We are pleased to announce the completion of security audit of PHP core!
Executed by @quarkslab in partnership with @ostifofficial and commissioned by the @sovtechfund.

Learn more: https://thephp.foundation/blog/2025/04/10/php-core-security-audit-results/

DECORE posted some ADCS magic but I couldn’t yet figure out how to switch language o.O

https://devco.re/blog/2025/04/10/taking-over-the-entire-domain-in-minutes-what-have-you-overlooked-in-active-directory/

Edit: This doesn’t seem like anything Earth-shattering, but a nice summary of state of ADCS security (spoiler: it is bad)

TIL PHP OpCache has a Lua interpreter embedded o.O

https://github.com/php/php-src/blob/master/ext/opcache/jit/ir/dynasm/minilua.c

After installing April's updates, Windows 10 and 11 systems now have an empty C:\inetpub directory.

This seems... unexpected?

🚨 New advisory was just published! 🚨

A critical Remote Code Execution (RCE) vulnerability has been discovered in Calix. This vulnerability arises due to improper sanitation of user input in a CWMP (CPE WAN Management Protocol) service. Exploiting this flaw allows an attacker to execute arbitrary system commands with root privileges, leading to full system compromise: https://ssd-disclosure.com/ssd-advisory-calix-pre-auth-rce/

I just published a post on my blog about the IBM i 7.6 announcement - enjoy!

https://www.ibmi4ever.com/posts/20250409-ibmi-76-has-been-announced/

#IBMi #ACS

Static Analysis via Lifted PHP (Zend) Bytecode | Eptalights https://eptalights.com/blog/04-php-support

Our new Testing Handbook section on snapshot fuzzing helps security engineers test software that's traditionally difficult to analyze, such as kernel components and antivirus, where a single crash can take down the entire system.

Snapshot fuzzing captures memory and register states at critical execution points, allowing security engineers to:

- Test thousands of code paths without time-consuming system restarts
- Ensure fully deterministic testing where the same input always produces the same result
- Eliminate unreproducible crashes by starting each test from identical states
-Easily track code coverage and detect failures in emulated environments

In this section, we provide step-by-step instructions for building custom harnesses, fuzz campaigns, and more using What the Fuzz (wtf), an open-source snapshot-based fuzzer.

https://blog.trailofbits.com/2025/04/09/introducing-a-new-section-on-snapshot-fuzzing-for-kernel-level-testing-in-the-testing-handbook/

New blog post: With Carrots & Sticks - Can the browser handle web security? https://frederikbraun.de/madweb-keynote-2025.html - This is the blog version of my keynote from MADWeb 2025 earlier this year. It's about how web security could become the browser's responsibility.

OK, I stand corrected. There are European CNA's that you can report to which accept "not in another CNA’s scope"-vulnerabilities.

I was fooled (multiple times!) by this page in the past: https://www.cve.org/ReportRequest/ReportRequestForNonCNAs
It first tells you to "find the CNA partner whose scope includes the product affected by the vulnerability".
It does not really tell you, that there are CNA's that accept everything that is not explicitly in scope by any other CNA.
If you fail to find a CNA due to that, there are two links to the CNA-LR's that should "direct you to the appropriate CNA". But those links are the CVE request forms of the CNA-LR's, they don't direct you anywhere.

The more you know!

okay. if you ever want to get the previous version of a file that Windows Update has updated, do i have an utility for you https://github.com/whitequark/ApplyDeltaB

We've open-sourced another core Binary Ninja feature: SCC. If you're not familiar with it, the Shellcode Compiler has been built-in to BN from the beginning, allowing you to build small PIE shellcode in a variety of architectures right from the UI: https://scc.binary.ninja/ (Source: https://github.com/Vector35/scc)