50 Shades of Purple: Mastering the Art & Science of Purple Team Evolution
by: Pengfei "BigZaddy" Yu

Remember when we thought putting red & blue teams in the same room was revolutionary? Yeah...about that. After spending quite sometime in the trenches implementing purple teams across various sectors, I've collected enough failures and unexpected wins to piece together what actually works. Trust me - it wasn't pretty at first, but those hard lessons led to something valuable. My talk ""50 Shades of Purple"" gets right to the heart of the matter. I'll break down why most ""purple team"" exercises fail to deliver real value (hint: it's not the tools), then walk through the 4-phase methodology I developed through painful trial & error - and more importantly, how we transformed that initial framework into a continuous, integrated process that actually keeps pace with today's threats. We'll explore:

- How we evolved from one-off exercises to a continuous validation ecosystem
- The emergence of ""Continuous Purple Teaming"" as a game-changer
- The good/bad/ugly of manual vs automated testing (& when each makes sense)
- Measuring stuff that executives actually care about
- The path toward Adversarial Exposure Validation (AEV) - Gartner's term for the next evolution in security validation that's transforming how we approach defense

Whether you're struggling with your first purple team exercise or trying to convince leadership why your existing program needs more investment, this talk delivers concrete next steps. No silver bullets or vendor pitches - just honest lessons from someone who's screwed this up enough times to finally get it right.

(P.S. Yes, I know the title is a terrible pun. No, I'm not sorry.)

AI As Your 6th Man: Your Red Team Operator Off-the-Bench
by: ar33zy

Incorporating AI in Cybersecurity has been most prominent in blue team practices, enhancing defensive workflows through automation, from anomaly detection and log analysis to report generation. With vast amounts of data handled and daily repetitive tasks, these cases align well with the concept of AI assistance. However, this AI-driven mindset is also becoming relevant to red teaming, focusing on enhancing speed and adaptability during red teaming engagements.

In this presentation, we will explore how AI can effectively support red team workflows by automating the preparation stage of the pipeline, focused on developing certain outcomes, such as infrastructure setup, scripting, and social engineering prompts. We present real-world use cases demonstrating AI's value in executing these tasks, while addressing the challenges and limitations in accuracy where the operator's expertise is still essential.

Furthermore, we will also deal with the things to consider when making AI your red team companion, with an emphasis on prompt handling and ethical considerations. Based on direct experience of integrating AI into red teaming engagements, our insights will provide a balanced view of AI's role, not as a replacement for human operators, but as a supporting 6th man that enhances efficiency and adaptability within red team operations.

AI-Augmented Threat Detection in the Cloud: Lessons from Building Prowler
by: Sergio "@MrCloudSec" García

With the rapid growth of multi-cloud environments, traditional detection methods fall short against modern threat landscapes. As both attackers and defenders adopt AI, how do we stay ahead without falling for hype?

In this talk, I’ll share real-world strategies to augment cloud threat detection using both open source tools and AI. As a founding engineer of Prowler, one of the most widely used open-source cloud security tools, I’ll walk through how we’ve started integrating AI to:

- Prioritize risks based on context and exploitability
- Detect anomalies across AWS, Azure, and GCP
- Automate triage and remediation suggestions
- Reduce noise in security findings and enhance analyst workflows

This session is highly practical, and grounded in real-world deployments, open-source tools, and the challenges we’ve faced scaling security in cloud-native environments. If you're curious how AI is really reshaping cloud defense, this is your talk.

AI-Orchestrated Penetration: Adapting Attacks in Real Time
by: YI TING SHEN

Explore the cutting edge of offensive security with an AI-orchestrated Hacking framework that adapts attacks in real time.

This session showcases a system where AI selects and coordinates tools to target vulnerabilities dynamically, responding to live feedback from target systems. Join us for a live demo to see the AI’s decision-making process in action, and learn how this evolution in attack strategies shapes the future of cybersecurity defense.

AstroTrap: A Deceptive Satellite Gateway Simulation
by: Vismit Rakhecha(Druk)

As satellites increasingly underpin critical infrastructure from navigation to communication they’ve also become attractive targets for cyber threats. This talk introduces AstroTrap, an innovative open-source framework that bridges this gap by simulating a vulnerable satellite gateway within a self-healing honeypot environment. AstroTrap emulates satellite control endpoints, uplinks, and telemetry APIs to lure attackers, while autonomously detecting, trapping, and recovering from intrusions in real time.

