Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75a434dcc

ComparePathWithVolumeMap

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a434dcc.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a434dcc.json&colors=light

«Alan Turing Institute scraps diversity drive under pressure from ministers»

Funny change in tune for an institute that was named after a person that was basically killed by the UK government for being gay. 🤷

https://archive.ph/JkOgI#selection-2204.0-2204.1

Want to make the most of the upcoming research drop? We've just updated https://http1mustdie.com/ with links to essential pre-read/watch resources. Enjoy!

LOL. Funny bug to make it to prod.

https://httpd.apache.org/security/vulnerabilities_24.html

A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true".

I'm happy to announce that HyperDbg v0.14 is released!

This version includes HyperEvade (beta preview), fixes Win11 24H2 compatibility issues & adds multiple timing functions to the script engine (Special thanks to @0Xiphorus )

Check it out: https://github.com/HyperDbg/HyperDbg/releases/tag/v0.14

More info on HyperEvade: https://github.com/HyperDbg/slides/blob/main/2025/DEBT2025/hyperevade-ecoop2025-debt.pdf

Microsleep function:
https://docs.hyperdbg.org/commands/scripting-language/functions/timings/microsleep

and RDTSC/RDTSCP:
https://docs.hyperdbg.org/commands/scripting-language/functions/timings/rdtsc

https://docs.hyperdbg.org/commands/scripting-language/functions/timings/rdtscp

Thanks to Tara for making this painting for us (it's not AI-generated).

@buherator Thanks!

The new fuzzer is live and found two JIT crashes, so it's met the goal of being better than an idle core in practice :)

https://github.com/devdanzin/lafleur/

Shared the PoC with @mkolsek few days ago, the same one I gave to microsoft. Unlike microsoft however, they not only verified the issue within days but refined it demonstrating that ANY domain user can crash a fully patched windows 2025 server as of now.
https://bird.makeup/users/0patch/statuses/1947674442772910437

Student suspended over suspected use of #PHP

#FromTheArchives

https://www.bbspot.com/news/2000/6/php_suspend.html

In memory of Ozzy Osbourne, we replay our review of Technical Ecstasy, an often overlooked album from his era of Black Sabbath that is among our favorites at CatSynth. We extend our thoughts to his family, friends, and colleagues 😿
https://youtu.be/vklyJuPbilY

Banana ozzy deployed to usher gk through a period of mourning

I am excited to share this new single-header C library I have been working on for a while now: vecmath.h, a comprehensive vector/matrix math library for graphics/games/3d.
It allows you to write vector math code in C that looks like this:

A ../ in AIM server just feels right.

https://www.gecko.security/blog/cve-2025-51463

I don't know which update specifically, but in a recent update of 24H2 it looks like the Win32k system call table is protected by Kernel Data Protection (read-only SLAT entry)! I believe CI!g_CiOptions and msseccore's SecKdpSe PE section were the only things using it before.