Dissecting and Exploiting Linux LPE Variant: DirtyClone (CVE-2026-43503):
#cve #linux #cybersecurity #informationsecurity #exploitation #vulnerability
HyperDbg v0.21 is released! 🪐💫
This release includes numerous bug fixes, improved stability, and significant progress toward integrating Intel PT (Processor Trace) into HyperDbg.
Check it out:
https://github.com/HyperDbg/HyperDbg/releases/tag/v0.21
Curiously enough, the only thing that went through the mind of the bowl of petunias as it fell was Oh no, not again. Many people have speculated that if we knew exactly why the bowl of petunias had thought that we would know a lot more about the nature of the Universe than we do now.
personally i'm ok with AI techniques being less well known but there's a deeper thing going on here which is far more important IMO, because it's also partially why LLMs have taken over
== this thread is in response to this tweet: ==
RE: https://kolektiva.social/@beka_valentine/116845902133405690
An excellent thread here. So much of what I see people pointing to as LLM's benefits for coding relates to long-standing problems in software engineering that the field just hasn't addressed. And LLMs don't solve these problems, at best the just paper them over and make dealing with them less tedious -- while reinforcing the problematic dynamics.
So yes it's great that people with no programming skills can create software to solve their prolems. But if we had collectively spent a chunk of the literally billions of dollars that are going to "AI" building on the early approaches to this from 25+ years ago (Hyperscript, Logo) that don't have the same downsides, we'd be in a much better place today.
And this goes for program analysis as well! Sure, it's impressive that Mythos-class LLMs can be used to identify oodles of problematic constructs in code that's been shipping for years, including tends of thousands of real bugs some of which are security vulnerabilities. It was also very impressive that PREfix and PREfast (the program analysis tools I worked on in back in the day) and the more-powerful tools that followed like Coverity could do it. Where would the program analysis field be today if billions of dollars had been invested in building on these tools instead of "AI"?
But none of these analysis tools change the underlying causes of the bugs -- software engineering processes that value time-to-market over security, unsafe libraries and languages, leaving security as an afterthought, etc etc etc. Don't get me wrong, finding and fixing bugs has value; one net effect this wave of LLM program analysis is likely to be useful hardening of existing software. But all the resources going to that aren't going to addressing the underlying issues -- and also reinforcing all the ethical, sustainability, and power-concentrating consequences of LLM usage.
For decades, the KKK marched and protested wearing masks, and Dem lawmakers said, "It's free speech! We have to let them talk!"
Then for a few summers, some Black kids said, "We need a ceasefire in Palestine." And Dem lawmakers passed laws against masked protest.🤡
Now those Dems are quiet again.🤷🏿♂️
Blog post: Inspired by the video I just boosted - some honest thoughts on my AI remorse from my experiments earlier in the year.
It was bad, and I have SERIOUS regrets.
Agentic AI has "guardrails" (e.g. you have to explicitly say "don't delete all the files on my computer" if you don't want it to delete all your files).
One of these guardrails is asking users to confirm whether to do things. Claude Code apparently has now decided that if you take over sixty seconds to answer a question, it'll just go ahead.
Turns out guardrails get in the way of consuming tokens, and you must consume tokens in order for the business model to work.
Interesting Git repos of the week:
Strategy:
* https://github.com/mr-r3b00t/ai_usage_mitre_analysis - AI abuse through an ATT&CK lens with @UK_Daniel_Card 🤖
Detection:
* https://github.com/citizenlab/bluecoat-investigations investigating Blue Coat device breaches with @citizenlab
* https://github.com/andreicscs/HoneyWire - F/OSS deception
Bugs:
* https://github.com/sgkdev/ipv6_frag_escape - another Linux LPE
Exploitation:
* https://github.com/x86byte/Obfusk8 - obfuscation library
* https://github.com/bee-san/RustScan - a port scanner in Rust
* https://github.com/t0thkr1s/gpp-decrypt - dumping GPP cpassword
* https://github.com/kernelstub/Nox - attack surface management in Go
* https://github.com/JVBotelho/skewrun - abusing time in AD
* https://github.com/db0109/AI-Red-Team-Scripts-And-Checklist - tips and tricks for red teaming AI 🤖
* https://github.com/jonaslykkegaard9-ops/m - remapping Windows memory
Hard hacks:
* https://github.com/pinkflawd/MIPSReverseEngineeringWorkshop - @pinkflawd's MIPS training
Nerd:
* https://github.com/ripienaar/free-for-dev - free hosting for developers 🤖
* https://github.com/dockur/macos - OS X in Docker