[RSS] NHook - Minimal Inline Hooking Library for Windows x64

https://github.com/woldann/NHook

[RSS] Introduction to Kmemdump

https://www.linaro.org/blog/introduction-to-kmemdump/

"A smarter way to Capture Crash Data on Embedded Linux Devices"

Exploring fault injection on ESP32 V3!

Inspired by Delvaux work, we tested voltage #glitching as an attack vector. With advanced triggers & GDB, we achieved a ~1.5% success rate. #Hardware #FaultInjection is becoming more practical!

https://security.humanativaspa.it/fault-injection-follow-the-white-rabbit/

Oh WhatsApp, you changed. Meta got the best out of you.

"No one wakes up excited to see more advertising, no one goes to sleep thinking about the ads they'll see tomorrow.”

"Advertising isn't just the disruption of aesthetics, the insults to your intelligence and the interruption of your train of thought.“

~ WhatsApp Blog, June 18th 2012
https://blog.whatsapp.com/why-we-don-t-sell-ads

A quick-and-dirty late night blog post on discovering an nday variant in Zyxel NWA50AX Pro devices

https://frycos.github.io/vulns4free/2025/06/17/zyxel-nday-variant.html

New Qualys reports to read while sipping your morning coffee:

https://www.openwall.com/lists/oss-security/2025/06/17/4

CVE-2025-6018: LPE from unprivileged to allow_active in *SUSE 15's PAM
CVE-2025-6019: LPE from allow_active to root in libblockdev via udisks

So glad someone properly called out kWh!

https://www.youtube.com/watch?v=kkfIXUjkYqE

#CursedUnits

🚨 New Rowhammer paper 🔨

Our latest work McSee reveals that Intel & AMD CPUs don't use DDR5's RFM cmds 🚫 and Intel uses pTRR on client CPUs 💥

Meet McSee, our oscilloscope-based platform that exposes hidden DDR4/5 behaviors 🧐

👉 http://comsec.ethz.ch/mcsee #Rowhammer #Security

Today, Kagi celebrates over 50,000 paying subscribers! Check out our latest blog post for exciting updates, including the free Kagi Search portal, Kagi for Libraries, new swag and stickers:

https://blog.kagi.com/50k

#Kagi #Search #NoAds

My Sitecore CMS pre-auth RCE chain blog is public now. Enjoy 🫡

https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform

Recording of my Hexacon talk "Exploiting Hardened .NET Deserialization: New Exploitation Ideas and Abuse of Insecure Serialization" is available!

Talk: https://youtu.be/_CJmUh0_uOM?si=81Tot7HUgp7RQAlL
White paper: https://github.com/thezdi/presentations/blob/main/2023_Hexacon/whitepaper-net-deser.pdf

I hope you will find it useful :)

And domain-level RCE in Veeam B&R fixed today (CVE-2025-23121). My first (and hopefully not last) CVE, where I'm credited together with @codewhitesec 😎

https://www.veeam.com/kb4743

PrivEsc in IBM i.

https://www.ibm.com/support/pages/node/7237040

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 could allow a user to gain elevated privileges due to an unqualified library call in IBM Advanced Job Scheduler for i. A malicious actor could cause user-controlled code to run with administrator privilege.

https://nvd.nist.gov/vuln/detail/CVE-2025-33122

cc: @buherator since IIRC you were interested in IBM i things.

in case you missed it, someone has been porting mario64 to the gameboy advance

in what i can only describe as incredible hackery

https://www.youtube.com/watch?v=kueoO3b4B-M

technically speaking, it isn't the first 3d game on the gba, there's games like "asterix and obelix xxl"

technically speaking though, porting an n64 game to the gba is even more ridiculous

Exploiting the CVE-2025-21756 1-day vulnerability

@v4bel and @_qwerty_po posted a kernelCTF report about exploiting a UAF in the vsock subsystem of the Linux kernel:
https://github.com/google/security-research/blob/f7dbb569a8275d4352fb1a2fe869f1afa79d4c28/pocs/linux/kernelctf/CVE-2025-21756_lts_cos/docs/exploit.md

Another sev:CRIT ../ ? This time in ZendTo. LMAO. PoC in the post.

https://horizon3.ai/attack-research/attack-blogs/cve-2025-34508-another-file-sharing-application-another-path-traversal/

We discovered a path traversal vulnerability in ZendTo versions 6.15-7 and prior. This vulnerability allows malicious actors to bypass the security controls of the service to access or modify potentially sensitive information of other users. This issue is patched in 6.15-8, and we encourage all users to upgrade as soon as possible.

#directoryTraversalMemes

X.509 and JWT sounds like a horrible way to spend a day but if that's your thing, here you go:

https://trustedsec.com/blog/attacking-jwt-using-x509-certificates

Slides like this will always have a special place in my heart! Source:

https://www.youtube.com/watch?v=goEb7eKj660

[oss-security] pam_namespace local privilege escalation (CVE-2025-6020)

https://www.openwall.com/lists/oss-security/2025/06/17/1

New post: Disclosure: Multiple Vulnerabilities in X.Org X server prior to 21.1.17 and Xwayland prior to 24.1.7 https://insinuator.net/2025/06/disclosure-multiple-vulnerabilities-xserver-xwayland/