Our ninjas identified vulnerabilities in the #BizTalk360 solution. They can be exploited from any authenticated domain user, and lead to full server compromise.
A new version is available, update your instances!
π
Based on the incidents we handled, our observations align with #ANSSI 's 2025 Cyber Threat Landscape:
π» Fewer ransomware attacks
πΊ More data exfiltrations
π‘ Discover the top 3 causes of data breaches in our infographic!
Facing a breach? Contact us: π© csirt@synacktiv.com
Attacks targeting #Kubernetes are surging in 2025 π
To tackle this, Synacktiv #CSIRT is launching a series of articles on Kubernetes forensics.
First up: understanding the underlying container technology π
www.synacktiv.com/en/node/1320
If #RBCD has been thoroughly documented, only a few resources mention the workflow in cross-domain environment.
In our new blogpost, we dive into the cross-domain and cross-forest RBCD workflows
Read it here π
www.synacktiv.com/en/publicati...
Deep dive into the provisionning an on-prem low-privileged #LLM stack, with air-gapped networking and GPU-isolation, hardened down to kernel modules.
What could possibly go wrong?
Read the full article here: www.synacktiv.com/en/publicati...
π‘ Raising awareness to improve investigations
User testimonies are invaluable during incidents - but healthy doubt matters too π
Trust & accountability help organisations better understand and resolve #cyber incidents.
π Discover our recommendations β
π© www.synacktiv.com/en/offers/tr...
Active #RDP connections can reveal the client hostname π
A key indicator for investigations & #CTI: some attackers reuse hostnames.
Traces to check: CLIENTNAME env variable & RDP printer redirection.
π‘οΈ Incident? Contact #Synacktiv CSIRT 24/7: csirt@synacktiv.com
π Want to know what you can really do with #mitmproxy?
This deep dive shows how to intercept and modify application traffic on #Linux, #Android, and #iOS - from TLS MITM to gRPC/Protobuf tampering.
Read our latest article: www.synacktiv.com/en/publicati...
π Last December, the Synacktiv #WinterChallenge 2025 took place.
π Congratulations to the 25 participants for their outstanding solutions!
π§ Read the write-up on the best techniques used to craft a constraint-compliant quinindrome: www.synacktiv.com/en/publicati...
#IT evolvesβ¦ and so do attacks. π‘οΈ
Sharpen your skills in March-April 2026 with our #cybersecurity courses: Forensic, Cloud, Active Directory & Malware Analysis.
π
Limited spots: www.synacktiv.com/en/offers/tr...
In our latest article, @niozow.bsky.social dives into the inner workings of #Windows access tokens, privileges and logon rights.
As these rights often constitute a blind spot for AD enumeration tools, the article describes our PRs to integrate them into BloodHound β¬οΈ
www.synacktiv.com/en/publicati...
π Synacktiv training courses - April 2026
Hands-on #cybersecurity courses led by #Synacktiv experts: Cloud Forensics (AWS), Azure & AD intrusion tactics.
π
March-April | Onsite & Remote
π www.synacktiv.com/en/offers/tr...
At #Pwn2Own Berlin 2025, a full exploit chain against VMware Workstation was demonstrated via a heap overflow in the PVSCSI controller.
Despite Windows 11 LFH mitigations, advanced heap shaping and side-channel techniques enabled a reliable exploit.
π www.synacktiv.com/en/publicati...
On the podium at #Pwn2Own Automotive 2026 π₯
Synacktiv ranked 3rd in Tokyo π―π΅ after successful attacks on #Tesla Infotainment (USB), #Sony XAV-9500ES (USB) and #Autel MaxiCharger (NFC).
π Next stop: Berlin!
Proud to announce that REVELΒ·IO has secured funding from @bpifrance-officiel.bsky.social under #France2030 π
With @synacktiv.com, this supports a new version to:
β‘οΈ help CERT teams automate live forensic analysis
β‘οΈ enable French & European judicial experts to perform reliable mobile extractions
Our experts will be at #Pwn2Own Automotive in Tokyo π―π΅
After taking 1st place in 2024 by uncovering #Tesla and automotive vulnerabilities, theyβre back to explore new attack entry points!
