CODE WHITE proudly presents #ULMageddon which is our newest applicants challenge at https://apply-if-you-can.com/ packaged as a metal festival. Have fun 🤘 and #applyIfYouCan

Ten days left. The warm-up fades. Maultaschen were soft. Bean Beats were dark and burnt. But the beats of #ULMageddon will be brutal! #applyIfYouCan

We have reproduced "ToolShell", the unauthenticated exploit chain for CVE-2025-49706 + CVE-2025-49704 used by @_l0gg to pop SharePoint at #Pwn2Own Berlin 2025, it's really just one request! Kudos to @mwulftange

Today, CODE WHITE turns 10 🥳 Over the past decade, we've hacked our way through 120+ large corporations' defenses, caused headaches for Blue Teams, and disclosed numerous 0days to vendors. From a few motivated hackers in 2014 to an established team of 50+ today, we continuously safeguard enterprise clients with our Security Intelligence Service and are proud to make a difference 💪 #FinestHacking #PWNage

Be aware of an undocumented administrative service account in #Technicolor TG670 DSL router gateways @frycos pulled out from the hardware. Great for pivoting and seems to affect at least all devices provisioned in Italy: CVE-2023-31808 https://www.kb.cert.org/vuls/id/913565

CVE-2023-27532 in Veeam Backup & Replication is serious, expect exploitation attempts soon. Our teammate @mwulftange was able to develop an exploit just by using the exposed API.

Tnx @dirkjanm for visiting the CODE WHITE headquarters and further sharpening our RedTeamer's Offensive Azure AD skills during 3 days of technical training. Recommended!