hacktive security

#exploit 1⃣. Windows Session Hijacking via COM - github.com/3lp4tr0n/Sessi… // This technique serves as an alternative to remote process injection or LSASS dumping for activities like keylogging, screenshots, or LDAP access 2⃣. CVE-2024-27822: macOS PackageKit Privilege Escalation - khronokernel.com/macos/2024/06/… // Currently, there is no patch... 3⃣. CVE-2025-67511: Tricking a Security AI Agent Into Pwning Itself - hacktivesecurity.com/blog/2025/12/1… // Command injection vulnerability in cai-framework <=0.5.9. A patched release on PyPI is not yet available... 4⃣. CVE-2025-53772: Microsoft Web Deploy RCE - github.com/sailay1996/CVE… // RCE in Microsoft Web Deploy (msdeploy) caused by unsafe deserialization of HTTP header data

🚀 We've got another CVE (CVE-2025-67511) coming out of Hacktive Security thanks to @edoardottt2 and the work done on Cybersecurity AI (CAI), framework for building and deploying AI-powered 📷 offensive and defensive automation. #AI #CyberSec hacktivesecurity.com/blog/2025/12/1…

If you are interested in using binwalk, qemu, bash/python scripting, dd, Binary Ninja, Ghidra, cross compiling and these topics, hope you will enjoy this post. #pwn2own hacktivesecurity.com/index.php/2024…

Not all stories end with the expected and hoped-for results, and this story is one of them. We’re releasing a three-part series detailing our unsuccessful #Pwn2Own 2024 attempt targeting two IP cameras. hacktivesecurity.com/index.php/2024…

(2/3) If you want to scream at your monitor for 24h and blame us, sign up for the event: play.pwnx.io/#/event/fb765f…, kindly hosted by @pwnx_official We're still collecting insults for the IFCTF23, feel free to send us your complaints. You will receive an autoreply from MarcoGPT

In collaboration with @fibonhack and @pwnx_official MOCA2024 will have its own CTF. 2 rounds: Qualifiers on July 20th and 21st Finals in person during MOCA Entries will be made at ➡️ ctftime.org/event/2293More information at➡️ moca.camp/en/capture-the…

#HacktiveSecurity, GOLD Sponsor MOCA2024 @hacktivesec: an independent consulting company with 15 years of international experience in civil and military environments providing advanced #Cyber Security services. Do you also want to be one of our sponsors? moca.camp/en/call-for-sp…

@hacktivesec is a 🏅Platinum Sponsor🏅 of No Hat 2024 , and sponsor of our open Social Event - once again! Thank you, and see you on October 19th in Bergamo, Italy! #nohat2024 #computer #security #conference #community

No Hat 2023 was a blast 🚀 With 4 tracks & over 800 attendees, it became our largest edition yet! 🔥 While gearing up for No Hat 2024 - find yourself in our 2023 wrap up! youtu.be/Iz_2dY2aEAQ?si… #nohat2023 #computer #security #conference

22/12 2° #Aperitech della #MetroOlografix Il #talk sarà tenuto da Lorenzo '@lopoc_' Cococcia e Michelangelo 'pinguin0' Morrillo ore 18:30 da @BearIT, Strada Prati 67 a #Pescara Prenota il tuo posto (è gratis!) su loading.moca.camp Sarà anche in diretta sui nostri canali

blog.hacktivesecurity.com/index.php/2023… @hacktivesec

#nohat2023 is LIVE! We warmly welcome here in #Bergamo, Italy more than 800 attendees coming from 20 countries all around the world. Enjoy! #CyberSecurity #conference

Here we are 😎 #nohat2023 @nohatcon

📢 4 Days to #NoHat2023 Computer Security Conference - FINAL call for registrations! 🚀 Registration ends Thursday night. Dive in 🔗nohat.it for all updated info! #Nohat2023 #Computer #Security #conference #Bergamo

First blood 🩸 @frevadiscor89 (C0nc0r) - Challenge: Smart-Bank - Congratulations! 🎉

First blood 🩸 gibbons (Rattedbydesign) - Challenge: REwind - Congratulations! 🎉

First blood 🩸 @nick0ve (Fibonhack) - Challenge: Autheron - Congratulations! 🎉

First blood 🩸 f1x3r (Fibonhack) - Challenge: Downfall - Congratulations! 🎉

First blood 🩸 @frevadiscor89 (C0nc0r) - Challenge: Dotconnect - Congratulations! 🎉

No Hat 23 CTF has started, we are waiting to see which team will find the first flag! 😎🍿