We’re honoured to welcome the new team to the Gecko family 🦎 https://t.co/VJPAyEhQVD

— Binary Gecko (@Binary_Gecko) July 2, 2024

Today @RecordedFuture released a research paper on using malware infostealer logs to identify CSAM consumers.

RecordedFuture identified over 3,000 individuals purchasing CSAM. All users were reported to their respective law enforcement agency.https://t.co/0uz5jPAJfS

— vx-underground (@vxunderground) July 2, 2024

Regarding the SSH bug 1) First OpenSSH vuln discovered in almost 20 years - wow 2) Bug was (re)introduced almost 4 years ago. So remote root in OpenSSH for 4 years and nobody found it? 3) Exploit takes hours/days to run. Watch your logs!

— Charlie Miller (@0xcharlie) July 1, 2024

Whilst I have your attention: we got Mark Dowd on SCW about exploit markets(!). I had a whole list of HN grudges to settle teed up, but was 7 minutes late to the recording trying to level up an ER character for the DLC and was too flustered to pull it off. https://t.co/xMItU4V3X9

— Thomas H. Ptacek (@tqbf) June 27, 2024

Security researcher @raghav127001 believes he may have identified a host actively exploiting CVE-2024-6387. However, they're not sure (and neither are we).

We've archived the binaries before the identified host nukes them.

Possible CVE-2024-6387: https://t.co/jBGYCACUr8

— vx-underground (@vxunderground) July 3, 2024

This is just so fascinating.

cc: @thegrugq https://t.co/rD8x9j4vg2

— Ravi Nayyar (@ravirockks) July 3, 2024

use-after-free vulnerability due to the interaction between Unix garbage collection (GC) and the io_uring Linux kernel componenthttps://t.co/HZ9FQrpitt

Credits Shoily Rahman (@Oracle)#Linux #cybsersecurity pic.twitter.com/hzqj9deEwa

— 0xor0ne (@0xor0ne) July 3, 2024

I guess some of those vulnerabilities were probably fixed in the Samsung July update.

Out of bound write in the heap in 2G (no auth)https://t.co/289D398jRg

Out of bound of a heap buffer in SIM Proactive Commandhttps://t.co/gm81IpT2yz

Out of bound write in the heap in 2G (no… https://t.co/3FBkH5Bttj

— Anderson Nascimento (@andersonc0d3) July 3, 2024

I'm very excited to finally share the first part of the research I did into Ghostscript. This post details the exploitation of CVE-2024-29510, a classic format string bug, which we abuse to bypass the SAFER sandbox and gain RCE.https://t.co/gym3XltBpe

— Thomas Rinsma (@thomasrinsma) July 2, 2024

Just released the write-up for CVE-2024-4367, a bug I found recently in PDF.js (and hence in Firefox), resulting in arbitrary JavaScript execution when opening a malicious PDF.https://t.co/sex6fR0xHS

— Thomas Rinsma (@thomasrinsma) May 20, 2024

#GitHub actions #exploitation series by @Synacktiv https://t.co/SO5Os4sGCP https://t.co/vvvjTzJ62r

— raptor@infosec.exchange (@0xdea) July 3, 2024

Virtual Escape; Real Reward: Introducing Google’s kvmCTF https://t.co/2ERM5V3AKV

— Anderson Nascimento (@andersonc0d3) July 2, 2024