Posts
4090
Following
732
Followers
1618
"I'm interested in all kinds of astronomy."
repeated

Allele Security Intelligence

Edited 1 hour ago

We started analyzing a classic case where GDB creates the illusion that code in writable memory is corrupted. We ended up discovering two interesting behaviors.

Did you know there's a way to hit a breakpoint without using hardware or software breakpoints? Or how GDB patches the binary to execute an instruction?

Learn more about how GDB works under the hood.

Why is my shellcode being corrupted?
https://allelesecurity.com/why-is-my-shellcode-being-corrupted/

0
3
0
repeated

@cynicalsecurity Can't wait to see if LLMs bug hunting is deep or shallow. Really curious. Also interesting how they all turned into bug hunting as their main target and AGI etc talk is long gone already LOL Guess bugs make better PR, financial returns, time will tell :-)

1
1
0
[RSS] GreatXML a bitlocker that seems to only work if you ever had Defender Offline Scan

https://deadeclipse666.blogspot.com/2026/06/greatxml-bitlocker-that-seems-to-only.html
0
1
0
[RSS] IDA 9.4 Beta | Hex-Rays Docs

https://docs.hex-rays.com/release-notes/9_4beta
0
0
1
repeated

"Feed the fire, let the last cinders burn."

My IB-01: CEL 240 illustration is now available as a print <3

https://www.inprnt.com/gallery/lurnoise/ib-01-cel-240/

1
2
0
Edited 6 hours ago
I know namespaces are nice, but we only should have conflicting local names for the most trivial stuff.

bedroom::Plumbus and bathroom::Plumbus are probably fine.

But when I have bedroom::PlumbusInserter and bathroom::PlumbusInserter it's *guaranteed* that my IDE will import the wrong name resulting in hours of debugging because nothing makes sense.

#programming
0
0
0
ITScape: Guest-to-Host Escape in KVM/arm64

https://github.com/V4bel/ITScape
0
3
2
repeated

Someone's AI agent has been performing a wide variety of manipulation to the project for a while to the Fedora project. https://lwn.net/SubscriberLink/1077035/c7e7c14fbd60fae9/

It's clearly linked to an account that precedes the, ahem, "agentic AI era", but it also seems the account wwas probably compromised, but everything is unclear, including motivations or the extent of damage.

3
10
0
repeated

Blogged about the time I doubled our users by doing proper engineering instead of React slop

https://www.mohkohn.co.uk/writing/html-first/

5
8
0
repeated
Thinking about the last tweet, not imposing exemplary punishment on the first person who published a `latest` tag on anything was probably a major mistake of humanity.
0
0
2
@christopherkunz Damn that sounds like a major burn for MS!
0
0
1
repeated

@buherator I can verify that the exploit still works with that mpengine.dll version and the 1.453.28.0 definition update that got released 6/10/2026 6:29:20 PM. It takes more than one attempt, sometimes up to 6-7 now, where it used to be almost always one shot, but it still works.
I'm waiting for my other VM to fully update and then I'll retry there, too.

1
1
1
TIL about @kagihq 's Redirect feature that finally allows me to land on the latest available documentation page on docs.rs for crates where latest is broken.

(Interestingly, the samples provided for this feature are also based on docs.rs URLs 🤔)
0
0
1
repeated

Ryan Castellucci (they/them) nonbinary_flag

I wish this were fake.

7
7
0
@christopherkunz That's it thx! Based on the Update Guide this should fix the problem independently from the definition updates, so if you can repro on a clean system with this DLL version that's bad.
1
0
0
repeated

New, by me: ServiceNow appears to have notified some enterprise customers that there was outside access to their data, after a security bug left instances exposed to the web.

The company has hidden its notice behind a login wall, but was shared by network defenders on Reddit.

https://techcrunch.com/2026/06/10/servicenow-tells-customers-a-bug-left-some-of-their-data-exposed-to-the-internet/

1
3
0
repeated

The Anthropic Fable-5 safety classifiers seem to be written by the OpenAI marketing department.

Pretty much anything I talk to LLMs about gets downgraded.
Nerfed into useless. Worst model release ever?

0
1
0
repeated

Golden rule of vulnerability disclosure is:

Dont fuck with people who are time rich and cash poor.

1
4
0
Show older