May 11, 2026
May 11, 2026 The Cyber Reality States Don’t Want to AdmitJust me ranting about the irrational Western reaction to Russia’s actual cyber capacity builing...
May 8, 2026
May 8, 2026 💥 Introducing "Dirty Frag"A universal Linux LPE chaining two vulns in xfrm-ESP and RxRPC. A successor class to Dirty Pipe & Copy Fail.No race, no...
May 7, 2026
May 7, 2026 But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The...
May 6, 2026
May 6, 2026 There’s something ominous about the speed with which the entire world has marched to require identification on platforms and, as I expected,...
May 5, 2026
May 5, 2026 This one is ours! CVE-2026-42511 was discovered by Joshua Rogers from our research team using @Aisle_Inc's AI system in FreeBSD, the same...
May 4, 2026
May 4, 2026 We have a record of Cleopatra's handrwiting: γινέσθωι "make it happen", appending a tax exemption. https://t.co/X6XNuGauy9...
May 3, 2026
May 3, 2026 The RansomISAC published regarding "Zhengzhou 403 Network Technology Co., Ltd.", a cert we reported in 2025 after it was used to sign...
May 2, 2026
May 2, 2026 Google nailed their bug bounty program because they’re seeing a huge influx of reports, likely because LLMs are doing extremely well at variant...
May 1, 2026
May 1, 2026 If people are really curious about https://t.co/zJqjRZkKcD, @5unKn0wn is the GOATed researcher who is responsible! https://t.co/pKODZo3G5t—...
April 30, 2026
April 30, 2026 TLDR: got a bunch of agents to find remote unauth'd OOBs in ksmbd, CVE-2026-31432 and CVE-2026-31433. CVE-2026-31432 specifically is "RCE-...
April 29, 2026
April 29, 2026 you never think this will happen to you, but this happened to me today. a DPRK actor posed as somebody i previously worked with at the...
April 28, 2026
April 28, 2026 🇨🇳 national Xu Zewei (徐泽伟) was extradited to the US over the weekend and appeared in US District Court in Houston on Apr 27 on a 9-count...
April 26, 2026
April 26, 2026 Woah. So @e65537 found this same bug a few days before we did, reported it, got a fix landed, and published a full exploit writeup while we...
April 24, 2026
April 24, 2026 NSA joins the @NCSC and others in releasing joint guidance detailing multiple China-nexus threat actors who are using dynamic, external covert...
April 23, 2026
April 23, 2026 Why So Many Control Rooms Were Seafoam Green The Color Theory Behind Industrial Seafoam Green LLMs have gotten good enough at reverse...
April 20, 2026
April 20, 2026 Administrivia Sorry for the delays and then this huge post. Twitter changed their API slightly and ithe python module I use for scraping had...
April 19, 2026
April 19, 2026 Administrivia Sorry for the delays and then this huge post. Twitter changed their API slightly and ithe python module I use for scraping had...
April 19, 2026
April 19, 2026 Administrivia Sorry for the delays and then this huge post. Twitter changed their API slightly and ithe python module I use for scraping had...
April 16, 2026
April 16, 2026 FBI trolls Russian embassy with geotargeted ads for disgruntled spies - Ars Technica “Speak plainly… we are ready to listen.”... Xu Zewei...
April 15, 2026
April 15, 2026 Adobe Security Bulletin Prenotification Security Advisory for Adobe Acrobat and Reader | APSB26-44
