Dopped a spicy 25-min read exploring adversarial ML 🤠 It's a mix of in-depth & light peppering of the broader field. So much I couldn’t fit (extraction, inversion, poisoning), but I hope it sparks curiosity. Made for learners no fancy background ❤️https://t.co/QE1j0tu4Jl

— Boschko 🇨🇦 (@olivier_boschko) November 27, 2024

Since it's almost been a year and OBTSv7 is around the corner, I published the long overdue writeup for badmalloc:https://t.co/PUqiPQ6kXo

— Gergely Kalman (@gergely_kalman) November 26, 2024

Confusion Attacks: Exploiting Hidden Semantic Ambiguity In Apache HTTP Server! - Orange Tsai @orange_8361 https://t.co/Ksxx8P1JFH

— Swissky (@pentest_swissky) November 26, 2024

Better late than never... My Hexacon 2023 slides for "Finding and Exploiting an Old XNU Logic Bug" and the exploit code (WITH THE ANIMATED ASCII ART 🥷🔪🍎!!!) are up https://t.co/Z3ktOkj6Gi / https://t.co/aoUQp3czyp

— Eloi Benoist-Vanderbeken (@elvanderb) November 26, 2024

Army building a new expeditionary cyber battalion...the 12th Cyber Battalion, said Lt. Gen. Maria Barrett, commander of @ARCYBER | https://t.co/u5YsoitZGL @DefenseScoop

— 780th Military Intelligence Brigade (Cyber) (@780thC) November 27, 2024

💡@criscifuentes, the Mother of Decompilation, reflects in her #LABScon2024 keynote on three decades of innovation in reverse engineering. Highlights include:

- Her 1994 PhD research on reverse compilation techniques for 80286 DOS binaries
- Groundbreaking methods for mapping… pic.twitter.com/F9x56qgEKh

— SentinelOne (@SentinelOne) November 26, 2024

This is nuts.

Major investigation reveals ExxonMobil allegedly orchestrated hack-for-hire campaign targeting 500+ climate activists and journalists. pic.twitter.com/DwKDeRbBPX

— Matt Johansen (@mattjay) November 27, 2024

Managed to solve 9/10 reverse engineering challenges in HKCERT CTF 2024 Quals. Got first blood on one of the challenge where participants are asked to analyze "weird" pyc file (Black Magic). Check out my writeup on link belowhttps://t.co/gITTRBfsEG

— ryuk (@_ryuk12345) November 27, 2024

New AMSI Bypass Technique Modifying CLR.dll in Memory: https://t.co/xOdehFCD53

— ringzerø.training && @ringzer0@infosec.exchange (@_ringzer0) November 27, 2024

FINALLY! 🔥 The new blog has been launched in collaboration with @g0njxa 💙 Today, we hope to expose the #CRYPTOLOVE traffer's group operation. It is a long read, but we promise it is worth it. https://t.co/adrsLvvUmk

— RussianPanda 🐼 🇺🇦 (@RussianPanda9xx) November 27, 2024

#ESETresearch reveals the first Linux UEFI bootkit, Bootkitty. It disables kernel signature verification and preloads two ELFs unknown during our analysis. Also discovered, a possibly related unsigned LKM – both were uploaded to VT early this month. https://t.co/CZW6Mfm6bK 1/5

— ESET Research (@ESETresearch) November 27, 2024

Interesting to see my work used in academic research training LLMs to hack. They had very kind things to say about my writeups ☺️ https://t.co/jvAVTyLIHF

— 0xdf (@0xdf_) November 26, 2024

I wrote a very timely introduction to digital security for journalists for @GIJN, this guidance may also apply to activists, lawyers, and anyone else doing at-risk work these days. https://t.co/0LykEKcrhV

— Runa Sandvik (@runasand) November 27, 2024

Today, we're releasing NachoVPN, our VPN client exploitation tool, as presented at SANS #HackfestHollywood 2024 🌮🔒

Find the details on the @AmberWolfSec blog, along with the individual advisories, including a not-yet-fully fixed PaloAlto GlobalProtect client RCE👀 pic.twitter.com/ZnB4Jbvwz5

— Rich Warren (@buffaloverflow) November 26, 2024

Introducing NachoVPN: One VPN Server to Pwn Them All (blog):https://t.co/HCgHoHOYHY

— Rich Warren (@buffaloverflow) November 26, 2024

Your chances of being hunted by a turkey are low, but never zero. pic.twitter.com/F17j7WtHaP

— National Park Service (@NatlParkService) November 27, 2024