Funny FPU trick I discovered yesterday to detect arm64 or x86_64 architecture at runtime

@ben @babe As Monty Python prophecised: https://www.youtube.com/watch?v=E-bIMxB4zA8

There was recently an article about using salvaged Sun Ray thin clients with a modern server. @bcantrill's response to that article on Hacker News mentioned his story about using DTrace to debug a performance problem on a Sun Ray server. He linked to a paper he wrote for Usenix, but I prefer his extended telling in this 2007 talk: https://www.youtube.com/watch?v=TgmA48fILq8&t=35m6s

If you like that kind of thing, my presentation "Save the world, write more efficient code" from @joyofcoding is online now! https://youtu.be/XntLynSlYjI?t=203

a blog post by my friend eevee which is, y’know, preaching to the choir about exactly what you think, but. yeah. https://eev.ee/blog/2025/07/03/the-rise-of-whatever/

[RSS] Applocker bypass on Lenovo machines - The curious case of MFGSTAT.zip

https://oddvar.moe/2025/07/03/applocker-bypass-on-lenovo-machines-the-curious-case-of-mfgstat-zip/

[RSS] CVE-2025-53367: An exploitable out-of-bounds write in DjVuLibre

https://github.blog/security/vulnerability-research/cve-2025-53367-an-exploitable-out-of-bounds-write-in-djvulibre/

CVE-2025-53367

[RSS] Kernel Exploitation Techniques: Turning The (Page) Tables

https://sam4k.com/page-table-kernel-exploitation/

[RSS] When too much access is not enough: a story about Confluence and tokens

http://blog.quarkslab.com/a-story-about-confluence-and-tokens.html

[RSS] exploits.club Weekly Newsletter 78 - ITW Sandbox Escapes, RL For VR, WhatsApp Fuzzing, And More

https://blog.exploits.club/exploits-club-weekly-newsletter-78-itw-sandbox-escapes-rl-for-vr-whatsapp-fuzzing-and-more/

New post: Insecure Boot: Injecting initramfs from a debug shell https://insinuator.net/2025/07/insecure-boot-injecting-initramfs-from-a-debug-shell/

Reproducing a million-dollar bug: WhatsApp CVE-2019-11932 https://www.ibm.com/think/x-force/reproducing-million-dollar-bug-whatsapp-cve-2019-11932-afl-frida

What? They programmed it by doing what???

https://en.m.wikipedia.org/wiki/Bally_Astrocade

@raptor I think - objectively - that range is absolutely awesome! subjectively, I totally feel you...

[RSS] Assembly Code Editor

https://deepcodestudio.pages.dev/

[RSS] opasm: an Assembly REPL

https://github.com/aedrax/opasm

"IBM Software Download Tips: Three Easy Steps to Make Download Director Work Again"

https://www.ibm.com/support/pages/node/7181432

Free #ProTip for IBM: no one should ever have to use Download Director. Web servers should just not randomly drop connections.

CVE ID: CVE-2025-6554
Vendor: Google
Product: Chromium V8
Date Added: 2025-07-02
Notes: https://chromereleases.googleblog.com/2025/06/stable-channel-update-for-desktop_30.html?m=1 ; https://nvd.nist.gov/vuln/detail/CVE-2025-6554
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-6554

V8 Security is hiring in Munich, Germany: https://www.google.com/about/careers/applications/jobs/results/96463411851731654-software-engineer-iii-v8-security

Great opportunity to work on some really hard and interesting problems in the security space!

Microsoft lays off another **9000** game industry employees.

If accurate, would bring the number of game industry layoffs in the last four years to over 45,000.

This is not a large industry.

https://aftermath.site/xbox-layoffs-july