You might like
Banana Pi BPI-CM6 design with SpacemiT K1 8 core RISC-V chip, CPU integrates 2.0 TOPs AI computing power. 8/16G DDR and 8/16/32/128G eMMC. support DeepX AI. will comming soon. docs.banana-pi.org/en/BPI-CM6/Ban… #riscv #EdgeComputing #bananapi #raspberrypi
🚨 We taught LLMs to write bug-finding tools instead of just finding bugs! KNighter synthesizes static analysis checkers from patches & discovered 92 new, long-lived bugs in Linux (77 confirmed, 30 CVEs) 🐛 Paper: arxiv.org/abs/2503.09002 Code: github.com/ise-uiuc/KNigh……
Here are the slides for my talk yesterday at Objective By the Sea! Tons of incredible research and researchers here in Ibiza :) dillonfrankesecurity.com/Objective-By-t…
As promised, a blog post on Diffing 7-Zip for CVE-2025-11001. Enjoy :) pacbypass.github.io/2025/10/16/dif…
Wrote an exploit for CVE-2025-11001 in 7-zip Pretty cool bug, had fun diffing it. Blog post coming soon github.com/pacbypass/CVE-…
Just posted a write-up on a DC hang traced to a deadlock inside LSASS. I break down call stacks, the blocked threads, and how doing LDAP work in DllMain triggered the issue. medium.com/@Debugger/serv…
Beginners introduction to Linux kernel rootkits inferi.club/post/the-art-o… #Linux #infosec
Serious bugs often occur in third-party components integrated by other software. @ifsecure and I found this vulnerability in the Dolby Unified Decoder. It affects Android, iOS and Windows among other platforms, sometimes 0-click. project-zero.issues.chromium.org/issues/4280754…
Interesting read. Using blockchain and smart contracts to host and load part of the JS payload delivery. cloud.google.com/blog/topics/th…
I spent some time exploring browser cache smuggling, where visiting a webpage can lead to malware delivery. Surprisingly, it is possible to execute Chrome’s original cache file without renaming it, while also achieving persistence. More details below: medium.com/@danemeth90/re…
The following vulnerabilities have been added to our feed: - CVE-2025-33053: Microsoft Windows Internet Shortcut Files RCE - CVE-2025-25257: Fortinet FortiWeb RCE - CVE-2025-50154: Microsoft Windows File Explorer NTLM Leak crowdfense.com/n-day-feed/
crowdfense.com
N-day Vulnerability Intelligence Feed - Crowdfense
Boost Red Team exercises with our N-Day Feed: real-time, high-risk vulnerabilities, PoC code, and insights for advanced threat simulation.
One‑Click Memory Corruption in Alibaba’s UC Browser: Exploiting patch-gap V8 vulnerabilities to steal your data interruptlabs.co.uk/articles/one-c… by @InterruptLabs #MobileSecurity #Browser #exploit #infosec
Forgive me if I am wrong (developer.arm.com/documentation/…): On my machine both T0SZ and T1SZ specify a value of 17. This means 48-bit VAs are in use. According to this psuedo-code from ARM documentation the "bottom" PAC bit is defined as 64 - TXSZ, which would be bit 47.
Trend Micro's Dove Chiu & Lucien Chuang uncovered an attack campaign exploiting the Cisco SNMP vulnerability CVE-2025-20352, allowing remote code execution and rootkit deployment on unprotected devices. trendmicro.com/en_us/research…
Not sure how I feel about this. Good research, but not anywhere near a real life scenario.. I have seen a lot of talk about C2-less malware, but nothing can ever replace a general c2 control, unless the aim is just "destruction via ransomeware".. - just my 2 cents
Can we eliminate the C2 server entirely and create truly autonomous malware? On the Dreadnode blog, Principal Security Researcher @0xdab0 details how we developed an entirely local, C2-less malware that can autonomously discover and exploit one type of privilege escalation…
New blog post in a while — this one covers "executing" shellcode from non-executable memory and "bypassing" DEP/NX. Since I didn’t have a proofreader this time, I’d really appreciate it if you could let me know about any errors or misinterpretations you spot in the article.…
I put a BOF loader in a BOF so that you can run BOFs from a BOF. If you've had issues getting a BOF to work with CS's BOF loader in the past, you now have a drop-in way to get a little bit more compatibility. github.com/0xTriboulet/In…
Quick post regarding sqlite injection. TLDR, when using it for file creation, create a VIEW rather than a TABLE: muffsec.com/blog/file-crea…
Satellites leak voice calls, text messages and more malwarebytes.com/blog/news/2025…
In regular GRPO, gradients update parameters. In Training-Free GRPO, the context updates instead. Each round: 1. Generate multiple rollouts 2. Compare them 3. Extract natural-language “lessons” 4. Add those to an experience library That experience library = the new brain.
United States Trends
- 1. #เพียงเธอตอนจบ 81.9K posts
- 2. LINGORM ONLY YOU FINAL EP 95.6K posts
- 3. Good Friday 49.5K posts
- 4. #FanCashDropPromotion N/A
- 5. #FridayVibes 4,822 posts
- 6. Ayla 15.9K posts
- 7. Tawan 45.1K posts
- 8. Cuomo 106K posts
- 9. Dorado 4,174 posts
- 10. Mamdani 252K posts
- 11. Happy Friyay N/A
- 12. Justice 331K posts
- 13. Shabbat Shalom 2,029 posts
- 14. #FridayMotivation 3,320 posts
- 15. Finally Friday 2,337 posts
- 16. Flacco 101K posts
- 17. RED Friday 2,445 posts
- 18. #FursuitFriday 11.8K posts
- 19. Melly 4,064 posts
- 20. Pence 96.3K posts
You might like
-
Chevy Phillip
@chevyphillip -
XSS Payloads
@XssPayloads -
xer0dayz
@xer0dayz -
Cliff Vazquez
@cliffvazquez -
Jason Lang
@curi0usJack -
nikhil(niks)
@niksthehacker -
Ashish Kunwar
@D0rkerDevil -
Securityblog
@Securityblog -
PentesterLab
@PentesterLab -
m0z
@LooseSecurity -
Rakesh Mane
@RakeshMane10 -
Dominic Chell 👻
@domchell -
Chintan 'Frogy' Gurjar
@iamthefrogy -
Patrick Fussell
@capt_red_beardz -
Sanoop Thomas ⠵
@s4n7h0
Something went wrong.
Something went wrong.