March 24, 2025
March 24, 2025
https://t.co/1CH1WoMwKf
— wh1te4ever (@wh1te4ever) March 22, 2025
Implemented arbitrary webkit code execution on iPhone (not PAC devices).
You can chaining other exploits if you want for nice work, but do not use it for malicious purpose.
Check out src and README here:https://t.co/okIlYhzno0 pic.twitter.com/9KNeGuK5Kg
Last barrier destroyed, or compromise of Fuse Encryption Key for Intel Security Fuses by @_markel___https://t.co/P91XdpWIpD pic.twitter.com/pMDAs9Bvpi
— Alex Plaskett (@alexjplaskett) March 23, 2025
Here's the thing. When a browser, an app, or a website encourages you to turn on an awesome feature, it's almost always because a lawyer who understands the feature said "whoa, we're gonna be in real trouble if we don't have consent".
— lcamtuf (@lcamtuf) March 23, 2025
In other words, pic.twitter.com/nw1WvYv80W
CVE-2024-12695 the mystery has been revealed :)https://t.co/r9pVqQjauy
— j j (@mistymntncop) March 23, 2025
By making minor changes to command-line arguments, it is possible to bypass EDR/AV detections.
— Wietze (@Wietze) March 24, 2025
My research, comprising ~70 Windows executables, found that all of them were vulnerable to this, to varying degrees.
Here’s what I found and why it matters 👉 https://t.co/VpMttDZI9K pic.twitter.com/mO5PlQkRMr
Why hack one device, when you can hack a million of them? My latest blogpost based on my @nullcon talk explores hacking smart weighing machines and health devices by hijacking their user-device association flows. https://t.co/BNBPzZ5KQ9
— spaceraccoon | Eugene Lim (@spaceraccoonsec) March 24, 2025