Firefox 124.0.1 fixes two critical JavaScript engine vulnerabilities https://t.co/IqRIHmcDiz
CVE-2024-29943: Out-of-bounds access via Range Analysis bypass
CVE-2024-29944: Privileged JavaScript Execution via Event Handlershttps://t.co/954L3XB8O1

— Open Source Security mailing list (@oss_security) March 23, 2024

@_manfp’s Firefox renderer bug is a beauty that takes advantage of an optimisation implemented just 3 months ago. Let’s break it down!

— maxpl0it (@maxpl0it) March 22, 2024

Beginners series for starting with embedded devices reverse engineering
Credits @voidstarsec

Ghidra setup: https://t.co/Nwwtah9Aco
Tools: https://t.co/CVbjCFB57Y
Firmware extraction: https://t.co/Dnz3Xr7WJa #reverseengineering #cybersecurity pic.twitter.com/xITzEPffAM

— 0xor0ne (@0xor0ne) March 23, 2024

I can't believe so many people are sleeping on this research: https://t.co/TZcJ8p52vP

Code White again smashes it out of the park with their meticulous knowledge of software stacks. I have so much respect for them publishing this.

Nice work, @mwulftange!

— shubs (@infosec_au) March 23, 2024

*Evolution of click farm fraud.*

1st generation click farm fraud, fully manual labour. pic.twitter.com/lPZdF7tZL9

— Douglas Mun (@douglasmun) March 23, 2024

2nd generation click farm fraud, multiple mobile devices with centralised operations pic.twitter.com/hBuS0d0ceA

— Douglas Mun (@douglasmun) March 23, 2024

3rd generation click farm fraud involves mobile device servers, centralised and operated by one. pic.twitter.com/E7QaQykHuK

— Douglas Mun (@douglasmun) March 23, 2024

How they build the 3rd gen, 20 mobiles into a server chassis? (video) pic.twitter.com/oMBOO6XfnB

— Douglas Mun (@douglasmun) March 23, 2024

#SpyNews - week 12 (March 17-23):
A summary of 92 espionage-related stories from week 12 coming from 🇷🇺🇹🇹🇨🇦🇨🇳🇭🇰🇮🇪🇬🇧🇱🇹🇺🇸🇺🇦🇫🇷🇮🇱🇵🇱🇫🇮🇩🇪🇯🇵🇰🇷🇩🇯🇶🇦🇪🇬🇧🇾🇹🇼🇪🇸🇹🇷🇮🇳🇰🇵🇸🇰🇭🇺🇳🇿🇨🇿🇦🇺🇧🇪🇸🇾🇻🇳🇮🇶🇮🇹🇮🇷🇦🇲🇦🇿🇦🇪🇸🇮🇧🇬🇲🇦🇱🇧 https://t.co/fZP0PTdDrP#Espionage #OSINT #HUMINT #SIGINT

— Spy Collection (@SpyCollection1) March 24, 2024

I was shocked to read the story of a man being unable to get car insurance because GM sold the driving history from his 2021 Cadillac to data brokers used by insurance companies.

It looks like this has become a PR disaster for GM and they’re stopping the practice. pic.twitter.com/KSFOmk9gPl

— Dare Obasanjo🐀 (@Carnage4Life) March 23, 2024

Wishing Rob Joyce @NSA_CSDirector a happy retirement at the end of this month with many thanks for his years of public service, especially for leading @NSACyber efforts to defend our Nation's critical networks through strong partnerships with the cybersecurity community. pic.twitter.com/pF5xXw7Dla

— General Timothy D. Haugh (@CYBERCOM_DIRNSA) March 22, 2024

TIL if you overwrite a bash script while it's running, it just continues by running the new file at the same byte position.

— Jules Jacobs (@JulesJacobs5) March 24, 2024

Yep looping is implemented with seek 😱

— Joseph Garvin (@joseph_h_garvin) March 24, 2024

Seems bash does load some part of the script into memory and it has a limit, so if u change the script which is not yet loaded into memory the new code will b executed
Anyway its an interesting find https://t.co/Y1buO3yvzS

— Vignesh Nandakumar (@Vignesh_NaN) March 24, 2024

Can you think of a reason for choosing such an oddly specific number? pic.twitter.com/V3ZfwnTbcV

— Eloff (@eloffd) March 22, 2024

Rather than go into OrgKit tonight, I want to explain why Windows networks have been historically insecure. 🧵

— SwiftOnWinningNuclearWar (@SwiftOnSecurity) March 24, 2024

China targets group of MPs and peers with string of cyber-attacks https://t.co/ZXMEwCmOqp

— Dr. Dan Lomas (@Sandbagger_01) March 24, 2024

Happy anniversary to those who celebrate. pic.twitter.com/zn52oCcsoI

— Soup for my Family 🥣🧦🤖🫐🌨 (@soupformy_fam) March 24, 2024