I created a library from prefetch-tool so you can more easily experiment with side-channel #KASLR bypasses on Windows:

https://github.com/v-p-b/prefetch-lib

For dogfooding I exploited HEVD on Windows 11 24H2:

https://github.com/v-p-b/HEVD-prefetch

[oss-security] CVE-2025-4748: Erlang/OTP 17.0–28.0.0 absolute-path traversal in zip:unzip/zip:extract

https://www.openwall.com/lists/oss-security/2025/06/16/5

Exquisite bug!

I tried to improve on @carrot_c4k3 's work to bypass Windows KASLR with a prefetch side-channel. I summarized my results in a new blog post, spiced up with some geek art:

https://scrapco.de/blog/visualizing-prefetch-infoleaks-to-defeat-kaslr.html

@kajer

Make some noise!

This was the original version. While Adeptus Mechanicus clearly represents my general understanding of things, the Sister of Sororitas praying on a hill of skulls better captures my current mental state. #wh40k #IT #Windows

I have no idea why this works now and why it didn't work before...

Praise be the Omnissiah!

@Viss sauce plz

Had to make a proper GIF of this

@martinvermeer @oivaeskola

@david_chisnall @kenshirriff Just for the record, I find this part of AS/400 history pretty fascinating (from Inside AS/400, by Frank Soltis) :)

Would you?

@mttaggart or maybe giving RNGs full access to your repos is not a great idea?

@kimzetter Thank you! So DOGE still doesn't have the authority but lower-ranking staff basically obey their requests that don't align with cabinet secretaries or agency heads? Why don't they just go full-on Cheryll on these requests?

This could be us but you vibe coding

https://suberic.net/~dmm/projects/mystical/README.html

h/t @neauoire

What if humanity forgot how to make CPUs? by @lauriewired

https://threadreaderapp.com/thread/1922015999118680495.html

@thezdi

Glad to report that with the previous round of fixes loadlibrary works with the latest, 64-bit Windows Defender engine (1.1.25030.1)

https://scrapco.de/blog/fuzzing-windows-defender-with-loadlibrary-in-2025.html

#PatchTuesday

@kajer I need a carefully select @effinbirds for this: