@amethyst My best guess is Savaged by Systemd must have something to do with it.

@bert_hubert oooh do you happen to know what OS it runs on?

You know those non-vulnerabilities that companies get forced to fix for compliance reasons? I've found a full bypass for a common patch strategy. I'm half-tempted to keep it secret for the greater good 😂

@albinowax the value of such deed is greatly underestimated, thank you!

At DistrictCon's inaugural Junkyard competition, we achieved full remote execution on two popular home network devices: a Netgear WGR614v9 router and BitDefender Box V1 security appliance.

Our exploitation techniques included chaining four buffer overflow vulnerabilities with authentication bypass on the router, plus a novel "bashsledding" ROP technique that sprays shell commands into NVRAM for reliable code execution.

Read the blog: https://blog.trailofbits.com/2025/07/25/exploiting-zero-days-in-abandoned-hardware/

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 00598f60

ossl_ec_GFp_simple_ladder_post

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F00598f60.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F00598f60.json&colors=light

If you're looking at this thinking 'wait, CVE-2025-6543 is a denial of service vuln?', it's not - it turns out Citrix knew orgs were getting shelled but chose to not tell the public. The implants persist after patching.

today's interesting website: running https on port 3, just so the URL has :3 in it

https://silliest.website:3/

@janeishly @mttaggart by translation I mean the level of G translate&co, that we know from practice are useful. They shouldn't be used to translate e.g. full books of course.

[RSS] Security Bulletin: IBM i is vulnerable to a privilege escalation due to an invalid database authority check [CVE-2025-33109].

https://www.ibm.com/support/pages/node/7240410?myns=swgother&mynp=OCSWG60&mynp=OCSSKWKM&mynp=OCSSC5L9&mynp=OCSSTS2D&mynp=OCSS9QQS&mynp=OCSSB23CE&mync=A&cm_sp=swgother-_-OCSWG60-OCSSKWKM-OCSSC5L9-OCSSTS2D-OCSS9QQS-OCSSB23CE-_-A

[RSS] New Binary Ninja release: 5.1 Helion

https://binary.ninja/2025/07/24/5.1-helion.html

[RSS] exploits.club Weekly Newsletter 80 - ITW Windows Bugs, Deterministic iOS Exploits, Pwn2Own Firefox Vulns, and More

https://blog.exploits.club/exploits-club-weekly-newsletter-80-itw-windows-bugs-deterministic-ios-exploits-pwn2own-firefox-vulns-and-more/

[RSS] Micropatches Released for Windows Disk Cleanup Tool Elevation of Privilege Vulnerability (CVE-2025-21420)

https://blog.0patch.com/2025/07/micropatches-for-windows-disk-cleanup.html

Project: openssl-static-gcc-dwarf 3.4.0
File: openssl
Address: 0091ec00

_dl_relocate_object

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F0091ec00.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fopenssl-static-gcc-dwarf%2F0091ec00.json&colors=light

🛠️ RIFT just got an upgrade!
Now supports FLIRT signature generation on Linux 🐧
Perfect for reverse engineering Rust malware 🦀
🔗 https://github.com/microsoft/RIFT
#DFIR #ReverseEngineering #RustLang #FLIRT #MalwareAnalysis

@sassdawe Sir, I have to ask you to leave...

@TarkabarkaHolgy add some engineering students that experiment with the currently relevant field of mounting lasers on t-rexes and I'm sold!

The IT world has convinced us no new software can be deployed outside of US clouds. We're so sure about this that European governments (including the UK) are handing over vital government functions & data to US controlled servers. In this piece I argue that until recently we somehow could run stuff on locally owned hardware, and that we should urgently relearn that skill, while it is still possible - or end up as digital colony of the US: https://berthub.eu/articles/posts/our-self-inflicted-cloud-crisis/

I would strongly suggest organisations disable Microsoft Translator for Edge. It's enabled by default, and allows users to automatically translate webpages (without prompt after first use) to native language by sending the entire page content to MS. This includes intranet sites and SaaS services.

It links to a privacy policy that sounds fluffy and nice and - ya know - it isn't. The Microsoft Translator privacy policy for M365 or Azure doesn't actually apply to it.

Pst.

You don't need "privacy-preserving age verification".

Age verification solves exactly zero problems and creates several new ones.

On the internet, nobody is meant to know you're a dog.