This presentation will walk through a live demonstration of simulated cyberattacks, showcasing how the framework logs attacker behavior, mitigates service disruption. Attendees will gain actionable insights into deploying low-cost, adaptable satellite security labs, democratizing access to critical infrastructure protection.

CLR DLL Side-Loading, a secret technique used by APT41
by: Georgy Kucherin

APT41 is a sophisticated Chinese-speaking threat actor that has been targeting high-profile organizations around the world for more than a decade. Campaigns of this APT have always been regarded as astonishing, as they commonly involve use of complex implants and unique infection techniques.

While researching activities of APT41, we identified a peculiar series of attacks conducted by this actor. It turned out that these attacks had one unique detail in common, as they involved use of a highly interesting defense evasion technique. It has not been previously observed in the wild, and we dubbed it CLR DLL Side-Loading.

As the name of this technique suggests, it allows to side-load malicious DLLs into legitimate processes managed by the CLR environment that is used for running code in languages such as C#, PowerShell or Visual Basic. As we found out, CLR DLL Side-Loading is different from the traditional and well-known DLL Side-Loading technique in a way that it is has less limitations. Unlike the traditional technique, CLR DLL Side-Loading can be leveraged to abuse trusted system libraries, such as ntdll.dll. Furthermore, with this technique, the malicious DLL does not need to be stored in the same folder as the legitimate executable – thus making it more difficult for security solutions to detect side-loading.

In our talk, we firstly provide information on the discovered attacks: we discuss how the observed targets have been infected, describe the detected malicious implants, as well as explain their attribution to APT41. Then we dive into the internals of CLR DLL Side-Loading and detail how it is able to break the above-mentioned limitations of the traditional DLL Side-Loading technique. Afterwards, we demonstrate the wider implications of the discovered technique: as we have found out, it can be used not just to load DLLs into processes, but also establish persistence in interesting, undocumented ways, and even interfere with operations of security solutions. Finally, we conclude the discussion of this technique by stating how developers can prevent their software from being abused with it.

Hijacking AI Agents: Attacks, Abuses, and How to Fight Back
by: Rakesh Seal

As Large Language Models (LLMs) evolve into autonomous agents with memory, tool-use, and goal-driven planning, a new class of AI application has emerged: Agentic AI. These agents go beyond static prompting. They reason, act, and adapt dynamically, often with access to real-world APIs, internal documents, external knowledge bases etc. Increasingly, organizations are integrating such agentic AI systems into their public-facing websites and SaaS platforms - often as support bots, task assistants, or productivity agents designed to operate within tightly scoped, goal-oriented contexts. But what happens when this autonomy becomes a security liability? In this talk, we will present a security-focused exploration of Agentic AI systems as deployed in the wild. One of our novel contributions is the concept of Knowledge Base Hijacking. Unlike traditional prompt injection that influences outputs directly, this technique plants session based persistent influence that bypasses the agents initial guardrails. With the right manipulations, the agents can be coerced into answering questions far beyond their intended scope. In addition, we uncover how malicious actors can abuse public-facing Agentic AI systems, to get answers to queries without paying for their own LLM resources. By manipulating the agent’s objectives or task instructions attackers can offload expensive inference or querying to someone else's AI infrastructure, effectively freeloading compute. This includes techniques such as goal hijacking, clever context switching, and output redirection. In this talk We also briefly touch upon broader threats, including:

- Prompt Injection and chaining to exploit underlying model behaviour
- Sensitive Information Leakage, where agents reveal sensitive task logic, memory traces, or instructions
- Resource Draining, where recursive planning or misused tool invocations cause excessive API calls or compute usage
- Denial-of-Service (DoS) vectors, where agents can be driven into loops or expensive tasks repeatedly


Our research spans multiple open-source and even enterprise grade agents - such as OpenAI, Grok, Gemini. We demonstrate that even companies with good intentions and modern LLMs are vulnerable — because security thinking hasn't caught up with the orchestration layer. We found a lot of small startups and SaaS platforms exposing agentic behaviour via public websites without sufficient guardrails. This field remains largely uncharted. While the AI research community is focused on model alignment, robustness, and safety, the rise of Agentic AI introduces new risks at the application level that aren't being adequately addressed. As the pressure to integrate LLMs into production rises, so does the risk surface. The talk will include:

- The architecture of Agentic AI systems and attack vectors.
- Our discovery and classification of Knowledge Base Hijacking.
- Real-world case studies of AI agents we successfully manipulated or abused.
- Demonstrations showing attacks on public agentic interfaces (masked names).
- Defensive strategies to secure Agentic AI - including context validation, sandboxed execution, throttling logic, memory hygiene, and logic-aware guardrails.

