This is the Twitter channel of VCSLab - the research team of Viettel Cyber Security
Joined August 2021
- Tweets 119
- Following 27
- Followers 3,150
- Likes 209
15 Photos and videos
VCSLab retweeted
That's a wrap on Pwn2Own Berlin 2026! 🏆 $1,298,250 awarded. 47 unique 0-days. 3 days of absolute chaos. And talk about main character energy - congrats to DEVCORE for claiming Master of Pwn with 50.5 points and $505,000 - they never slowed down. See you next year! #Pwn2Own #P2OBerlin
21
96
685
81,779
VCSLab retweeted
Another collision! Although successful on stage, @rewhiles of Viettel Cyber Security (@vcslab) targeting Anthropic Claude Code in the Coding Agent category used a bug that was previously known to the vendor. They still earn $20,000 and 2 Master of Pwn points. #Pwn2Own #P2OBerlin
19
129
20,548
VCSLab retweeted
Locked in! Le Duc Anh Vu (@vulda17) of Viettel Cyber Security (@vcslab) exploited Cursor, earning $30,000 and 3 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin
1
12
120
7,376
2025 has seen many great web security findings.
Honored that @_l0gg's SharePoint ToolShell pre-auth RCE (CVE-2025-53770) is nominated for @PortSwigger Top 10 Web Hacking Techniques 2025.
If you're in the community, your vote would mean a lot: portswigger.net/polls/top-10…
Thanks!
1
15
1,074
VCSLab retweeted
23 Oct 2025
We have another collision. Team Viettel used two bugs to exploit the Lexmark CX532adwe. While their heap based buffer over was unique, the other bug has been seen earlier in the contest. They still earn $7,500 and 1.5 Master of Pwn points. #Pwn2Own
2
15
5,829
VCSLab retweeted
23 Oct 2025
Confirmed! namnp of Viettel Cyber Security used a crypto bypass and a heap overflow to exploit the Phillips Hue Bridge. They earn $20,000 and 4 Master of Pwn points, which catapults them in the Top 5. It also puts us over $1,000,000 for the contest! #Pwn2Own
2
33
8,000
VCSLab retweeted
22 Oct 2025
Another confirmation! Dinh Ho Anh Khoa (@_l0gg) and Phan Vinh Khang (@pivik_) of Viettel Cyber Security used a unique command injection and two bugs that collided with previous bugs to exploit the Home Automation Green. They earn $12,500 and 2.75 Master of Pwn points. #Pwn2Own
6
68
12,128
VCSLab retweeted
22 Oct 2025
🏠Boom! @ViettelCyberSec kicks off Day 2 of #Pwn2Own Ireland as they slip past the @home_assistant Green’s defenses! Smart home, smarter hack. They head off for the first disclosure of the day. #P2OIreland
3
17
3,701
VCSLab retweeted
24 Jul 2025
Our researcher Khoa Dinh just published his findings for ToolShell
Check it here
Blog for ToolShell
Disclaimer: The content of this blog is provided for educational and informational purposes only.
blog.viettelcybersecurity.co…
#SharePoint #ToolShell
1
6
1,003
VCSLab retweeted
24 Jul 2025
🚨 VCS warns of active attacks on a critical SharePoint vuln we first discovered & reported.
Hackers can bypass auth & take over on-prem servers.
📌 Read our guidance: prevention, detection, hunting & more.
viettelsecurity.com/microsof…
4
15
2,121
🌟 Huge shoutout to our brilliant researcher @_l0gg for discovering the critical SharePoint vulnerability at Pwn2Own Berlin!
🔍 His in-depth analysis of the widely exploited ToolShell flaw is a must-read for the cybersecurity community.
Blog for ToolShell
Disclaimer: The content of this blog is provided for educational and informational purposes only.
blog.viettelcybersecurity.co…
#SharePoint #ToolShell
4
733
🚨 Shocking impact from the SharePoint vulnerability we found at Pwn2Own! 😱
Despite our efforts to patch it 🤝, many systems are still at risk ⚠️. Secure yours now! 🔒 Details: blog.viettelcybersecurity.co…
1
9
37
5,384
Viettel Cyber Security Press Release for Customer alert, Latest research and Recommendations.
Blog is comming
viettelsecurity.com/microsof…
#SharePoint #ToolShell
4
26
3,149
VCSLab retweeted
16 May 2025
That brings Day Two of #Pwn2Own Berlin. So far, we have awarded $695,000 for 20 unique 0-days. STAR Labs has a commanding lead in Master of Pwn points and seem untouchable. Tune in tomorrow for the final day to see how it ends!
8
59
5,920
Blockbuster from @_l0gg Congratulation 🥳🥳🥳
16 May 2025
Confirmed!! Dinh Ho Anh Khoa (@_l0gg) of Viettel Cyber Security combined an auth bypass and an insecure deserialization bug to exploit #Microsoft SharePoint. He earns $100,000 and 10 Master of Pwn points. #Pwn2Own #P2OBerlin
9
781