You can read our latest blog at

All I want for Christmas is U(RL handlers not vulnerable to RCE)... AmberWolf has published information about CVE-2024-12908, a Remote Code Execution vulnerability in the Delinea Secret Server Protocol Handler. You can read our blog & PoC here:

CVE-2024-5921 is a Remote Code Execution and Privilege Escalation vulnerability in Palo Alto Global Protect, which is also exploitable using NachoVPN. Our full technical write up is available here:

RT @buffaloverflow: Heres the slides from our HackFest Hollywood talk.. We shared details on a new Palo Alto 0day and provide some tips on…

AmberWolf is hiring experienced Red Team operators! Join our fun, supportive team if you have (or have had) CCSAS/CCSAM certs and a passion for delivering world-class engagements. Apply now: #hiring #RedTeam

The slides for @buffaloverflow and @johnnyspandex's "Very Pwnable Networks: Exploiting the Top Corporate VPN Clients for Remote Root and SYSTEM Shells" are now available on our GitHub: #hackfest

RT @jon__reiter: Richard and David from @AmberWolfSec speaking about Very Pwnable Networks: Exploiting the Top Corporate VPN Clients for R…

45 minutes until AmberWolf researchers David Cash and Richard Warren present their research "Very Pwnable Networks: Exploiting the Top Corporate VPN Clients for Remote Root and SYSTEM Shells". You can register to watch live for free at

🚨New Vulnerability: Authenticated RCE in Ivanti Connect Secure (CVE-2024-37404). Discovered by @buffaloverflow , this exploit grants root access via RCE. Read about the discovery, exploit method, and vendor mitigations here:

Today, we released details for CVE-2024-45488, an authentication bypass in Safeguard for Privileged Passwords dubbed "Skeleton Cookie" We explain how we discovered it, provide scripts to check vulnerability, and show how it could lead to RCE on the server.

🚨AmberWolf Security Researchers have discovered an auth bypass vulnerability in One Identity Safeguard for Privileged Passwords (CVE-2024-45488), allowing attackers full access to the Password Safe. Summary on our blog: Full technical blog coming soon!

RT @buffaloverflow: Authentication bypass in Safeguard for Privileged Passwords, discovered by @johnnyspandex and myself Advisory from @Am…

Delighted that Richard Warren and David Cash will be presenting "Very Pwnable Networks: Exploiting the Top Corporate VPN Clients for Remote Root and SYSTEM Shells" at #SANSHackFest in October!

AmberWolf researchers Richard Warren and David Cash found high-risk vulnerabilities in Cato Client, including remote code execution and SYSTEM privilege escalation. Learn more in our blog series: #vulnerability