Today, Kagi celebrates over 50,000 paying subscribers! Check out our latest blog post for exciting updates, including the free Kagi Search portal, Kagi for Libraries, new swag and stickers:

https://blog.kagi.com/50k

#Kagi #Search #NoAds

My Sitecore CMS pre-auth RCE chain blog is public now. Enjoy 🫡

https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform

Recording of my Hexacon talk "Exploiting Hardened .NET Deserialization: New Exploitation Ideas and Abuse of Insecure Serialization" is available!

Talk: https://youtu.be/_CJmUh0_uOM?si=81Tot7HUgp7RQAlL
White paper: https://github.com/thezdi/presentations/blob/main/2023_Hexacon/whitepaper-net-deser.pdf

I hope you will find it useful :)

And domain-level RCE in Veeam B&R fixed today (CVE-2025-23121). My first (and hopefully not last) CVE, where I'm credited together with @codewhitesec 😎

https://www.veeam.com/kb4743

in case you missed it, someone has been porting mario64 to the gameboy advance

in what i can only describe as incredible hackery

https://www.youtube.com/watch?v=kueoO3b4B-M

technically speaking, it isn't the first 3d game on the gba, there's games like "asterix and obelix xxl"

technically speaking though, porting an n64 game to the gba is even more ridiculous

The researchers leaked the kernel base address using the EntryBleed side-channel attack and then turned the UAF on the vsock_sock structure into a RIP control primitive to execute a ROP-chain.

Exploiting the CVE-2025-21756 1-day vulnerability

@v4bel and @_qwerty_po posted a kernelCTF report about exploiting a UAF in the vsock subsystem of the Linux kernel:
https://github.com/google/security-research/blob/f7dbb569a8275d4352fb1a2fe869f1afa79d4c28/pocs/linux/kernelctf/CVE-2025-21756_lts_cos/docs/exploit.md

@gsuberland https://www.youtube.com/watch?v=239vHrwt8Rs ?

Another sev:CRIT ../ ? This time in ZendTo. LMAO. PoC in the post.

https://horizon3.ai/attack-research/attack-blogs/cve-2025-34508-another-file-sharing-application-another-path-traversal/

We discovered a path traversal vulnerability in ZendTo versions 6.15-7 and prior. This vulnerability allows malicious actors to bypass the security controls of the service to access or modify potentially sensitive information of other users. This issue is patched in 6.15-8, and we encourage all users to upgrade as soon as possible.

#directoryTraversalMemes

Slides like this will always have a special place in my heart! Source:

https://www.youtube.com/watch?v=goEb7eKj660

[oss-security] pam_namespace local privilege escalation (CVE-2025-6020)

https://www.openwall.com/lists/oss-security/2025/06/17/1

New post: Disclosure: Multiple Vulnerabilities in X.Org X server prior to 21.1.17 and Xwayland prior to 24.1.7 https://insinuator.net/2025/06/disclosure-multiple-vulnerabilities-xserver-xwayland/

🚀 We have just released a new Security Advisory for NASA's CFITSIO library 🛰️. Click the link for details on the Heap Overflow, Type Confusion, Out-of-Bound Writes & other vulnerabilities discovered by our Adrian Denkiewicz !

https://www.doyensec.com/resources/Doyensec_Advisory_CFITSIO_Q22025.pdf

#doyensec #appsec #security

@drwhax @0xCDE you guys see work done at construction sites? (over here they usually just raise some fences, get the bosses cars parked then nothing happens for weeks)

[oss-security] "the security policy of libxml2 has been changed to disclose vulnerabilities before fixes are available"

https://www.openwall.com/lists/oss-security/2025/06/16/6

CVE-2025-49794 CVE-2025-49795 CVE-2025-49796 CVE-2025-6021 CVE-2025-6170

CVE-2025-6021 looks like the most severe (integer overflow in xmlBuildQName())

Off-By-One Conference Day 1&2 videos, without stupid redirectors:

https://www.youtube.com/playlist?list=PLiIDIO1Gp6V9t5jA1WnTVAfHNPPR9OhSx

https://www.youtube.com/playlist?list=PLiIDIO1Gp6V8_CMvMVabhyeABTW1yZrRZ

@joxean Or engineering archeology?

[RSS] Junk Code Engines for Polymorphic Malware

https://r0keb.github.io/posts/Junk-Code-Engines-for-Polymorphic-Malware/

The Day 2 videos are finally out 🥳🥳

https://bird.makeup/@offbyoneconf/1934401036460167285

The Day 1 videos are finally out 🥳🥳

https://bird.makeup/@offbyoneconf/1934400701767270409