This talk is for red teamers, security engineers, AI developers, and decision-makers integrating LLMs into production systems. We’ll make the case that Agentic AI is not secure by default — and unless defences evolve fast, these systems will become the next critical blind spot in enterprise security.

Lights Out and Stalled Factories: Real-World Modbus Exploitation in Industrial Control Systems Using MATRIX
by: Karl Biron

Industrial Control Systems (ICS) remain a high-value target for attackers due to legacy protocols like Modbus, which lack fundamental security features. This paper presents MATRIX (Modbus Attack Tool for Remote Industrial eXploitation), a custom-built offensive security tool designed to simulate and demonstrate real-world Modbus-based cyberattacks in critical infrastructure environments.

MATRIX enables in-depth adversarial testing with capabilities including unauthorized read operations, coil and register manipulation, passive sniffing, replay attacks, denial-of-service, and malicious slave response injection. Each module is crafted to illustrate the operational impact of successful exploitation, bridging the gap between theoretical vulnerabilities and their practical consequences.

Complementing the attack simulations is an OSINT-driven reconnaissance effort that includes Shodan-based global heatmaps of Modbus server exposure, detection of a real Modbus system, and identification of ICS honeypots in the wild. These findings align with insights from my prior IEEE peer-reviewed publication, which ranked Modbus among the most frequently targeted ICS protocols based on honeypot and darknet data analysis.

The presentation will offer live demonstrations of attacks against simulated industrial setups, highlighting how simple protocol-level exploits can cause device manipulation or downtime in operational environments. By combining academic rigor with practical execution, this work aims to raise awareness of Modbus protocol weaknesses and provide defenders with a deeper understanding of the risks and countermeasures associated with insecure ICS deployments.

Lying Lazarus? Or Are We Just Lying to Ourselves? - Understanding DPRK’s Cyber Capabilities
by: Aaron Aubrey Ng

The Democratic People’s Republic of Korea (DPRK) represents one of the most enduring and challenging threats in cyberspace to nation states and private sector companies today. Over the past two decades, DPRK’s cyber capabilities made consistent progress at a rapid pace and continuously evolves with sophistication. Since the pivotal moment in 2013, when Kim Jong-Un declared “cyberwarfare, along with nuclear weapons and missiles, as an All-Purpose Sword (마능의 보검) that guarantees our military’s capability to strike relentlessly”, DPRK has employed offensive cyber operations for an expansive spectrum of objectives. From engaging in DDoS attacks to destructive wiper attacks, political and economic espionage campaigns, to an ever evolving repertoire of financially motivated revenue generation operations, cyber is a key lever of state power wielded to achieve the Kim regime’s strategic priorities.

Since the end of WWII, DPRK remains a totalitarian, closed country, and is considered the most reclusive government in the world. In intelligence parlance, this is a denied area, often requiring significant clandestine government-grade collection capabilities to achieve a very limited understanding of the inner workings of the DPRK state. This status quo holds true with regard to understanding DPRK’s cyber capabilities. For this primary reason, many of the prolific DPRK cyber operations including Dark Seoul, Ten Days of Rain, the Sony Picture Entertainment Hack, the Bangladesh Bank Heist, and WannaCry have been attributed to the “Lazarus Group”. Over time, Lazarus became the mainstream term to refer to the hacking arm of the DPRK government. Due to the dearth in collection coverage, many security researchers stuck with the Lazarus label when attributing DPRK’s intrusions and campaigns, resulting in ambiguity and confusion when others attempt to understand DPRK’s cyber capabilities. Understanding the different institutions within this secretive hermit nation and how they continue to evolve and share resources is paramount in enabling organisations in proactively defend against the DPRK threat.

In that spirit, this presentation will unveil the organisations and structures responsible for DPRK’s cyber operations, offering participants accurate insights into the respective DPRK cyber units. The presentation also examines the evolutionary arc of the DPRK’s offensive cyber program, revealing how the DPRK is dynamically leveraging their cyber capabilities to adapt to their changing geopolitical and economic circumstances. Importantly, the presentation will offer the participants with a current understanding of recent DPRK operations and their respective tactics, techniques, and procedures (TTPs) so as to win the fight against the Adversary.

Oops, I Hacked It Again: Tales and disclosures
by: Ignacio Navarro

Breaking into supermarket systems, ticketing platforms, and more. I’ll share some of my latest hacking stories, showing how I found the vulnerabilities, reported them, and collaborated with the companies. We’ll dive into tools, the challenges of disclosure, the importance of being “ethical”, lessons learned and how these experiences help improve security and build trust between hackers and organizations.

Description The talk is divided into 6 chapters. In the first one, I’ll relate what an Ethical Hacker is and what he does, and I’ll also prepare the audience for the upcoming hackings tales.

Chapter 2: Hacking tales. In this chapter I’ll talk about different ethical hacker stories that happened to me recently. Each story will have the technical part about how I exploit it and what I can do in the system, the way that I communicate it to the company and their responses.

The first story is about a large supermarket chain. After escalating in some web servers and getting root access, I had read/write access to the customer and employee database and was even able to modify product prices among other things. The second one is about a ticket sales and distribution company. The results were similar, getting all the tickets, customers and employees, being able to generate some free tickets and getting admin access. But the way to get access was different, and the response from the company was the best, ending in a request for pentesting and a security talk to the entire company. A transportation company, after some idors and business logic vulnerabilities were able to get all tickets, user data and generate free tickets. The last tale, an e-commerce platform that allows businesses to create and manage their online stores: A bunch of exposed files, some .js files with the body of apis. After reading some code, we were able to login as any user in any business(Insurance, airlines, banks) including some CEO accounts.

Chapter 3: In this chapter I’ll dive into the different tools(90% open source) that I use on a daily basis, methodologies and the most common mistakes that we can find.

Chapter 4: Different types of disclosure. I’ll explain why this is important, from the point of view of hackers, companies and the community. Below I’ll show the way I always present my reports, following the examples used by my friends and others. Also, in this chapter I'll show the normal responses from the companies and the way to handle it, cause in some cases it can be frustrating and even threatening. To close the chapter I’ll talk a bit about BBP and VDP.

Chapter 5 will discuss the impact we can get from good feedback from companies, seeing how more companies have improved their security posture and relationship with hackers. Also, perhaps the most important part, personal growth, recognition and learning new methods/attacks in a real world scenario.

Chapter 6: Ending and conclusions. Part of the takeaways are to encourage new generations to do ethical hacking and help generate a good relationship between hackers and companies. The idea of ​​promoting the ""ethical"" part arises because unfortunately every day we see more cybercriminals selling user data and other confidential information of third parties. We have a responsibility to educate, identify and work on security vulnerabilities.

Outline
- Introduction
- Whoami
- Disclaimer
- What's an “ethical hacker”?

- Hacking tales
- Large supermarket chain
- Tickets sales and distribution company
- Transport company
- E-commerce platform

- Essentials
- Tools
- Methodology
- Common mistakes

- Disclosures
- Types
- Why is it important?
- My way to report
- Other ways to report
- Handling responses from companies
- BBP/VDP

- Impact of ethical hacking
- Feedback from companies who I hacked
- Encouraging others to get involved in ethical hacking

- Conclusions
- Takeaways
- Q/A

Practical Hacking to RFID
by: Dennis Goh

Malaysia's Touch 'n Go RFID system powers millions of toll transactions daily – but what if an attacker could silently inflate a card's balance to any value? This talk exposes critical vulnerabilities in a key national payment infrastructure, demonstrating a full practical exploit chain against the Touch 'n Go card using accessible RFID research tools.

We dive deep into the hands-on reverse engineering process: capturing card communication, analyzing proprietary protocols, and uncovering the cryptographic (or algorithmic) flaws enabling arbitrary balance manipulation. See a live demo where we weaponize this research to top up a card with any desired value – no physical theft or complex hardware required.

Beyond the spectacle, this session delivers critical insights for:

Red Teams & Pentesters: Methodology for attacking proprietary RFID systems – signal analysis, protocol fuzzing, and algorithmic reverse engineering.

Security Researchers: Understanding systemic flaws in closed payment ecosystems and credential design.

Defenders & Architects: Concrete mitigation strategies – from cryptographic best practices to transaction anomaly detection – to harden similar systems.

This isn't just theory; it's a wake-up call for the physical-digital attack surface. Learn how everyday RFID technology can become a critical threat vector, and how to defend against real-world attacks targeting payment and access systems.

Project Brainfog: Beyond the Facade - Exposing Smart Giants
by: LiquidWorm

Since April 2024, I have identified over 800 zero-day vulnerabilities in these Building Management Systems (BMS) and Building Automation Systems (BAS). The scale of impact is staggering, affecting high-profile infrastructures such as skyscrapers, stadiums, hospitals, airports, museums, industrial control systems, educational institutions, and other critical facilities worldwide. The way ABB, the vendor, has managed these vulnerabilities reveals a significant need for improvement in creating a more secure ecosystem. Silent patching practices emerged throughout 2024 with the release of version 3.08.01 of the Aspect system, leaving numerous flaws unaddressed. Among the issues discovered are backdoors, unauthenticated remote root exploits, and a lack of transparency in vulnerability disclosure. The vendor’s failure to release timely advisories, misassignment and incorrect scoring of CVEs, and overall neglect of cybersecurity best practices have amplified the risks.

Ransomware 2.0: Declining Giants, Emerging Threats, and Evolving Ecosystems
by: Hyuna Lee

The ransomware threat continues to evolve, prompting an urgent need to reassess our defensive paradigms and adopt more resilient measures. As law enforcement intensifies its scrutiny of major ransomware syndicates, a new cadre of agile adversaries is emerging. Exploiting readily available resources—leaked code, builder kits, and open-source tools—they minimize operational costs while maximizing disruption, often vanishing swiftly after short campaigns or deftly recalibrating their tactics to evade detection.

This session will examine the shifting ransomware landscape, spotlighting the decline of once-dominant collectives and the meteoric rise of elusive newcomers. We will detail their sophisticated toolsets and methodologies, mapping them to the MITRE ATT&CK framework to illuminate the entire attack chain—from initial penetration to data exfiltration and encryption.

By exploring these shifting dynamics, this session will help attendees better understand the ransomware ecosystem’s ongoing transformation and its implications for defenders and security practitioners alike.

Security Cracks at the Summit: Rethinking OTA Updates
by: EungyoSeo with Heaeun Moon & Hyunseok Yun

As connected cars continue to evolve, their attack surfaces are expanding rapidly. One of the most critical vectors is the In-Vehicle Infotainment (IVI) system, which connects the vehicle to external networks. While such connectivity enhances user experience, it also introduces serious security risks. But how well do we truly understand these systems—and are we evaluating them from an attacker's perspective?

In this presentation, we examine a real-world IVI system developed by Alpine. Focusing on key services that form the attack surface, we take a deep dive into how these components operate and where they break. In particular, we analyze the Over-the-Air (OTA) update mechanism and uncover vulnerabilitie within its process. Through this case study, we aim to highlight often-overlooked risks in automotive software and provide insights into how IVI systems can be effectively targeted and better secured.

The return of Lotus Blossom: Hiding in plain sights
by: Doan Minh Long

Part 1: Detailed analysis of malware used in targeted attacks The Endpoint detection and response (EDR) system is a cybersecurity technology that monitors and mitigates malicious cyber threats on end users. But advanced persistent threats (APTs) are now taking advantage of the perception that EDR components are trusted software to inject their malware into the system. Viettel Threat Intelligence (VTI) will analyze the attack of apt Lotus Blossom group in detail to determine the entry point, the mechanism of privilege escalation and how attacker took over the security center server This malware is highly sophisticated in using advanced techniques: DLL Side loading, Process injection, rootkit, binary obfuscate, domain fronting...

Part 2: Expanding the investigation with similar malware samples and identifying the group of attackers who intentionally carried it out With the special characteristics that VTI collected after the detailed analysis of the malware such as the way of using the obfuscate algorithm, obfuscating the execution flow, shellcode, domain fronting... VTI compared and evaluated those unique characteristics with the targeted attack campaigns that have occurred to make an assessment of the person behind this targeted attack campaign. In addition, VTI also expanded the search for similar malware and compiled a list of attacks that use common defense system components to conceal malicious behavior.

Part 3: Methods of detecting and preventing similar malware After the analysis and investigation, VTI has identified some typical behavioral characteristics for malware attacks with the above mentioned behavior. The presentation will present ways to detect Dll side loading and process injection techniques with persistent malware registered on the system, in the directory of common software and with running processes to help scan for malware more accurately. In addition, VTI also presents some recommendations to prevent and detect early malware that intentionally targets different organizations.

Smart Threats, Smarter Defenses: Leveraging Machine Learning to Shrink and Sharpen Cyber Threat Intelligence on IP Addresses
by: Wilson Chua

In a world drowning in data, bigger isn't always better—especially when it comes to Cyber Threat Intelligence (CTI). As security teams struggle to keep up with bloated threat feeds and ever-growing lists of malicious IPs, a smarter approach is emerging: using Machine Learning to not only accelerate detection but to trim the fat without losing the threat.

This talk dives into the cutting-edge fusion of CTI and ML, revealing how AI-driven models can intelligently reduce massive IP datasets while preserving—and even enhancing—their ability to detect real threats. We'll explore practical strategies, success stories, and pitfalls to avoid when implementing these techniques in live environments. Expect a fast-paced, thought-provoking session with real-world takeaways for anyone serious about improving detection speed, lowering resource demands, and staying ahead of the threat curve.

If you're a cybersecurity leader, threat analyst, or technologist looking to level up your defenses with smart, lean data—this is the session you can’t afford to miss.

The Silent Data Breach: Unintended Exposure of Sensitive Information in Microsoft Enterprise Enrollment, Entra, and Intune
by: OfflineIsNewLuxury & Parameswaran Ganesan

This talk reveals a silent but critical misconfiguration in Microsoft Enterprise Enrollment that allows any authenticated user to export sensitive enterprise user data, including emails, job roles, and contact info, without elevated permissions. We'll uncover how this overlooked flaw can lead to data breaches and share best practices for securely configuring Azure to prevent similar risks.

This is based on a real-world external penetration testing engagement. During the assessment, my team discovered a service account exposed through an insecure website. We were able to leverage this account and abuse a misconfiguration in Microsoft Enterprise Enrollment, Entra, and Intune. This misconfiguration led to the unintended exposure of sensitive enterprise user data, including thousands of employee email addresses, job roles, and contact information. I'm looking forward to sharing the technical details, impact, and lessons learned from this discovery.

Vulnerabilities in the Smart Core of Green Infrastructure Part-1
by: Arun Mane & Omkar Mali

The global adoption of renewable energy, particularly solar power, is rapidly increasing. However, this accelerated digitization has also opened up new attack surfaces—especially in developing nations where cost-effective, Chinese-manufactured inverters and communication devices dominate the market. Our research focuses on a real-world investigation into the cybersecurity posture of solar plants that rely on Chinese inverters and RS485-to-Ethernet couplers. These devices, while enabling efficient communication and monitoring, introduce serious national security and privacy concerns. In this paper, we present our findings from a live production solar plant where these devices were installed. We uncovered critical vulnerabilities across communication channels such as Bluetooth, Wi-Fi, and USB, all used by the inverter to interact with gateway couplers and mobile applications. During reverse engineering and traffic inspection of the associated mobile apps and firmware, we discovered that sensitive plant operational data—including voltage readings, device health, and control commands—were being exfiltrated to remote servers located in China. The inverters we examined were capable of being remotely switched on or off via the mobile application. The implications of this are severe: an attacker who exploits these interfaces or hijacks app traffic could effectively disrupt plant operation or induce cascading failures in grid stability. Our discovery also includes poorly secured or hardcoded credentials within the firmware, unsecured Bluetooth pairing modes, and lack of proper authentication mechanisms in the couplers converting RS485 (Modbus) to Ethernet. This paper is the first part of an ongoing investigation. In future releases, we will focus on firmware implants, radio communication tampering, and active exploitation techniques. This initial part lays the groundwork by exposing systemic risks, insecure data flows, and geopolitical implications.

Key Findings
1. We reverse-engineered the mobile app associated with the inverter and found hardcoded IP addresses linked to Chinese cloud servers. All monitoring and control data—including ON/OFF commands—were being silently transmitted to these endpoints without user consent.

2. The inverter’s Bluetooth interface was found to be in continuous discoverable mode with no pairing key enforcement. An attacker within range could connect and manipulate the device without authentication.

3. The mobile application stored Wi-Fi credentials in plaintext and transmitted them during device setup. This flaw allows adversaries to sniff Wi-Fi credentials during setup or app interaction phases.

4. A USB port on the inverter was found to expose debug access without proper access controls. We were able to mount the file system and extract configuration data, including private keys and logs.

5. The RS485-Ethernet converters (acting as gateways) had no authentication for Modbus communication and were susceptible to traffic injection. A rogue device on the network could easily spoof inverter commands.

6. The inverter processed received commands without verifying the data integrity or sender authenticity. This makes command spoofing trivially easy for attackers.

7. All mobile app communications to the inverter and Chinese servers were over HTTP and unencrypted Bluetooth. This opens a door for MITM (Man-in-the-Middle) attacks in public or compromised networks.

8. The inverter relied on cloud-based decision-making for major actions like remote shutdown or firmware update checks. In case of a hostile takeover or DNS poisoning, the attacker could push false updates or shut down the plant.