Lightnews — Scholar-powered news

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 12

WOOT 2025 closing Keynote
"Escaping Cantor's Find-Fix Cycle"
by Falcon Darkstar Momot from Dartmouth College and Aiven.io

1

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 12

Last papers session "Exploit All the Things" (Chair: Cristine Hoepers)
- Soufian El Yadmani: SecurePoC—detecting malicious GitHub exploits
- Andrea Mambretti: SoK on kernel vuln discovery & auto exploit generation
- Junho Lee: BOOTKITTY—stealth bootkit-rootkit for modern OSes

1

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 12

WOOT 2025 late morning session: Application Security (Chair: Yves Younan)
- Gabriel Karl Gegenhuber: Prekey Pogo—WhatsApp handshake weaknesses
- Manuel Karl: Formula injection in real-world spreadsheets
- Jannik Hartung: PHP foot-gun case study (Best paper award !)

1 2

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 12

WOOT 2025 day 2 starts with another Physical Attacks session (Chair: A. Zonenberg):
- Valentin Huber: Deep dive into FRAM fault injection effects
- Boyapally Harishma: Side-channel reality check on ARM Cortex-A72
- Wooyeon Jo: PLC memory exploitation in industrial systems

1 2

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 11

WOOT 2025 last session today Network Security :
- Mehrdad Hajizadeh: DeepRed: AI-driven red teaming vs ML-NIDS
- Shujie Zhao: Stealth BGP hijacks under uRPF
- Anqi Chen: FUZZVPN: Hunting OpenVPN vulns

1

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 11

WOOT 2025 1st session of the afternoon, "Hacking at a Distance" with:
- Tommaso Sacchetti on large scale Bluetooth Security Testing
- Chengsong Diao: Vulnerabilities in Master Lock Smart Locks
- Seyyed Ali Ayati Acoustic Side-Channel on keyboards

1 3

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 11

WOOT 2025 schedule, all papers are now online open access:
usenix.org/conference/w...
Talks are recorded, and should be online in a few weeks.

WOOT '25 Technical Sessions

All sessions will be held in Room 611-612 unless otherwise noted.

usenix.org

8 12

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 11

First session, on hardware security:
Two talks on attacking the @raspberrypi.com RP2350 by @nsinusr.bsky.social and Andrew D. Zonenberg.
One talk on exploiting software using hardware fault injections by Zhenyuan Liu

1 5

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 11

This year artefact evaluation was mandatory! Thanks, Marcel Busch for chairing the artifact reviews!

1

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 11

Co-chairs openning remarks.

1

wootsecurity.bsky.social @wootsecurity.bsky.social · Aug 11

WOOT 2025 Conference starting in Seattle.
The program prepared by @noopwafel.bsky.social and @naehrdine.bsky.social includes sessions on hardware security, wireless attacks, network security.
And tomorrow physical attacks, application security.
And Keynote by Falcon Darkstar Momot

2 2 4

wootsecurity.bsky.social @wootsecurity.bsky.social · Jul 17

Discounted early bird registration for WOOT '25 is still open until Monday - www.usenix.org/conference/w... - join us in Seattle on Aug 11/12 (right before USENIX Security) for talks and discussions on great cutting-edge offensive security research. Full program at www.usenix.org/conference/w...

WOOT '25 Technical Sessions

www.usenix.org

1 5 3

wootsecurity.bsky.social @wootsecurity.bsky.social · Jul 6

Planning to attend WOOT this year? (Seattle on Aug 11/12!) Bring demos or posters of your latest or upcoming offensive security work, or give a lightning talk! Submissions are open and very lightweight (just a couple of sentences will do) - details at www.usenix.org/conference/w...

WOOT '25 Call for Lightning Talks, Demos, and Posters

www.usenix.org

wootsecurity.bsky.social @wootsecurity.bsky.social · Jun 19

Zonenberg et al. extract its one-time programmable memory through passive voltage contrast 🔬 using a focused ion beam ⚡: www.usenix.org/conference/w...

