win in the Tesla Infotainment USB‑based Attack category, earning $35,000 USD and 3.5 Master of Pwn points. #Pwn2Own #P2OAuto
TrendAI Zero Day Initiative tweet mediaTrendAI Zero Day Initiative tweet media
English
0
17
60
6.1K
voydstack retweetledi
Synacktiv
Synacktiv@Synacktiv·
Our experts will be at #Pwn2Own Automotive in Tokyo 🇯🇵 After taking 1st place in 2024 by uncovering #Tesla and automotive vulnerabilities, they’re back to explore new attack entry points! Stay tuned 🔍
GIF
English
0
2
24
7.9K
voydstack retweetledi
Synacktiv
Synacktiv@Synacktiv·
🚨 RCE in #Livewire (CVE-2025-54068)! Our specialists uncovered a critical flaw allowing remote code execution without the APP_KEY, exploiting Livewire’s hydration mechanism + PHP’s loose typing. 🔗 Patch now! (v3.6.4+) synacktiv.com/en/publication…
English
2
62
168
47.6K
voydstack retweetledi
Root-Me
Root-Me@rootme_org·
🎄 New Root-Xmas Challenge 🎄 ✨ Today, prove Santa his Christmas Gift Packager system is not that secure... 📌 Submitted by: @voydstack 🔗 Details & participation here: ctf.xmas.root-me.org Good luck to you all! 🎅
Root-Me tweet media
English
0
3
7
857
voydstack retweetledi
hypr
hypr@hyprdude·
We're back, baby! This time with 19+ bugs I reported to MediaTek over the past year + PoCs for each one! I'll also tell you a *fun* story about MediaTek's "creative" impact assessment process. They earned a spot on the naughty list this year :) Check it ⬇️
English
8
29
184
26.4K
voydstack retweetledi
Root-Me
Root-Me@rootme_org·
🎄 New Root-Xmas Challenge 🎄 ✨ Today, wish for anything you want... just make sure it’s properly formatted! 📌 Submitted by : @voydstack 🔗 Details & participation here: ctf.xmas.root-me.org Good luck to you all! 🎅
Root-Me tweet media
English
0
1
8
591

Keşfet

@tehjh @kiddo_pwn @freddo_1337 @ScepticCtf @diff_fusion @SeTcbPrivilege @Synacktiv @xarkes_