We saw some supply-chain attacks on Linux distrubtions during #insomnihack. There an attacker would've been able to insert random code into packages. Now it seems to be the same for Fedora:
Which makes me wonder why they went through all that trouble with the XZ Utils backdoor (https://en.wikipedia.org/wiki/XZ_Utils_backdoor)? The frontdoor seems to be wide open!
Get ready for the CTF (https://insomnihack.ch/contest/) #insomnihack
@1ns0mn1h4ck
#insomnihack 2025 - keynote from Mathias Payer. I always like if a researcher presents a slide like this in 30 seconds by going over it "something, something, something" :)
But as always very interesting and eye-opening what kind of (non-)security we're relying on daily.
Insomni'hack 2025
We are happy to announce Cymulate as our Silver Sponsor.
Special thanks to the local team: Elizabeth Jeffreys, Martin Tran & Alex Kreutz!
Register here: https://insomnihack.ch/register/?utm_source=Mastodon&utm_medium=Social+Media&utm_campaign=Insomnihack+2025_Sponsor_Cymulate
Insomni'hack 2025
We are happy to welcome Swiss Expert Group SA to our Service Providers Village.
Big thanks to: Anees Qureshi, Cédric Enzler, Frédérique Hofmann & Caroline Reverchon!
Register here: https://insomnihack.ch/register/?utm_source=Mastodon&utm_medium=Social+Media&utm_campaign=Insomnihack+2025_Sponsor_Swiss+Expert+Group
Almost found an XSS, but a sanitizer got in your way? Check out our talk at #Insomnihack today!
We explain mutation-based XSS (mXSS), an advanced technique that can bypass sanitizers, along with real-world vulnerabilities and exploits.
How can an attacker take over your whole network using only your SSH public key 
?
If you are at #Insomnihack this week: Come find out in our talk about hacking the open-source bastion host JumpServer.
Heading to Lausanne for #Insomnihack? Meet our team there; we're presenting two talks:
Finding vulnerabilities in JumpServer
Bypassing HTML Sanitizers with mXSS
Excited to see you there!
Insomni'hack 2024
[SPEAKER] An Uninvited House Guest: How PROXYLIB Overstayed its Welcome on Android Devices by Lindsay Kaye
Don’t miss the opportunity to attend this conference at Insomni’hack 2024! Details and registration: https://ow.ly/Ytu350R136I
Insomni'hack 2024
[SPEAKER] Patch Different on *OS by John McIntosh
Don’t miss the opportunity to attend this conference at Insomni’hack 2024! Details and registration: https://ow.ly/rGvR50R11mI
Insomni'hack 2024
[SPEAKER] Why so optimized? by Ege Balci
Don’t miss the opportunity to attend this conference at Insomni’hack 2024! Details and registration: https://ow.ly/IpBa50QWtjA
Insomni'hack 2024
The long-awaited moment is here…
The registration for Insomni’hack 2024’s CTF is now open: https://www.insomnihack.ch/register/
As usual registration is totally FREE.
See you there on April 26th!
Insomni'hack 2024:
[WORKSHOP] Windows Attack & Defense by Clément Labro & Julien Oberson.
Don’t miss this opportunity to attend this 2-days workshop at Insomni’hack 2024! Details and registration: https://insomnihack.ch/workshops-2024/
Excited to head to Lausanne in March to present on #CTI #threatactor tracking and the problems therein for #insomnihack
https://www.insomnihack.ch/talks-2023/#GRVQEJ
