[meta] When I watch sector specific experts tell me their sector is special.<snark />. They're more like other sectors than they necessarily think.

While cleaning a storage room, our staff found this tape containing #unix v4 from Bell Labs, circa 1973 Apparently no other complete copies are known to exist: https://gunkies.org/wiki/UNIX_Fourth_Edition We have arranged to deliver it to the Computer History Museum #retrocomputing

Our senior security analyst @[email protected] has published a follow-up to his popular #groovy Template Engine #exploitation writeup: https://hnsecurity.it/blog/groovy-template-engine-exploitation-part-2/ Check out some new practical exploitation tricks that he figured out while working on […]

The release candidate of the OWASP Top 10 2025 has been released owasp.org/Top10/2025/0... The definitive release should be out on November 20th

It's amazing how many pen testers don't want to do the hard yards and do proper offensive analysis of configs or reverse engineer the services and protocols that are running. Firing up nmap and Nessus is all well and good but it's *not* an effective analysis of the attack surfaces. Looking at a […]

I wrote up some notes on two new papers on prompt injection: Agents Rule of Two (from Meta AI) and The Attacker Moves Second (from Anthropic + OpenAI = DeepMind + others) https://simonwillison.net/2025/Nov/2/new-prompt-injection-papers/

infosec has a lot to learn about understanding failure conditions and accurate, understandable error messages from roadies

The other day we had our first ever chained AI tool success on the #curl factory floor: - tool A found a possible flaw in code and reported it. - using the plain English description from tool A, tool B could create a reproducible by itself that verified the finding The sense of magic is […]

#brida 0.6 is here! The bridge between #burpsuite and #frida is now fully compatible with Frida 17+. As of this release, Brida 0.6 supports only Frida 17 and later. For users who still rely on older Frida versions, Brida 0.6pre remains available on GitHub. Get the latest release here […]

New, long, oral history of Ken Thompson, my and everyone's hero. From the Computer History Museum: https://computerhistory.org/blog/a-computing-legend-speaks/ Click thru a while to get a text transcript.

Mem3nt0 mori – The #hacking Team is back! “In March 2025, #kaspersky detected a wave of infections that occurred when users clicked on personalized #phishing links sent via email. No further action was required to initiate the infection; simply visiting the malicious website using Google […]

please enjoy: my Wasm-hosted, Wasm-targeting build of Clang/Clang++/LLD: a self-contained, 25 MiB (gzipped) pure function https://www.npmjs.com/package/@yowasp/clang

you know you're about to watch paint dry for a _long_ time when just the checkout step in a github actions workflow takes 3+ minutes

SpecterOps released "DumpGuard" along with a detailed article on how they were able to bypass Windows Credential Guard in both privileged and unprivileged contexts. I learned a ton about Isolated LSA and friends. Its funny to see that DES-cracking of NTLMv1 […] [Original post on infosec.exchange]

The vuln is so old it is not even easy to find the reference! OpenBSD fixed it by adopting a non-predictable PRNG, BIND dev refused to use the same approach cuz "DNSSEC fixes this" 10 years later Dan Kaminsky rediscovered it with a better way to exploit the weakness. Vendors adopted OpenBSD's […]

What year is this?! I think I am taking crazy pills! FWIW: The first ever vulnerability I reported to a vendor was a DNS cache poisoning attack against BIND due its use of predictable query IDs. I reported it.... in 1996! […]

If you know who did this, or if you know how to set it back, the hotel kindly asks you to do so, respecting the fun achievement unlocked :) https://infosec.exchange/@xme/115422139879568495

10 Mediatek 0day dropped. Mediatek PSIRT assigned CVE IDs only to 3 of them cuz the others were considered "low severity". This is The Way https://labs.taszk.io/articles/post/eastern_promises/

Just received an email from YouTube that they'll soon enable autodubbing on the OctoPrint channel for new and soon also old videos. Hell no, every time I run into this AI shit when watching YouTube I just want to scream, it's THAT bad. Thankfully, there's a way […] [Original post on chaos.social]

On this day seventeen years ago I learned something about locales and Turkish that has scarred me for life: I is not always uppercase i! https://daniel.haxx.se/blog/2008/10/15/strcasecmp-in-turkish/

In the year of Our Lord Two Thousand and Twenty-Five, BIG-IP devices from F5 Inc. are vulnerable to TCP hijacking due to use of a bad TCP Initial Sequence Number generator. https://my.f5.com/manage/s/article/K000151297

We've just published "Streamlining Vulnerability Research with the idalib Rust Bindings for IDA 9.2" by @raptor, now live on our freshly restyled blog: https://hnsecurity.it/blog/streamlining-vulnerability-research-with-the-idalib-rust-bindings-for-ida-9-2/ Originally featured last week as a […]

