#deserialization search results
I always used the serde crate for Rust - but today I found about another pretty-looking serialization framework! (plus it has a cool name!) 🦀 rkyv (archive): Zero-copy deserialization framework for Rust. ⭐ GitHub: github.com/rkyv/rkyv #rustlang #library #deserialization
This book, “Writing Secure Code, 2nd ed.”, was published by @MicrosoftPress in 2003. Just saying. #deserialization
Wazuh — Unsafe Deserialization RCE (CVE-2025-24016) An unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses 🔗 Source: github.com/0xjessie21/CVE… #wazuh #deserialization #rce #cve
These #deserialization attacks will de-seriously blow your mind! 🤯 Start our new #HTBAcademy module and get hands-on training on defining, exploiting, and remediating #PHP and #Python deserialization. Get started now: academy.hackthebox.com/course/preview… #HackTheBox #CyberSecurity #InfoSec
Remote-Method-Guesser - Tool For Java RMI Enumeration And Bruteforce Of Remote Methods j.mp/3snerzC #Deserialization #JavaRMI
An awesome blog post by @irsdl on #Deserialization vulnerabilities in #Microsoft .NET These vulnerabilities are not covered very well compared with their Java counterparts, so this a great write-up: nccgroup.trust/uk/about-us/ne…
Costo bastante hacerlo andar pero acá está!! Jackson deserialization funcionando #jackson #deserialization #ihateujackson
Doldrums - A Flutter/Dart Reverse Engineering Tool j.mp/3juJ8QD #Android #Deserialization #Doldrums #ELF #Extractor
Understanding & Identifying Insecure Deserialization Vulnerabilities infosecwriteups.com/understanding-… #BugBounty #Security #Deserialization #OWASP #Infosec
Debug - Write-up - #TryHackMe #hash-cracking #deserialization #eop #php #security #thm #web #writeups blog.raw.pm/en/TryHackMe-D… cc @RealTryHackMe
June 17th, we will have @Becojo present his @NorthSec_io #ruby #deserialization challenges. It will happen on twitch: twitch.tv/montrehack and discord: discord.gg/357qSJ. Official announcement soon.
In this blog post, @irsdl shows abuse of XAMLX file capabilities to run commands on a server when such files can be uploaded within an IIS application. nccgroup.trust/uk/about-us/ne… #XAMLX #IIS #deserialization #Infosec
What worries #hackers? Attend for our next #ExploitsExplained installment on 4/21 where @synackredteam researcher, @Adam_Logue details the risks #deserialization attacks pose to security practitioners, including a demo of a JBoss Server exploitation. syn.ac/3t5txuo
Remote-Method-Guesser - Tool For Java RMI Enumeration And Bruteforce Of Remote Methods dlvr.it/RvRK3w #Deserialization #JavaInterfaces #JavaRMI #JavaRMIEnumeration
Do you have solid strategies for identifying & addressing #deserialization attacks? Having a deep understanding of the hacker mindset should be a critical part. Sign up for our next webinar on 4/21 with @SynackRedTeam researcher @Adam_Logue to learn more: syn.ac/3t5txuo
I spy with my little eye, something beginning with #php #deserialization, and ending in #pwnage. Slight PitA to exploit due to a bad XSS filter but I got there in the end. Time to chase down the vendor.