Stay tuned π
Cyber threats evolve fast - so should your skills.
In March, join our hands-on #cybersecurity training covering Linux Forensics, Cloud Forensics (Azure & AWS) and Intrusion Tactics.
β Limited seats β www.synacktiv.com/en/offers/tr...
#Cybersecurity #Forensics #CloudSecurity
From legacy WEP to WPA3-Enterprise: sharing our recent #WiFi field experiences. π‘
We detail various scenarios to better understand the risks, including WPA3 PEAP relaying & optimized online PSK brute-forcing.
β€΅οΈ www.synacktiv.com/en/publicati...
π Feb 2026: #cybersecurity training with #Synacktiv!
5&6 Feb: Kubernetes Intrusion Tactics (Paris, FR)
9&10 Feb: AWS Intrusion Tactics (Paris, FR)
9-11 Feb: Malware Analysis (Remote, EN)
16-20 Feb: Attacking Web Apps (Paris, FR)
β
Register now: www.synacktiv.com/en/offers/tr...
π¨ Pre-Auth RCE in #Livewire (CVE-2025-54068)!
Our specialists uncovered a critical flaw allowing remote code execution without the APP_KEY, exploiting Livewireβs hydration mechanism + PHPβs loose typing.
π Patch now! (v3.6.4+)
www.synacktiv.com/en/publicati...
π [Training 2026] Research & exploitation: embedded #Linux systems
5-day training on UART access, firmware analysis, QEMU emulation, fuzzing (AFL++), static analysis & persistence on compromised systems.
π On site, Paris
π«π· French
Register π
www.synacktiv.com/en/offers/tr...
π₯ Synacktivβs #CSIRT 2026 training sessions are coming!
Forensics, malware analysis, cloud investigations - all taught by our experts, available remotely or on site, in French or English.
Register π
www.synacktiv.com/en/offers/tr...
[New blog post] As part of an R&D project, @tomtombinary.bsky.social identified several critical vulnerabilities in the LAN multiplayer mode of the game Anno 1404 (released in 2009) π
Want to know more?
Read the full article on our blog π
www.synacktiv.com/en/publicati...
HID recently disclosed HID-PSA-2025-002, a critical flaw in the #ActivID Authentication Appliance 8.7.
In our new blog post, @us3r777.bsky.social and @pierregg.bsky.social break down exactly how they uncovered it, from methodology to exploitation π‘
Read it here β¬οΈ
synacktiv.com/en/publicati...
π₯ #Synacktivβs 2026 Internship Book is out!
Whether you're into pentest, reverse engineering, incident response or development, youβll find our full list of internships plus practical tips to boost your chances.
π¬ Send us your CV: www.synacktiv.com/book_stage_s...
Level up your #pentest skills in 2026 π
Join Synacktivβs hands-on trainings: from Kubernetes & cloud hacks to web app attacks & AD intrusion.
More information & registration : www.synacktiv.com/en/offers/tr...
#cybersecurity
π΅οΈββοΈ When an 'innocent' #PHP file hides a #backdoorβ¦
During an investigation on a compromised server, we came across an obfuscated PHAR stub - a classic sign of a #webshell trying to evade basic scanners.
Check out our technical analysis π
Have you ever encountered this type of βpackagedβ webshell? π¬
ππ Ready to level up your #cybersecurity skills?
Synacktivβs 2026 training programs are open for registration!
Get practical, expert-led sessions in offensive and defensive cybersecurity - online or in-person, in French or English π«π·π¬π§
π Learn more: www.synacktiv.com/en/offers/tr...
Winter is here, it's time to test your assembly skills with the #Synacktiv Winter Challenge π.
A code golf competition that guarantees hours of intense x86 instruction optimization!
π Participate here: www.synacktiv.com/en/publicati...
