Posts
2500
Following
650
Followers
1469
"I'm interested in all kinds of astronomy."
repeated
Edited 36 minutes ago

I'm happy to announce that HyperDbg v0.14 is released!

This version includes HyperEvade (beta preview), fixes Win11 24H2 compatibility issues & adds multiple timing functions to the script engine (Special thanks to @0Xiphorus )

Check it out: https://github.com/HyperDbg/HyperDbg/releases/tag/v0.14

More info on HyperEvade: https://github.com/HyperDbg/slides/blob/main/2025/DEBT2025/hyperevade-ecoop2025-debt.pdf

Microsleep function:
https://docs.hyperdbg.org/commands/scripting-language/functions/timings/microsleep

and RDTSC/RDTSCP:
https://docs.hyperdbg.org/commands/scripting-language/functions/timings/rdtsc

https://docs.hyperdbg.org/commands/scripting-language/functions/timings/rdtscp

Thanks to Tara for making this painting for us (it's not AI-generated).

0
2
0
[RSS] The Guest Who Could: Exploiting LPE in VMWare Tools

https://swarm.ptsecurity.com/the-guest-who-could-exploiting-lpe-in-vmware-tools/

CVE-2025-22230 CVE-2025-22247
0
1
1
[RSS] How We Accidentally Discovered a Remote Code Execution Vulnerability in ETQ Reliance

https://slcyber.io/assetnote-security-research-center/how-we-accidentally-discovered-a-remote-code-execution-vulnerability-in-etq-reliance/

CVE-2025-34140 CVE-2025-34141 CVE-2025-34142 CVE-2025-34143
0
0
0
[RSS] Reverse Engineering Security Products: Developing an Advanced Tamper Tradecraft (BHMEA24 slides)

https://github.com/emcalv/BlackHat-MEA-2024-slides/blob/main/BH%20MEA%202024%20-%20Reverse%20Engineering%20of%20Security%20Products_%20Defender.pdf
0
0
0
repeated

Shared the PoC with @mkolsek few days ago, the same one I gave to microsoft. Unlike microsoft however, they not only verified the issue within days but refined it demonstrating that ANY domain user can crash a fully patched windows 2025 server as of now.
https://bird.makeup/users/0patch/statuses/1947674442772910437

1
3
0
repeated
repeated
Edited 12 hours ago

In memory of Ozzy Osbourne, we replay our review of Technical Ecstasy, an often overlooked album from his era of Black Sabbath that is among our favorites at CatSynth. We extend our thoughts to his family, friends, and colleagues 😿
https://youtu.be/vklyJuPbilY

0
2
0
repeated

Banana ozzy deployed to usher gk through a period of mourning salute

2
4
0
repeated

I am excited to share this new single-header C library I have been working on for a while now: vecmath.h, a comprehensive vector/matrix math library for graphics/games/3d.
It allows you to write vector math code in C that looks like this:

2
4
0
repeated
repeated

I don't know which update specifically, but in a recent update of 24H2 it looks like the Win32k system call table is protected by Kernel Data Protection (read-only SLAT entry)! I believe CI!g_CiOptions and msseccore's SecKdpSe PE section were the only things using it before.

0
2
0
repeated

Windows is one massive (private) Git repo.

When I was at MS, the Windows Source had around ~3k PRs a day!

Regular Git didn’t scale to those levels at the time.

Internally there was a progression from Git -> GVFS -> Scalar -> merge back to Git. Here's how it worked:

2
2
0
repeated

"35% of the US stock market is held up by five or six companies buying GPUs."

Ed Zitron, The Hater's Guide to the AI Bubble

https://www.wheresyoured.at/the-haters-gui/

5
12
0
[RSS] Quick-Skoping through Netskope SWG Tenants - CVE-2024-7401

Marketing domain -> check!

https://quickskope.com/
0
0
1
[RSS] Ruckus Unleashed: Multiple vulnerabilities exploited

CVE-2025-46116 CVE-2025-46117 CVE-2025-46118 CVE-2025-46119 CVE-2025-46120 CVE-2025-46121 CVE-2025-46122 CVE-2025-46123

https://sector7.computest.nl/post/2025-07-ruckus-unleashed/
0
0
3
[RSS] Miggo Security%27s AI Slop & Potential Trademark Infringement

https://jericho.blog/2025/07/21/miggo-securitys-ai-slop-potential-trademark-infringement/
0
0
1
repeated

Here's the article I was working on today, and the first I've written for The Register in a hot minute: a look at a new, generated-from-actual-1980s-hardware, 1.5-million-strong test suite for the Intel 286 and compatibles.

In 2025. Yes. Emulator devs are a different breed, I tell you, and we're all the richer for 'em.

https://www.theregister.com/2025/07/21/intel_286_test_suite/

0
3
0
repeated

Wikimedia Foundation Challenges UK Online Safety Act Regulations | Wikimedia Foundation
https://alecmuffett.com/article/113724

0
1
0
WAFFLED: Exploiting Parsing Discrepancies to Bypass Web Application Firewalls [PDF]

https://arxiv.org/pdf/2503.10846v1
0
0
2
Show older