November 2, 2025
November 2, 2025 Yeah, so pretty much this entire drama thing is FFmpeg are a bunch of nerds and have spawned a philosophical conversation on the...
November 1, 2025
November 1, 2025 Really cool story about the developer of ZeroAccess -The ZeroAccess Developer and His Windows Kernel-Mode...
October 31, 2025
October 31, 2025 Happy Halloween A penetration tester got root access to our Kubernetes cluster in 15 minutes. Here's what they exploited.The attack chain:-...
October 30, 2025
October 30, 2025 NEW: exec at zero-day supplier pleads guilty to selling to buyer in Russia.FBI had warned elite supplier Trenchant about a potential leak in...
October 29, 2025
October 29, 2025 More interposer fun, this time with DDR5 memory. Breaking TDX, SGX, SEV and even Nvidia TEEs. Checkout our work at https://t.co/Jl1dpGnM6J,...
October 28, 2025
October 28, 2025 📣THREAD: It’s surprising to me that so many people were surprised to learn that Signal runs partly on AWS (something we can do because we...
October 27, 2025
October 27, 2025 Spent some time on an old iOS WebKit bug to learn about browser exploitation https://t.co/CDySlTzGM6 pic.twitter.com/0a7maHBU8b— Billy Ellis...
October 26, 2025
October 26, 2025 This week I had the pleasure of guest lecturing at both Georgetown University and Johns Hopkins SAIS on the intersection of AI, cyber and...
October 24-25, 2025
October 24-25, 2025 This significantly changes the context of the “iOS Vuln dev hacked!” story. It is a clear national security issue, with exploits sold to...
October 23, 2025
October 23, 2025 1/ Who wins in the Information Security AI arms race: Defenders? Attackers? or the new AI tools just cancel each other?Our answer...👇...
October 23, 2025
October 23, 2025 1/ Who wins in the Information Security AI arms race: Defenders? Attackers? or the new AI tools just cancel each other?Our answer...👇...
October 22, 2025
October 22, 2025 bed overheated because AWS-east was down. but um....... its good because it alerted them to the outage? i dont even know what to do with...
October 20, 2025
October 20, 2025 We recently took over an APT investigation from another forensic company. While reviewing analysis reports from the other company, we...
October 18-19, 2025
October 18-19, 2025 https://www.antipope.org/charlie/blog-static/2025/10/the-pivot-1.html 1/ UPDATE: South Korea's spy agency has finally broken its silence...
October 16, 2025
October 16, 2025 We learn of a F5 Networks breach by "a highly sophisticated nation-state" from an SEC filing:https://t.co/WwPFNPDjgM— Ryan Naraine...
October 15, 2025
October 15, 2025 My DEFCON talk about cryptomoney laundering techniques is out! At minute 20:30, I demonstrate how I use an AI agent to assist my...
October 14, 2025
October 14, 2025 The plan? At dusk, 50 people went to San Francisco's longest dead-end street and all ordered a Waymo at the same time.The world's first:...
October 12, 2025
October 12, 2025 Christopher Berry, one of the suspects in the China spy case, allegedly had secure communication apps used only by Beijing agents installed...
October 11, 2025
October 11, 2025 Apple's Real World CTF : you get the flag, you get the bountyhttps://t.co/gY6mayzpLy pic.twitter.com/i299t0U6P6— matteyeux (@matteyeux)...
October 9-10, 2025
October 9-10, 2025 https://understandingwar.org/research/cognitive-warfare/a-primer-on-russian-cognitive-warfare/ The Discord breach is another example of...