"We are failing to see that configuration files are actually user interfaces, and that they should be treated as such." https://ochagavia.nl/blog/configuration-files-are-user-interfaces/

One Battle After Another is one hell of a great movie 🍿

Episode 8 of Where Warlocks Stay Up late is out and so far I think it is the best one. So many anecdotes and such a crisp description of that era.. I am a decade older than "MB" but I lived what he talks about and met all the actors. Crazy times https://www.youtube.com/watch?v=PN2RQ_O2Cq0

Everyone knows the weekends are the best time to push important updates, right? From Jeep Wrangler forum: Did anyone else have a loss of drive power after today's OTA Uconnect update? On my drive home I abruptly had absolutely no acceleration, the gear […] [Original post on infosec.exchange]

x11 spotted in italy

The Hexacon talk was great though :) https://infosec.exchange/@swapgs/115331899646536371

If you have a bash command line of "exec program ..." and you can control the "..." can you make it not run the exec and do something different? The answer is yes. Even if "..." is somewhat sanitised for shell metacharacters. If you can inject $+] it will make bash error on that line and run the […]

30 years ago, Bob Morris, then a senior scientist at NSA, gave a keynote talk at the CRYPTO conference (the leading conference for academic cryptographers). He opened by telling us he would reveal the NSA's first rule for cryptanalysis (which certainly got our attention). "First", he said […]

hey wanna see something kinda interesting? this was the entire fix to the iPhone Antennagate in 2010. 20 bytes. (this is going to be a very long thread 🧵)

It’s a real pleasure (not to mention an achievement) to be featured in the @HexRaysSA blog! https://infosec.exchange/@HexRaysSA/115333807550841599

Well, Well, Well. It’s Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882) […]

Fun #vmware #bug by @nviso_labs You name it, VMware elevates it (CVE-2025-41244) https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/ “By matching and subsequently executing non-system binaries (CWE-426: Untrusted Search Path), the service discovery feature can be […]

The @EUCommission would like to hear your views on the governance and sustainability of critical open source software. The survey closes October 5th. https://ec.europa.eu/eusurvey/runner/FOSSEPS_Governance_and_Sustainability_Survey #OpenSource #governance #sustainability

Heads up to anyone doing #mobile #reverseengineering and #penetrationtesting: I've just ported my @NowSecure #frida instrumentation scripts (#ios and #android) to Frida 17, which introduced some breaking changes in the API. The original, battle-tested scripts from 2017 are preserved as release […]

libxml2's sole maintainer Nick Wellnhofer steps down, meaning libxml2 is now no longer maintained. https://discourse.gnome.org/t/stepping-down-as-libxml2-maintainer/31398 It's hard to estimate just how many companies depend on this software and critical security updates to the library, so I'm […]

#styx Emulator Public Release (a #Rust-based #qemu Alternative) https://stumbl.ing/posts/styx-emulator-release/

“When you’re using a cloud proxy, you’re importing everyone else’s technical debt into your website” — @albinowax

Great VR talk by @leonjza at #romhack2025

Watching @albinowax rocking the stage at #romhack2025 👏

NFS at 40. Phenomenal collection of seminal documents, related work, source code, ephemera, etc... https://nfs40.online/ #sunmicrosystems

#appledb_rs, a #research support tool for #apple platforms by @synacktiv https://synacktiv.com/en/publications/appledbrs-a-research-support-tool-for-apple-platforms

I've enjoyed reading the new @nostarch #book "From Day Zero to Zero Day" by @spaceraccoon! It provides a solid #VulnerabilityResearch methodology, exploring source #CodeReview, #ReverseEngineering, and #Fuzzing with a practical, hands-on introduction to the […] [Original post on infosec.exchange]

This is beautiful; pure poetry: https://obsidian.md/blog/less-is-safer/ (Obsidian’s dependency-management philosophy.) I have a suggestion: If you have a project or repo that's getting popular, stop writing features for a few months and implement this instead. #softwaredevelopment […]

Holy moly. The DOJ just dropped their charges against Jubair, alleging he was involved in 120 intrusions and extortion against 47 US entities. The complaint alleges victims paid at least $115 million in ransom payments. At a hearing today in the UK, it emerged that Jubair had access to $200 […]

A little #linkedin recommendation regarding #ai training ❌

Who is coming to #romhack2025 next week? See you there 🔥 https://infosec.exchange/@cybersaiyan/115224158227195957

Who could have figured out that automatically downloading half the internet and ten thousand always-changing dependencies every time you build could actually be a weakness?