It's awesome to see companies like @binarly.bsky.social helping support OST2 so it can keep bringing free training to the world! (This could/should be your company too! :))

This research demonstrates how easily full persistence can be achieved on Supermicro BMC, allowing complete takeover of the server. - CVE-2025-7937: bypassed “fix” for CVE-2024-10237. - CVE-2025-6198: Supermicro RoT bypass. www.binarly.io/blog/broken-...

Another Crack in the Chain of Trust: Uncovering (Yet Another) #secureboot Bypass https://www.binarly.io/blog/another-crack-in-the-chain-of-trust

#Hydroph0bia (CVE-2025-4275) - a trivial #secureboot bypass for UEFI-compatible firmware based on Insyde #h2o#hydroph0bia part 1 https://coderush.me/hydroph0bia-part1/

We're are happy to announce a new release of our #Rust bindings for idalib. What's new: - New APIs for working with IDBs, segments, and more - Rust 2024 support - New homepage: idalib.rs H/T to our contributors @yeggor.bsky.social & @raptor.infosec.exchange.ap.brid.gy github.com/binarly-io/i...

Listening to @matrosov.bsky.social and @pagabuc.bsky.social at #RSAC

In case you missed it from #LABScon24: BINARLY’s @matrosov.bsky.social and @pagabuc.bsky.social reveal their research into a firmware supply-chain security issue that affected major device vendors and hundreds of models, PKfail. 📺 Watch the full video: s1.ai/PKfail