Critical Actively Exploited WebLogic Flaw Patched CVE-2019-2729 #weblogic @oracle #deserialization i5c.us/31Hd42r
Making Serialization Gadgets by Hand - .NET: vulncheck.com/blog/making-do… #dotnet #infosec #deserialization #hacking #programming #exploit #exploitation
The tool is available here: github.com/software-engin… #ysoserial #java #deserialization #exploit #gadgets
Active exploitation reported against WSUS deserialization vulnerability CVE-2025-59287; alert originated from a customer Windows Server Update Services instance. #CVE-2025-59287 #WSUS #deserialization research.eye.security/prompt-injecti…
Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236): slcyber.io/assetnote-secu… #infosec #cybersecurity #deserialization #rce #exploit #exploitation #cve
Review code for insecure deserialization — only deserialize trusted data. Consider JSON over binary formats when possible #CyberSecurityMonth #Deserialization #SecureCoding
Avoid insecure deserialization: never trust serialized objects from clients. Prefer safe formats (JSON), sign payloads, and whitelist types. #AppSec #Deserialization #SecureCoding #Pentesting
Project Zero found NSKeyedArchiver can leak NSNull's address via predictable NSDictionary hashing, bypassing ASLR on Apple devices – patched March 2025. Do you whitelist deserialization inputs? thecyberexpress.com/project-zero-e… #infosec #Deserialization
thecyberexpress.com
Project Zero Exposes ASLR Bypass In Apple Serialization Flaw
Project Zero reveals ASLR bypass in Apple’s NSKeyedArchiver — NSNull pointer leaks via NSDictionary hashing; Apple patched the issue on Mar 31, 2025.
Insecure Deserialization in .NET: Risk and Fixing Legacy Code iosec.in/insecure-deser… #Cybersecurity #deserialization
Hackers exploit SharePoint deserialization flaws to steal IIS Machine Keys, enabling persistent RCE. Admins must regenerate compromised keys and monitor for Event Code 4009. Link: thedailytechfeed.com/exploiting-sha… #Hackers #Exploitation #Deserialization #Flaws #Security #Keys #Persistence…
thedailytechfeed.com
Exploiting SharePoint Deserialization Vulnerabilities to Compromise IIS Machine Keys
Exploiting SharePoint Deserialization Vulnerabilities to Compromise IIS Machine Keys The Daily Tech Feed -
🧬 Popped Insecure Deserialization! ✔ Points: 120 | 🔐 Tasks: 9 | ⚠️ Difficulty: Medium #TryHackMe #Deserialization #BugBounty #CyberSecurity #CTF #Top1Percent #PentestReady #HackThePlanet #InfosecGrind
#Vulnerability #Deserialization Legacy vBulletin 4.x Patch Backfires: RCE via Signed Base64 Payloads and a Full PoC securityonline.info/legacy-vbullet…
#SAP #Patch Day #Deserialization #threat SAP veröffentlicht Rekord-Patch-Day mit 30 Sicherheitshinweisen. Laut #Onapsis besonders kritisch: #Deserialisierungsschwachstellen mit #CVSS-Bewertungen bis 10.0. …curity-storage-und-channel-germany.de/sap-patch-day-…
security-storage-und-channel-germany.de
SAP Patch Day Deserialization Threat - Security Storage und Channel Germany
Onapsis Forscher SAP-Notfall-Patches: Kritische Schwachstellen mit CVSS 10.0 erfordern sofortiges Handeln
💣 CLIXML #deserialization in #PowerShell isn't harmless… At #PSConfEU 2025, Alexander Andersson showed how it enables: ✔ Lateral movement ✔ Privilege escalation ✔ Guest-to-host VM breakouts 🎟️ Early bird 2026 tickets → psconf.eu youtu.be/E0KRVdD7SUo?si…
youtube.com
YouTube
PowerShell CLIXML Deserialization Attacks - Alexander Andersson -...
