Weekends are for the squad.

Stay secure out there!

#hacking #infosec #cybersecurity

Security Consultant Ian Briley explains how he used PowerShell Reflective Assembly Loading to get the job done when everything else was blocked.

🔗 redsiege.com/powershell-r...

#hacking #infosec #cybersecurity

Jump into the Red Siege newsletter "The Siege Stack" for April!

Our monthly collection of useful information to keep you up to date on all things offensive and cybersecurity!

redsiege.com/newsletter

#hacking #infosec #cybersecurity

Thank you Brian Donohue and Tony Lambert for taking the time to come on the WedOff to lead a fantastic discussion about RMM threats!

Next week we have @alethe.bsky.social from @bishopfox.bsky.social

See you there 🔗 redsiege.com/wedoff

#hacking #infosec #cybersecurity

You know what time it is! It. Is. Wednesday.

Join us today on The Wednesday Offensive with Brian Donohue and Tony Lambert from @redcanaryco.bsky.social. They'll be talking about RMM's and what they've seen and reported in the 2026 Threat Detection Report!

See you at 130pm ET 🔗 redsiege.com/wedoff

Want sharper hacking skills and real-world infosec insights?

Red Siege’s YouTube channel is loaded with deep dives, attack breakdowns, and hands-on security knowledge.

Check it out 🔗 redsiege.com/ytsubscribe

#hacking #infosec #cybersecurity

New edition of the SiegeStack coming soon!

Stay up to date on the latest happenings in cybersecurity, insights from industry professionals, and what we here at RedSiege have in store for you!

Subscribe 🔗 redsiege.com/newsletter

#hacking #infosec #cybersecurity

New Rowhammer attacks give complete control of machines running Nvidia GPUs GDDRHammer, GeForge and GPUBreach hammer GPU memory in ways that hijack the CPU.

Researchers unveiled three new GPU-based Rowhammer attacks (GDDRHammer, GeForge, and GPUBreach) that can flip bits in Nvidia GPU memory to gain full root access over host machines.

via @arstechnica.com

arstechnica.com/security/202...

#hacking #infosec #cybersecurity

Axios npm hack used fake Teams error fix to hijack maintainer account The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers was targeted by a social engineering campaign believed to have been conducte...

Hackers linked to North Korea used a sophisticated social engineering campaign, featuring fake Slack workspaces and a bogus Microsoft Teams “update”, to compromise an Axios maintainer’s account and publish malicious npm packages.

via @bleepingcomputer.com

www.bleepingcomputer.com/news/securit...

Here's what we've got coming up!

#hacking #infosec #cybersecurity

We are offensive, so you can stay ready.

Prepared today. Resilient tomorrow.

Happy Friday from your friendly neighborhood Red Team!

#weareoffensive #hacking #infosec #cybersecurity

Day 2 of being offensive at CypherCon! Come find us at the booth, say hi, and grab some swag before it’s gone!

#hacking #infosec #cybersecurity #cyphercon #weareoffensive

You know what time it is! It. Is. Wednesday!

🔗 redsiege.com/wedoff

Join us for The Wednesday Offensive, where our guest today is Kyle Hendrickson. Kyle is going to be talking about OpenClaw!

See you at 130pm ET for the 2nd Best Show on The Internet!

#hacking #infosec #cybersecurity

Friendly Neighborhood Reminder!

Tomorrow on The Wednesday Offensive we'll have Kyle Hendrickson talking about OpenClaw.

Join the conversation at 130pm ET 🔗 redsiege.com/wedoff

#hacking #infosec #cybersecurity

CypherCon! We'll see you soon!

TOMORROW: Catch our CEO Tim Medin talking about "Offense for Defense".

Consider this a preview of the concepts covered in our full training course🔗 redsiege.com/o4d

PS. Be sure to stop by the Red Siege booth to pick up some swag 😎

Critical Fortinet Forticlient EMS flaw now exploited in attacks Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused.

Critical bug (CVE-2026-21643) in Fortinet FortiClient EMS is already being exploited.

Unauthenticated attackers can run code via the web interface, and thousands of instances are exposed. Patch ASAP (7.4.5+).

via @bleepingcomputer.com

www.bleepingcomputer.com/news/securit...

Here's what we've got coming up this week!

#hacking #infosec #cybersecurity

VoidStealer malware steals Chrome master key via debugger trick An information stealer called VoidStealer uses a new approach to bypass Chrome's Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored in the browser.

VoidStealer is a malware-as-a-service infostealer that bypasses Chrome’s encryption by using a debugger trick to grab the browser’s master key straight from memory.

via @bleepingcomputer.com

www.bleepingcomputer.com/news/securit...

#hacking #infosec #cybersecurity

Join the Wednesday Offensive: redsiege.com/wedoff

Here's what we've got coming up!

🖥️ Join us for The Wednesday Offensive with John Askew leading the discussion.

📸 Catch Principal Security Consultant Mike Saunders at DakotaCon debuting his talk "A Photographer's Guide to Red Teaming"

#hacking #infosec #cybersecurity

WE FIGHT FOR THE USERS!

#hacking #infosec #cybersecurity

We are LIVE at INTERFACE Portland! Stop by the booth to chat and grab some swag - and be sure to catch our CEO Tim Medin at 2pm PT in Theater 1 for his talk "What the Hack is Going On?"

#hacking #infosec #cybersecurity

A big thank you to our Senior Security Consultant Justin Palk for leading such an insightful discussion today on OSINT, and to everyone who joined in and shared tips and resources!

See you next week! Same time. Same channel. 🔗 redsiege.com/wedoff

#hacking #infosec #cybersecurity

It. Is. Wednesday.

Join us today for The Wednesday Offensive, where our Senior Security Consultant Justin Palk will be leading a discussion on OSINT, including how to streamline your workflow with tools like Amass and theHarvester.

See you at 130pm ET 🔗 redsiege.com/wedoff

What do photography and red teaming have in common? More than you think.

Our Principal Security Consultant @hardwaterhacker.bsky.social is taking the stage at DakotaCon on March 27 with “A Photographer’s Guide to Red Teaming”

Plan. Observe. Execute. Don’t miss it!

🔗 dakotacon.org/index.html

Finding gold at the end of the rainbow is fun…
but finding a safe, secure network is even better.

Enjoy the festivities, wear the ridiculous hat,
and keep celebrating security done right!

Stay lucky. Stay secure.🍀🌈

#hacking #infosec #cybersecurity #stpatricksday

This Thursday! Don't miss our CEO @timmedin.bsky.social presenting "What the Hack is Going On?" at INTERFACE Portland on March 19

#hacking #infosec #cybersecurity

Stryker attack wiped tens of thousands of devices, no malware needed Last week's cyberattack on medical technology giant Stryker was limited to its internal Microsoft environment and remotely wiped tens of thousands of employee devices.

Hackers remotely wiped ~80,000 employee devices at Stryker after compromising a Microsoft Intune admin account. No malware or ransomware: attackers abused legitimate device-management tools, disrupting internal systems.

via @bleepingcomputer.com

www.bleepingcomputer.com/news/securit...