Posts
4027
Following
731
Followers
1614
"I'm interested in all kinds of astronomy."
Tonights pillow-talk with kiddo was about high capacity hard drives (the classics you know):

"Well, a 10TB hard drive would be useful if your grandma wants to save all the holiday pictures, and she doesn't know how to delete... and you have 100 grandmas!"
0
0
2
CVE-2026-41089 — Microsoft Windows Netlogon BuildSamLogonResponse Stack-based Buffer Overflow RCE

https://aretiq.ai/research/vul260513-cve-2026-41089-microsoft-windows-netlogon-buildsamlogonresponse-stack-based-buffer-overflow-rce/
0
2
1
repeated

So CVE-2026-41089 (CVSS 9.8) in Windows Netlogon can be triggered by sending a username that is AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA or longer.
How original.

8
12
0
repeated

Github Copilot’s new pricing model went live today and r/GithubCopilot is having a meltdown. It’s glorious

2
7
0
repeated
Edited 8 hours ago
[RSS] Adobe Acrobat Reader Escript.api Use-After-Free Remote Code Execution

https://blog.exodusintel.com/2026/06/01/adobe-acrobat-reader-escript-api-use-after-free-remote-code-execution/

"This issue was patched on April 2026 and likely assigned CVE-2026-34621, CVE-2026-34626 or CVE-2026-34622"
0
0
0
repeated

What happens when reverse engineers spend weeks digging into a Scala 3 codebase?

🔍 From code review to fuzzing, our assessment helped strengthen Scala's security and identify areas for improvement.

We're happy to share the results of our audit, conducted in collaboration with @ostifofficial

https://blog.quarkslab.com/scala-security-audit.html

0
1
0
repeated
repeated

🇺🇦 haxadecimal 🚫👑

Does anyone have a copy of:

AMD Am29040 Microprocessor User's Manual
1994
Order #18458

I need the full user manual, which is hundreds of pages. I already have the datasheet, which is 31 pages and is readily found online.

Thanks!

0
5
0
repeated
[RSS] Analysing an exploit on VLC on Windows using TTD and AI agentic

https://www.eshard.com/blog/vlc-media-player-mkv-exploit-analysis
0
0
1
repeated

We have started announcing Recon 2026 Presentations https://recon.cx/2026/en/speakers.html
More talks to be announced soon once we have confirmations

@hexnomad
@joegrand
@invokereversing
@tmanning @pinkflawd

0
8
0
@dey It's not built-in, it's a 3rd party package called `clap`. For simple stuff Rust is pretty easy, esp. because you have a nice package ecosystem (incl. the pkg manager). But for non-trivial stuff, the learning curve is *steep*.
1
0
1
repeated

Microsoft has achieved the impossible

0
2
0
@pancake Absolutely, that was part of the point actually :D
1
0
0
@pancake I mostly did this as an excercise in Rust, didn't know rax2 can do the same
1
0
1
Binary extension packages for #Ghidra 12+ are now automatically generated for my XCOFF Loader:

https://github.com/silentsignal/xcoff-ghidra/releases/tag/12

#AIX
0
0
0
I found a bug, so I created a test suite and published a new release for my signed/unsigned integer converter CLI utility, twos:

https://github.com/v-p-b/twos/releases/tag/v0.0.2
2
0
1
repeated

I’ve mentioned this before: this is one of the oncoming trains for corp-security. We’ve long failed at least-privilege, but weren’t often punished for it.

Helen in HR (or Bob in accounts) didn’t know what to do with the extra perms they didn’t know they had.

Their agents will.

3
16
0
Show older