she is all of us

canonical mode

👀 https://www.reuters.com/technology/cybersecurity/chinas-baidu-denies-data-breach-after-executives-daughter-leaks-personal-info-2025-03-20/

"But Ryan, the C preprocessor isn't a programming language!"

Skill issue.

The official website of zero-day broker Zerodium has been updated in December of last year. There are no price lists nor any information anymore, just an email and a PGP public key.

🤔

If you know what's happening there...let me know.

https://zerodium.com

@cR0w something something Steven Segal?

New Project Zero issue:

msm_npu: Race between npu_host_unload_network and npu_host_exec_network_v2 leads to memory corruption

https://project-zero.issues.chromium.org/issues/380081941

CVE-2025-21424

[oss-security] [kubernetes] CVE-2024-7598: Network restriction bypass via race condition during namespace termination

https://seclists.org/oss-sec/2025/q1/234

"The order in which objects are deleted
during namespace termination is not defined, and it is possible for network
policies to be deleted before the pods that they protect." whoops :)

@nbourdais @cR0w @greynoise It'd be actually interesting to see the distribution of HTTP response codes if that data is collected, because it is a straightforward signal for one of the requirements (read-only=false).

@mcc @oblomov This sounds fun, you should get some VC funding!

@cR0w @greynoise "GreyNoise observed exploitation attempts as early as March 11" -> Please note that PoC was publicly available since that way:

https://scrapco.de/blog/analysis-of-cve-2025-24813-apache-tomcat-path-equivalence-rce.html

Also note that even with HTTP response data it's not straightforward to conclude that:
- file based session management was configured
- there were useful gadget chains available

@oblomov @mcc VibeLang? As in execution order depends on how the interpreter feels and all errors are handled somehow just to keep the thing going :)

Up-to-date fork of Sourcetrail:

https://github.com/petermost/Sourcetrail

h/t @brk

@brk Nice, I'll keep an eye on that!

#CunninghamsLaw

I don't recall seeing a CVE for a WAF lib bypass before but here you go, add it to your tricks if it isn't already there.

https://github.com/corazawaf/coraza/security/advisories/GHSA-q9f5-625g-xm39

sev:MED 5.4 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Prior to 3.3.3, if a request is made on an URI starting with //, coraza will set a wrong value in REQUEST_FILENAME. For example, if the URI //bar/uploads/foo.php?a=b is passed to coraza: , REQUEST_FILENAME will be set to /uploads/foo.php. This can lead to a rules bypass. This vulnerability is fixed in 3.3.3.

https://nvd.nist.gov/vuln/detail/CVE-2025-29914

For those just learning about LibGen because of the reporting on Meta and other companies training LLMs on pirated books, I’d highly recommend the book Shadow Libraries (open access: https://direct.mit.edu/books/oa-edited-volume/3600/Shadow-LibrariesAccess-to-Knowledge-in-Global).

I just read it while working on the Wikipedia article about shadow libraries, and it’s a fascinating history. https://en.wikipedia.org/wiki/Shadow_library

I fear the already fraught conversations about shadow libraries will take a turn for the worse now that it’s overlapping with the incredibly fraught conversations about AI training.

#AI #LibGen #OpenAccess

[RSS] What could cause a memory corruption bug to disappear in safe mode?

https://devblogs.microsoft.com/oldnewthing/20250320-00/?p=110981

@ghosttie @mcc I guess you are right. On the grand scale of things the Universe won't be bothered by my pathetic compile errors :,(

The Trump family has reportedly had conversations about acquiring a stake in Binance — as Binance founder and former CEO Changpeng Zhao is reportedly seeking a pardon from the president.

#crypto #cryptocurrency #USpolitics #USpol

Let's also talk about our failures!

We tried to make a consortium for a cool EU-funded project about malware analysis, but didn't manage to do it in time. 🫤

We'll try again! If you're an SME owned and controlled in the EU, feel free to get in touch 💪

https://ec.europa.eu/info/funding-tenders/opportunities/portal/screen/opportunities/topic-details/digital-eccc-2024-deploy-cyber-07-keytech