Debug - Write-up - #TryHackMe #hash-cracking #deserialization #eop #php #security #thm #web #writeups blog.raw.pm/en/TryHackMe-D… cc @RealTryHackMe
This book, “Writing Secure Code, 2nd ed.”, was published by @MicrosoftPress in 2003. Just saying. #deserialization
These #deserialization attacks will de-seriously blow your mind! 🤯 Start our new #HTBAcademy module and get hands-on training on defining, exploiting, and remediating #PHP and #Python deserialization. Get started now: academy.hackthebox.com/course/preview… #HackTheBox #CyberSecurity #InfoSec
Wazuh — Unsafe Deserialization RCE (CVE-2025-24016) An unsafe deserialization vulnerability in Wazuh servers allows remote code execution through unsanitized dictionary injection in DAPI requests/responses 🔗 Source: github.com/0xjessie21/CVE… #wazuh #deserialization #rce #cve
EnterPrize - Write-up - #TryHackMe blog.raw.pm/en/TryHackMe-E… #cms #deserialization #eop #libraries #nfs #php #security #web #writeups #thm cc @RealTryHackMe
Understanding & Identifying Insecure Deserialization Vulnerabilities infosecwriteups.com/understanding-… #BugBounty #Security #Deserialization #OWASP #Infosec
I always used the serde crate for Rust - but today I found about another pretty-looking serialization framework! (plus it has a cool name!) 🦀 rkyv (archive): Zero-copy deserialization framework for Rust. ⭐ GitHub: github.com/rkyv/rkyv #rustlang #library #deserialization
Doldrums - A Flutter/Dart Reverse Engineering Tool j.mp/3juJ8QD #Android #Deserialization #Doldrums #ELF #Extractor
Critical Actively Exploited WebLogic Flaw Patched CVE-2019-2729 #weblogic @oracle #deserialization i5c.us/31Hd42r
Remote-Method-Guesser - Tool For Java RMI Enumeration And Bruteforce Of Remote Methods j.mp/3snerzC #Deserialization #JavaRMI
June 17th, we will have @Becojo present his @NorthSec_io #ruby #deserialization challenges. It will happen on twitch: twitch.tv/montrehack and discord: discord.gg/357qSJ. Official announcement soon.
What worries #hackers? Attend for our next #ExploitsExplained installment on 4/21 where @synackredteam researcher, @Adam_Logue details the risks #deserialization attacks pose to security practitioners, including a demo of a JBoss Server exploitation. syn.ac/3t5txuo
Remote-Method-Guesser - Tool For Java RMI Enumeration And Bruteforce Of Remote Methods dlvr.it/RvRK3w #Deserialization #JavaInterfaces #JavaRMI #JavaRMIEnumeration
An awesome blog post by @irsdl on #Deserialization vulnerabilities in #Microsoft .NET These vulnerabilities are not covered very well compared with their Java counterparts, so this a great write-up: nccgroup.trust/uk/about-us/ne…
Video of our last week event is now available online here: twitch.tv/videos/6540830…. #ruby #deserialization from a @NorthSec_io challenge presented by @Becojo. #web #appsec
In this blog post, @irsdl shows abuse of XAMLX file capabilities to run commands on a server when such files can be uploaded within an IIS application. nccgroup.trust/uk/about-us/ne… #XAMLX #IIS #deserialization #Infosec
Do you have solid strategies for identifying & addressing #deserialization attacks? Having a deep understanding of the hacker mindset should be a critical part. Sign up for our next webinar on 4/21 with @SynackRedTeam researcher @Adam_Logue to learn more: syn.ac/3t5txuo
Trying to make the world a little safer, one @github repo at a time #appsec #devsecops #deserialization #yaml
New Oracle #WebLogic #Deserialization 0-day RCE Vulnerability bit.ly/2Gx4TvA via @80vul #RemoteCodeExecution No vendor fix yet! Speak to @waratek for guaranteed active protection against 0-day RCE attacks with no blacklists, signatures, or profiling #NoSourceCodeChanges
Something went wrong.
Something went wrong.
United States Trends
- 1. Massie 97.5K posts
- 2. #Varanasi 244K posts
- 3. Zvada N/A
- 4. #CollegeGameDay 2,309 posts
- 5. Charlie Becker N/A
- 6. Todd Snider N/A
- 7. #MeAndTheeSeriesEP1 1.46M posts
- 8. Pat McAfee 1,261 posts
- 9. Aaron Donald 2,713 posts
- 10. Lawson Luckie N/A
- 11. #Caturday 5,209 posts
- 12. #SaturdayVibes 5,639 posts
- 13. Brooklynn 4,389 posts
- 14. Willie Green 5,204 posts
- 15. Good Saturday 37K posts
- 16. Wrigley Field 1,243 posts
- 17. James Franklin 2,311 posts
- 18. Marjorie 122K posts
- 19. Northwestern 3,447 posts
- 20. Desmond Howard N/A