@algernon @tardis ugyanitt bojler eladó!

A fun thing with vulnerability writeups is to watch the (cloud-based) issue trackers of affected companies come in as referers :)

Me to MSRC: Words clearly describing a vulnerability, with supporting screenshots of the commands I typed and the response that Windows gives.

MSRC: Can you please provide a video showing the behavior you are seeing?

Me: ...

I get that people doing grunt work have mostly-fixed workflows that they go through with common next steps.
But to request a video that now captures (beyond my already-submitted screenshots) the act of me typing, and the Windows response being painted on the screen adds what of value now?

I should have done this a long time ago but people keep asking. I have assembled all of the clips of HNNCast on Youtube into one playlist. If you want to relive ~14yr old news items then this list is for you.

https://www.youtube.com/watch?v=UdKyDqU1p-4&list=PL-DjMTsCaYUwR3dZKdSb-fFMwLFBOvENb

@jerry @briankrebs

Give that cat a donation.

Patreon: https://www.patreon.com/infosecexchange

Ko-Fi: https://ko-fi.com/infosecexchange

Liberpay: https://liberapay.com/Infosec.exchange/

Here's the second installment of my Paramilitary Leaks series. How you can set up your computer to read through the leaked militia chats yourself https://micahflee.com/step-by-step-guide-to-reading-the-leaked-militia-chats-yourself/

TIL Space Invaders had a tilt sensor. Good deep dive into the inner workings of the game.

https://www.computerarcheology.com/Arcade/SpaceInvaders/

#programming #retrocomputing #retrogaming #spaceinvaders #assemblylanguage #z80

If you're fuzzing C/C++ code and need more customizability, our new Testing Handbook chapter shows you exactly how to set up and use LibAFL - both as a libFuzzer drop-in and as a Rust library.
https://appsec.guide/docs/fuzzing/c-cpp/libafl/

Reminder to submit your proposals!
The CFP will close on the 2nd of April.

There is a new official C language website maintained by the C Standards Committee https://www.c-language.org/

Adobe Acrobat Reader vulnerability reports from Talos:

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2136
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2135
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2134

CVE-2025-27163 CVE-2025-27158 CVE-2025-27164

/via @talosvulns

Update: it wasn't the ECB blocking gnome-calculator, it was an HTTP library regression breaking the connection to the ECB. Text in [] is incorrect, retained due to RTs etc.

[The ECB have remotely bricked gnome-calculator]

In the latest episode of "Why the 21st Century is impossibly stupid", GNOME calculator contacts the ECB on startup to get currency rates. It just hangs on startup if this fails, the whole calculator not just the currency stuff. [The ECB has blocked GNOME calculator].

To fix this, you can do "dconf write /org/gnome/calculator/refresh-interval 0", whatever tf dconf is, because when I tried it told me dbus-launch is missing, wtf that is, because it doesn't have a package. Turns out it's in "dbus-x11". I dunno why X11, because I use wayland, but I'm past caring at this point. I installed it and it worked.

Now I can calculate how much postage I need to pay for this parcel.

[A bloody OS-shipped desktop calculator, DDoSing a central bank, and blocking on connection failure].

[oss-security] Below: World Writable Directory in /var/log/below Allows Local Privilege Escalation (CVE-2025-27591)

https://seclists.org/oss-sec/2025/q1/201

Below: "A time traveling resource monitor for modern Linux systems" <- this sounds pretty cool!

https://github.com/facebookincubator/below

Pre-authentication SQL injection to RCE in GLPI (CVE-2025-24799 /CVE-2025-24801)

https://blog.lexfo.fr/glpi-sql-to-rce.html

GLPI: "The most complete open source service management software"

Unraveling Time: A Deep Dive into TTD Instruction Emulation Bugs

https://cloud.google.com/blog/topics/threat-intelligence/ttd-instruction-emulation-bugs?linkId=13384255

i've changed my mind, cursor is officially now the best AI code generation tool

https://forum.cursor.com/t/cursor-told-me-i-should-learn-coding-instead-of-asking-it-to-generate-it-limit-of-800-locs/61132

Writing these words from the first Linux kernel ever booted on x86_64 by a pure Go UEFI bootloader!

Pro debugging technique: listening to CPU noises to attest boot flow progress while Frame Buffer issues made everything dark 😅.

🔥 The "impossible" XXE in PHP? Not so impossible anymore.

Our researcher Aleksandr Zhurnakov discovered an interesting combination of PHP wrappers and a feature of XML parsing in libxml2 to exploit it.

Read: https://swarm.ptsecurity.com/impossible-xxe-in-php/

My mom accidentally referred to cryptocurrency as “kleptocurrency” this morning and I think I’m going to call it that from now on! 🤑

#ESETresearch has discovered a zero day exploit abusing #CVE-2025-24983 vulnerability in the Windows kernel 🪟 to elevate privileges (#LPE). First seen in the wild in March 2023, the exploit was deployed through #PipeMagic backdoor on the compromised machines.

The exploit targets Windows 8.1 and Server 2012 R2. The vulnerability affects OSes released before Windows 10 build 1809, including still supported Windows Server 2016. It does not affect more recent Windows OSes such as Windows 11.

The vulnerability is a use after free in Win32k driver. In a certain scenario achieved using the #WaitForInputIdle API, the #W32PROCESS structure gets dereferenced one more time than it should, causing UAF. To reach the vulnerability, a race condition must be won.

The patches were released today. Microsoft advisory with security update details is available here:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24983