Neodyme
@Neodyme
We secure software with deep-dive audits, cutting-edge research, and in-depth trainings. Secure your solana program with Riverguard @ http://riverguard.io 🏞️💂
Introducing Riverguard 🏞️💂 A new security tool for Solana program deployers... 🧵 riverguard.io
🏆 Throwback to Pwn2Own Toronto 2022: "Routers are just Linux boxes with antennas." So we treated one like it. At #Pwn2Own 2022, we turned a Netgear RAX30 into a stepping stone for a full LAN pivot. Story: neodyme.io/en/blog/pwn2ow…
Once again this year, a few colleagues couldn’t resist jumping into the HTB CTF to take on experts from around the world. 💻 A great challenge with a wide range of categories. The result: 1st place in 🇩🇪 and top 3 in 🇪🇺.
We reported a vulnerability in Parallels Client via @thezdi last year. 🔥 The issue (CVE-2025-6812) - now fixed: A privileged service searched for an OpenSSL config file in an unsecured location, enabling LPE. ➡️ Advisory here: neodyme.io/en/advisories/… ☂️ Patch your systems!
🔧✨ On our company retreat this week, we're diving into hardware and protocol hacking: fingerprint sensors, smart locks, drones and Bluetooth speakers. A great mix of hands-on research, creative exploration, and team bonding over board games!🎲
🎤At 4pm today at the "Festival der Zukunft", our colleagues dive into: "Black Hat, White Hat, Cyberwar - Modern Attacks and Defense" From hacking-as-a-service to cyberwarfare, discover how attacks are evolving and what it means for digital defense. 🕵️♀️ Don't miss it!
Think your speech model is secure? It might be quietly leaking what it was trained on. In a new blog post, we explain membership inference attacks and why they matter for cyber security experts. 🔗 neodyme.io/en/blog/member…
Meet our colleagues at the "Festival der Zukunft" at @DeutschesMuseum in Munich. Don't miss our talk on July 3 at 4pm! Check it out here: 1e9.community/festival-der-z…
Cybersecurity needs more than tech, it needs people who care. ❤️ That's why Neodyme is committed to supporting Nachwuchsförderung IT-Sicherheit e.V. not just financially, but with time, energy, and heart from our team.
Congratulations to the winners of the German Hacking Championship 2025: 1️⃣ Team KuK Hofhackerei 2️⃣ Team Organizers 3️⃣ Team Boomers :-) Incredible work by all teams: 33 hours of pure teamwork, and tech brilliance. 👏
We're thrilled that Nachwuchsförderung IT-Sicherheit is organizing the @DHM_ctf 2025! 🇩🇪🧠 It's a fantastic event for the next generation of cybersecurity minds, we can't wait to see what they bring to the challenge! 💙
💥 It’s ON! The German Hacking Championship 2025 kicks off now. Top teams from across Germany and beyond are tackling tough challenges in this 33-hour CTF marathon. 🧠💻 Best of luck to all teams! 🛡️
Part 3 of our Riverguard series is out! We're looking under the hood at the "fuzzcases" Riverguard uses to catch real-world bugs in Solana smart contracts. Still shocked how often some of these pop up. Check it out 👉 neodyme.io/en/blog/riverg…
At #Pwn2Own Ireland 2024, we successfully targeted the SOHO Smashup category. 🖨️ Starting with a QNAP QHora-322 NAS, we pivoted to the Canon imageCLASS MF656Cdw - and ended up with shellcode execution. Read the full vulnerability deep dive here 👉 neodyme.io/en/blog/pwn2ow…
Day 2 at @offensive_con has just started and our colleagues Kolja Grassmann and Alain Rödel are right in the middle of it! 🔥 Can't wait to hear the insights they bring back from some of the sharpest minds in offensive security. If you're there too, make sure to say hi!
From iframes and file reads to full RCE. 🔥 We found an HTML-to-PDF API allowing file reads and SSRF - then chained it into remote code execution via a Chromium 62 WebView exploit. 👉 Read the full write-up here: neodyme.io/en/blog/html_r…