Extraction of Secrets from 40nm CMOS Gate Dielectric Breakdown Antifuses by FIB Passive Voltage Contrast | USENIXusenix_logo_notag_white

www.usenix.org

1 2

wootsecurity.bsky.social @wootsecurity.bsky.social · Jun 19

Two winners of the RP2350 Hacking Challenge will present their results at WOOT!

Muench et al. break its secure boot guarantees through voltage, electromagnetic, and laser fault injection 💥 techniques: www.usenix.org/conference/w...

Security through Transparency: Tales from the RP2350 Hacking Challenge | USENIXusenix_logo_notag_white

www.usenix.org

1 3 7

wootsecurity.bsky.social @wootsecurity.bsky.social · Jun 11

The WOOT 2025 conference lineup is live! 👀

www.usenix.org/conference/w...

WOOT '25 Technical Sessions

www.usenix.org

wootsecurity.bsky.social @wootsecurity.bsky.social · Jun 9

Want to go to WOOT and learn about the latest hardware & software attacks? Registrations are now open!

If you can't afford traveling ✈️ to Seattle on your own and need financial support for a ticket, apply for a grant until July 7: www.usenix.org/conference/w...

WOOT '25 Grant Opportunities

www.usenix.org

3 2

Reposted

wootsecurity.bsky.social @wootsecurity.bsky.social · Mar 10

Reviewer 2 just rejected your latest offensive security paper? Or didn't submit it anywhere yet? There's still more than a day left to (re)submit to USENIX WOOT '25 and get reviews from a community who will appreciate all those clever hacks, weird bugs 👾 and fun exploits! woot25.usenix.hotcrp.com

WOOT '25

woot25.usenix.hotcrp.com

8 8

wootsecurity.bsky.social @wootsecurity.bsky.social · Mar 10

Reviewer 2 just rejected your latest offensive security paper? Or didn't submit it anywhere yet? There's still more than a day left to (re)submit to USENIX WOOT '25 and get reviews from a community who will appreciate all those clever hacks, weird bugs 👾 and fun exploits! woot25.usenix.hotcrp.com

WOOT '25

woot25.usenix.hotcrp.com

8 8

Reposted

jiska @naehrdine.bsky.social · Mar 9

Have some hackademic research you'd love to see published as a paper? Submit it to WOOT 📝

Looking forward to your submissions!

wootsecurity.bsky.social @wootsecurity.bsky.social · Feb 28

Only a week and a half left for USENIX WOOT '25 conference submissions - deadline March 11 AoE. We’re looking forward to seeing even more of your amazing offensive security papers this year! And still a few days for up-and-coming track (March 4). CfP at www.usenix.org/conference/w...

1 6 5

wootsecurity.bsky.social @wootsecurity.bsky.social · Mar 9

Deadline approaching soon, get your submissions ready!

wootsecurity.bsky.social @wootsecurity.bsky.social · Feb 28

Only a week and a half left for USENIX WOOT '25 conference submissions - deadline March 11 AoE. We’re looking forward to seeing even more of your amazing offensive security papers this year! And still a few days for up-and-coming track (March 4). CfP at www.usenix.org/conference/w...

wootsecurity.bsky.social @wootsecurity.bsky.social · Feb 28

Only a week and a half left for USENIX WOOT '25 conference submissions - deadline March 11 AoE. We’re looking forward to seeing even more of your amazing offensive security papers this year! And still a few days for up-and-coming track (March 4). CfP at www.usenix.org/conference/w...

10 5

wootsecurity.bsky.social @wootsecurity.bsky.social · Feb 11

USENIX WOOT '25 submissions are due March 11. One month to go - still plenty of time to write a paper about your latest fun offensive security research! Or if you want more guidance to get a paper into shape, up-and-coming track deadline is March 4. CfP at www.usenix.org/conference/w...

WOOT '25 Preliminary Call for Papers

www.usenix.org

8 8