disconnect3d from Trail of Bits presents Pwndbg at #EuroPython.
Pwndbg is a Python tool that makes low-level debugging actually enjoyable for security work.
Pwndbg provides:
→ Clear context displays for assembly analysis
→ Built-in heap and stack visualization
→ Streamlined commands for exploit development
→ Python extensibility for custom analysis
Today at 10:30 at Terrace 2A. Perfect for anyone doing systems security, malware analysis, or CTF challenges.
https://ep2025.europython.eu/session/pwndbg-low-level-debugging-and-exploit-development-with-python

Exciting! @vector35 's excellent #BinaryNinja ships with built-in BinExport in the latest dev version!
Here's how to use it with #BinDiff: https://dev-docs.binary.ninja/guide/binexport.html

@REverseConf The slides for "Reconstructing Rust Types: A Practical Guide for Reverse Engineers" are also available! There is a convenient single-page HTML version if you want to use the material in the presentation as a reference, for your own reversing!

https://cxiao.net/posts/2025-02-28-reconstructing-rust-types-re-verse-2025/
https://github.com/cxiao/reconstructing-rust-types-talk-re-verse-2025/

#rust #rustlang #ReverseEngineering #reversing #malware #MalwareAnalysis #infosec

@REverseConf If you ever need to find both the talk video and the slides again, they are collected in one place on my site and on GitHub, for your convenient bookmarking:

https://cxiao.net/posts/2025-02-28-reconstructing-rust-types-re-verse-2025/
https://github.com/cxiao/reconstructing-rust-types-talk-re-verse-2025/

#rust #rustlang #ReverseEngineering #reversing #malware #MalwareAnalysis #infosec

Microsoft marketing: “Your data stays in Europe.”

Microsoft’s Legal Director (under oath, in French Parliament): “No, I cannot guarantee that.”

Still think Microsoft Teams is a sovereign solution?

Credit @ponceto91 for the meme

https://x.com/wire/status/1944851027381117019

#microsoft #DataPrivacy #DigitalSovereignty #europe

@skye @rey

I have a friend that’s working on learning Rust, and looking for something more hands on / interactive. What’s the leading option these days?

Fuzzing Linux Kernel Modules, with Slava Moskvin

Stream by @slava_moskvin hosted by @steph3nsims about building a custom fuzzer to rediscover CVE-2025-0927 in the HFS+ filesystem implementation.

Slava started with a simple fuzzer implementation and then improved it step-by-step by adding coverage collection, proper seed generation, mutations, etc.

The source code of the fuzzer is public.

Stream: https://www.youtube.com/live/uCcsZrXyLyE
Fuzzer: https://github.com/sl4v/hfsplus-kernel-fuzzing-demo

Trail of Bits LibAFL Notes https://appsec.guide/docs/fuzzing/c-cpp/libafl/

@troed Yeah I just managed to simulate a program on attiny, looks much better! Thanks!

@troed No idea, I just try to find the simplest, smallest (but hand-solderable) microcontroller because I have little space for a project...

I'm considering to learn PIC programming. Please send help!

Shop keeper Phyllis used her computer system to automate book keeping, taking the time to prepare from five hours to five minutes.

Having learned the system down to hardware level, Phyllis is now building an electronics kit. Her aim? Build a computer herself; Or as we called it an “electronic gadget”.

What Phyllis doesn’t say is she was a maths graduate from University and “#Cypher Clerk” in “Hut 5” at #BletchleyPark during the war.

The”Official Secrets Act” was in force in 1983 😂🤣☺️

#UK / WW2 / #computing / #bombe / #SigInt / #accounts / #hardware #kits / #Commodore / #PET / #RetroComputing

Want to learn about Chrome exploitation and the role of WebAssembly in it?

In our new article, we'll break down the world of WASM, how it interacts with V8, and use CVE-2024-2887 as a case study to show how flaws in WASM can lead to remote code execution.

Read it here: https://ssd-disclosure.com/an-introduction-to-chrome-exploitation-webassembly-edition/

[RSS] ControlPlane Local Privilege Escalation Vulnerability on macOS

http://blog.quarkslab.com/controlplane_lpe_macos.html

[RSS] CVE-2025-4919: Corruption via Math Space in Mozilla Firefox

https://www.thezdi.com/blog/2025/7/14/cve-2025-4919-corruption-via-math-space-in-mozilla-firefox

"Exclusive: Meta won't tweak pay-or-consent model further despite risk of EU fines, sources say"

https://www.reuters.com/sustainability/boards-policy-regulation/meta-wont-tweak-pay-or-consent-model-further-despite-risk-eu-fines-sources-say-2025-07-11/

IMO pay-or-consent is a reasonable model for #adtech, but if Meta implements that *and* pays fines, that's good enough for me!

We just updated our bug bounty hall of fame to include the great security researchers from the last two quarters. Thank you for securing the best #Firefox yet :)

https://www.mozilla.org/en-US/security/bug-bounty/hall-of-fame/

in the interest of helping other small publications, i want to pass along a request for elpis zine, an online zine about the small web, retro tech, and alternate protocols that recently celebrated its 10th issue!

for their next issue, they want to focus on #women of the #internet: "who, one way or another, influenced the creation of the modern Internet, which is why the modern World Wide Web looks exactly like this."

from elpis:

These are women who are at the forefront of the attack and work on the technologies that surround us. These are women who have influenced design, content, and politics. But we're not just talking about the modern Internet, we're also talking about the small web.

There are legendary women here, too. We want to write about you, about your sites, if you have ideas about whom we can also write about, or links to pages (feel free to give your sites), that's cool! We'll publish them.

the editors are looking specifically for "ideas about who can be written about from the great women who influenced the modern Internet (designers, programmers, and so on)." there's so many women in internet #history that we must keep their stories going! <3

the editor of the zine, turboblack, is a 32-bit cafe member and a passionate member of the independent web. :) i hope you appreciate this departure to spread some internet-focused publication love!

I'm pleased to announce a new version of the Rust bindings for IDA Pro! With: - Improved strings, metadata, and core APIs. - Support for the names API. Thank you to @raptor.infosec.exchange.ap.brid.gy & Willi Ballenthin for contributing! Docs: idalib.rs Code: git.idalib.rs

idalib documentation