Olivia
Online
anyfun
@_Anyfun
@synacktiv
Joined October 2011
1.2K Following
374 Followers
44 Posts
[ZDI-25-1039|CVE-2025-12686] (Pwn2Own) Synology BeeStation Plus auth_info Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVSS 9.8; Credit: @Tek_7987 and @_Anyfun (both working @Synacktiv)) https://t.co/hT5VE3F15z
At #Pwn2Own2025, our experts @Tek_7987 & @_Anyfun remotely compromised a Synology Beestation Plus via a pre-auth exploit, leading to full system takeover.
The vuln is now tracked as CVE-2025-12686 🔍
🔗 Full write-up: https://t.co/Nf5qyl6Uhg
A big shout-out to the @Synacktiv team for their strong performance at the latest #Pwn2Own competition in Cork!
They proudly secured third place overall 👏
Next stop: Tokyo for the upcoming edition 🇯🇵 👀
More details on the targets and participants here ℹ️
https://t.co/DkKfKZ4mU9
Congrats to @Tek_7987 and @_Anyfun for landing the first successful entry at #Pwn2OwnCork - exploiting a stack overflow on @Synology BeeStation Plus for $40,000 and 4 Master of Pwn points in the process 💥
Let’s keep pushing 💪
#P2OIreland #Synacktiv
Who to follow
Cyrille HERBY
@cyssboy
Touche à tout : Python, PHP, Java, AD, Firewall, CCNA, ITIL, Kali, Metasploit, Wireshark, IDA, GDB...
mais aussi musicien (accordéon, batterie, percu...)
pappy
@fredraynal
CEO @Quarkslab / ex-SSTIC, MISC, security and information warfare / Love when a plan comes together
galadrim
@g4l4drim
oldschool freestyle stunt hacker. RT != endorsement, make your own mind
Awesome!
🐝 Third time’s the charm for @Tek_7987 & @_Anyfun from @Synacktiv, who just stung the BeeStation Plus with a successful exploit. They're off to the disclosure room to explain how it happened. #Pwn2Own #P2OIreland
Let’s go!
The schedule for #Pwn2Own Ireland is now live! 53 entries from 25 teams over three days of excitement and pwnage. We'll be updating the schedule with live streaming information as we get them set up. https://t.co/wFKRtsqxjp #P2OIreland
Userland iOS aficionados, I released a simple IDA plugin that should improve your Objective-C experience.
For now it removes ARC function calls in decompiled code (eg objc_retain) and helps listing candidate callers to a method. Check it out at https://t.co/SvvIOWarRb
Gunshots pierce the night as a Tesla speeds away... lead the hunt for a covert criminal group in this year's @sstic challenge! We worked hard to design unique and thrilling puzzles. Join the chase starting today 16:00 GMT+1 at https://t.co/sKCakn6vXX !
Take the time to read our new #PluginFocus article. In this blog post, Arnaud Gatignol (@_anyfun) and Julien Staszewski (@_0perator) from the @thalium_team introduce ida kmdf, a tool that helps with your KMDF driver analysis. Read more 🌐 https://t.co/X7OFto3GI4
#idapro
Pensée pour Florent, Romain, Tristan, Baptiste, Guillaume et l’inévitable Valentino, tous restés au bercail en nous confiant un joli petit exploit.
Just leaving Toronto and pwn2own! What a blast we've had with Maxime T.
Very good collective work @thalium_team
https://t.co/WXw8ZryycS
Proud of our #teamThales who were able to execute their exploit on the QNAP TS-464; We were delighted to participate to #PWN2OWN and hope to return next year for a new challenge!✅
As a treat before next week's talk at OffensiveCon by Guillaume & Quentin, here is an introduction to our recent findings on KSMBD. Enjoy, and see you in Berlin to all #OffensiveCon23 attendees!
@offensive_con
https://t.co/jKsnK71RKU
🛰️@esa has organised an unprecedented takeover of a demonstration satellite.
The @thalesgroup's offensive #cybersecurity team took up the challenge by identifying vulnerabilities that could disrupt the operation of #ESA's satellite.
#CYSAT
https://t.co/V0i88knbXZ
Abusing Linux In-Kernel SMB Server to Gain Kernel Remote Code Execution by @guteissier and @laomaiweng https://t.co/3Jcbdf19eo
@hexacon_fr https://t.co/wTzVdPX5FL
👀👀👀👀👀👀 https://t.co/MBHrL8VoWC
Upcoming batch of vulnerabilites on Linux & Canonical, stay tuned for details ...
@zeewox Cool write-up! Thanks for sharing :)
Last Seen Users on Sotwe
풍풍
Seen from Korea
mesyachan
Seen from Singapore
HAkAN
Seen from Germany
在这种牛牛子
Seen from Netherlands
YUN
Seen from Korea
Asupan Harian
Seen from Germany
Pareja_Iniciándose
Seen from Mexico
Brazilian Man's Feet 
Seen from Brazil
Keong G3mbul
Seen from Indonesia
Head & Backshots 😘
Seen from South Africa
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.1M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers