Olivia
Online
Kulkan Security
@kulkansecurity
Creative minds breaking your Apps. Our team of security experts will plan and execute controlled attacks and help you improve the security of your applications.
USA
Joined January 2011
199 Following
214 Followers
225 Posts
“Vibing w/Caution: A deep dive into a logic vulnerability introduced via incorrect operator use” by Lucas Lavarello from the @kulkansecurity team | Sponsors Track | #EKOMIAMI2026 💪✈️
-
“Vibing w/Caution: A deep dive into a logic vulnerability introduced via incorrect operator use” dictada por Lucas Lavarello del equipo de @kulkansecurity | Sponsors Track | #EKOMIAMI2026 💪✈️
Announcing our second talk at @ekoparty Miami! 🎙️🛡️
@veryhumansortof will break down how a single misplaced operator silently broke encryption in a library recommended by frontier LLMs, and why every SAST tool missed it.
🗓️ May 22, 1:40 PM
📍 Sponsor Track
Let's connect! 💪
Matias will walk through how two real targets were hacked from scratch: a smart display and a commercial weather station.
Want to start your journey in the hardware hacking world?
🗓️ May 21, 10:45 AM
📍 @physsec Space
Will you be there? Send us a DM and let's connect! 💪
Kulkan takes the stage at @ekoparty Miami! 🎙️🛡️
Matias Fumega will be diving into hardware security and showing how smart devices in your home are more vulnerable than you think, using nothing but cheap tools and open-source software.
Learn more. 👇
Who to follow
Anibal Sacco
@hannibals
Security researcher & @CubicaLabs Co-founder. Exploit writer, Jazz bassist, Serial mistaker.
Corelan Consulting & Training
@corelanconsult
Company behind the world-renowned #corelan exploit dev classes, by @corelanc0d3r. IT & Infosec consulting & training company.
Enciphers
@EnciphersLabs
Building Future Of Cybersecurity Learning - VantagePoint
The challenge is officially closed. 🔒
We want to congratulate everyone who cracked it, and thank all those who had the honor of meeting Eliza!
Soon we'll be announcing the winners for the conference tickets for @ekoparty Miami. 🎟️
Stay tuned!
Our team will be on the ground in Miami connecting with security and business leaders from the U.S. and LATAM, sharing our experience helping global companies strengthen their defenses through an attacker-led approach.
See you there?
Send us a DM and let's connect! 💪
The leading LATAM cybersecurity conference is writing a new chapter, heading to the U.S. for the first time. 🚀🇺🇸
And guess what? Kulkan is bringing the offensive security expertise with it, participating as an official sponsor. 🛡️
@ekoparty
ELIZA was the world's first chatbot, a 1960s program that used symbolic AI and pattern-matching to pretend it was a therapist. We brought her back.
If you identify which model is running it, you'll be entered into a draw to win a conference ticket.
👇
https://t.co/9UtU76bqkK
Kulkan is sponsoring Ekoparty Miami 🛡️🇺🇸 and we're giving away free tickets for the conference.
Guess which AI model is running our modernized ELIZA, and you could be joining us! 🎟️
Winners will be contacted by email.
How to start participating? 👇
mucho tuit sobre que Vercel hizo todo mal por el breach que tuvieron pero huele a
Read the full research to learn how to go from an open serial port to full device impersonation over MQTT: https://t.co/64qlkeFuEw
What started as a curiosity exercise ended with full device impersonation over MQTT.
The target: a Govee H8630 smart display sitting on your desk.
Here's how Matias Fumega (Security Consultant at Kulkan) got there.
Opening thread. 👇
The signature protecting OTA requests uses a hardcoded HMAC-MD5 key. The certificate and private key are encrypted with a hardcoded AES key and IV, both recovered directly from the firmware.
What do these findings unlock when combined? 👇
¡Welcome @kulkansecurity to the EKO Miami 2026! Thank you for your support as Exhibitor Light Sponsor 💪
🚀 Kulkan is a penetration testing firm with over 25 years of offensive security expertise. Based in Buenos Aires, Kulkan operates globally as a trusted security partner for multiple US organizations. Their professional team leverages their attacker mindset to uncover high-impact vulnerabilities, delivering context-aware assessments, compliance-friendly reports, and remediation support to secure Web, Mobile, and Cloud / On-Premise environments.
✅ Their team focuses on:
- Business-logic attacks: Custom attack scenarios designed around your specific use cases to uncover deep, hard-to-find issues.
- Regulatory compliance: Specialized assessments for PCI DSS, SOC 2, ISO 27001, and other industry-specific requirements.
- Manual testing: Aided by the latest technology to uncover exploitable vulnerabilities beyond automated scanning capabilities.
📌 For more information, visit >> https://t.co/bIxY3HJGzw
-
¡Bienvenido @kulkansecurity a la EKO Miami 2026! Gracias por acompañarnos como Exhibitor Light Sponsor 💪
🚀 Kulkan es una empresa de pentesting con más de 25 años de experiencia en seguridad ofensiva. Con base en Buenos Aires, Kulkan opera a nivel global como un socio de seguridad confiable para múltiples organizaciones de Estados Unidos. Su equipo profesional aprovecha una mentalidad de atacante para descubrir vulnerabilidades de alto impacto, ofreciendo evaluaciones con contexto, reportes alineados con estándares de compliance y soporte en la remediación para proteger entornos Web, Mobile y Cloud / On-Premise.
✅ Su equipo se enfoca en:
- Ataques de lógica de negocio: escenarios de ataque personalizados diseñados según casos de uso específicos para descubrir vulnerabilidades profundas y difíciles de detectar.
- Cumplimiento regulatorio: evaluaciones especializadas para PCI DSS, SOC 2, ISO 27001 y otros requerimientos específicos de la industria.
- Testing manual: apoyado por la última tecnología para identificar vulnerabilidades explotables más allá de las capacidades de escaneo automatizado.
�� Conocé más >> https://t.co/bIxY3HJGzw
📅 Ekoparty Miami I 21 y 22 de mayo 2026
🎟️ ¡Conseguí tu entrada ahora y no te quedes afuera! >> https://t.co/zeyA4yWKms
Want to learn how a curiosity exercise turned into a full device impersonation primitive?
👉 Dive into the full research: https://t.co/64qlkeFuEw
📝 In our latest blog post, Matias Fumega dives into research on the Govee H8630 smart display.
The research starts from initial UART access and ends at full device impersonation over MQTT, finding and reporting cool bugs along the way.
Find out how. 👇
The initial goal was to obtain a root shell.
Once inside, the scope expanded: firmware update endpoints, the authentication scheme protecting them, certificate storage, and the MQTT channel to Govee's AWS-hosted broker.
What makes this interesting is how these vulns chain. 👇
💡 Start validating your infrastructure with the latest industry standards. Check out the full technical breakdown and the open-source tool by Serafin Cepeda here: https://t.co/A8DJRjhorR
Email security is often a "set and forget" task until a security incident takes place. 🛡️📧
Serafin Cepeda has developed MxCheckSec to simplify the validation of SPF, DKIM, and DMARC records to ensure a secure email setup.
How does it work? 👇🧵
The tool provides human-readable output with actionable recommendations. It also provides recommendations for domains not actively used for email; a critical blind spot that leaves organizations open to impersonation attacks. 🥷
Ready to ensure your domains are properly configured? 👇
Last Seen Users on Sotwe
Cazaputas1936
Seen from Guatemala
Pakistani VIP Models
Seen from Austria
Boss tra tấn
Seen from Vietnam
Es tendencia en 𝕏
Seen from Argentina
中野もね
Seen from Korea
TristanParisxxx
Seen from United States
سكـ.ـس عربي 🔞🔥
Seen from Turkey
Meri@会える黒ギャル💜
Seen from Japan
mê se.x gay Việt Nam
Seen from Vietnam
zeen
Seen from Thailand
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers