October 15, 2024
October 15, 2024 Very detailed analysis of attack chain (0day path traversal & command injection, same as it ever was) => Burning Zero Days: Suspected...
October 14, 2024
October 14, 2024 I have been laughing at this entirely too long... pic.twitter.com/Xmv8Y2G28x— Mark C. (@LargeCardinal) October 12, 2024 Zendesk finally...
October 13, 2024
October 13, 2024 The dystopia we predicted: Hacked Robot Vacuums Across the U.S. Started Yelling Slurs https://t.co/lV7JQ5R4Wi— Whitney Merrill (@wbm312)...
October 12, 2024
October 12, 2024 making one of those "uuid generator" websites where i give out uuids scraped out of github projects to drive down entropy in the universe—...
October 11, 2024
October 11, 2024 We finally get some description of how "adminless" on Windows 11 (now in canary insider versions, so you won't be seeing this in deployment...
October 10, 2024
October 10, 2024 "Influence and Cyber Operations: An Update," the new OpenAI threat intelligence report, out a few hours ago. The document is interesting for...
October 9, 2024
October 9, 2024 Virtualizing iOS on Apple Silicon Virtualizing iOS on Apple Silicon | Nick BotticelliNick Botticelli's personal website Law #1: Nobody...
October 8, 2024
October 8, 2024 ✍️ Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation https://t.co/zKhWw7DOY2 pic.twitter.com/haUYUD9HHw— Alex...
October 7, 2024
October 7, 2024 Collection of write-ups, blog posts and papers related to cybersecurity, reverse engineering and exploitationhttps://t.co/g2cERXRyeY#infosec...
October 6, 2024
October 6, 2024 CATASTROPHIC: Chinese hackers massively wiretapped 🇺🇸USA by compromising the interception portals mandated under US law. Remember this the...
October 5, 2024
October 5, 2024 “I still don’t have a clear idea of when I will retire or return to my country. For now, I will continue supporting the beautiful cause of...
October 4, 2024
October 4, 2024 A tour de force of modern exploit dev. Would love to know how they found the bug in the first place? Just code auditing ?...
October 3, 2024
October 3, 2024 HTTP Parameter Pollution in 2024! https://t.co/oJWTvI9b9j— /r/netsec (@_r_netsec) October 2, 2024 For over a year my free time has been spent...
October 2, 2924
October 2, 2924 ICYDK @neoeno makes nice materials (blogs, posters, videos) about file formats, analysis, crafting...Ex: https://t.co/AgdWoxYc98...
October 1, 2024
October 1, 2024 I asked my LLM agent (a wrapper around Claude that lets it run bash commands and see their outputs):>can you ssh with the username buck to...
September 30, 2024
September 30, 2024 strcpy bug in Tony Hawk's Pro to achieve RCEhttps://t.co/XY4wWgyOK5Credits @Grimdoomer#cybersecurity pic.twitter.com/T2fusrhPhD— 0xor0ne...
September 29, 2024
September 29, 2024 DHS IG finds serious problems w/ the govt's cyber threat information sharing portal.# of entities sharing CTI "declined to its lowest...
September 27-28, 2024
September 27-28, 2024 Attacking UNIX Systems via CUPS, Part IHello friends, this is the first of two, possibly three (if and when I have time to finish the...
September 26, 2024
September 26, 2024 A watering hole campaign against 25 Kurdish websites, which we named #SilentSelfie 📸: > 4⃣distinct variants identified;>📱Ranging from...
September 25, 2024
September 25, 2024 If you ever asked yourself why the 0day market is doing so well.This is why 👇🏻 https://t.co/mBMXWKcUnR— x0rz (@x0rz) September 24, 2024...
