Then: UK govt loses mind
Now: Wikipedia loses legal challenge
Next: UK loses Wikipedia access?

This legislation is way, way beyond porn and stated scope. There is no good reason to age gate an encyclopaedia *at national level* under the guise of protecting children.

https://wikimediafoundation.org/news/2025/08/11/wikimedia-foundation-challenges-uk-online-safety-act-regulations/

"It's the certificates, stupid!"

A quick analysis into the Phrack #72 APT Down code signing certificates. Has South Korea been backdoor pounded for the last two decades?

https://reverse.put.as/2025/08/11/itsthecertificatesstupid/

[FD] Kigen eUICC issue (custom backdoor vs. FW update bug)

https://seclists.org/fulldisclosure/2025/Aug/4

"we suggest Kigen customers to request information pertaining to all secret / shared keys embedded in Kigen eUICC FW and ECASD domain"

It's totally reasonable to be more cautious these days, but don't let that drive you to have opsec panic attacks that aren't founded in common sense. For example... it makes no sense to be worried someone might figure out you're queer or a leftist if you're too open about your politics while posting... on fediverse, the queer leftist social media platform. They already know, chief.

WOOT '25 Technical Sessions materials

https://www.usenix.org/conference/woot25/technical-sessions

#fromBsky

[RSS] Compiler Bug Causes Compiler Bug: How a 12-Year-Old G++ Bug Took Down Solidity

https://osec.io/blog/2025-08-11-compiler-bug-causes-compiler-bug

High level diff of iOS 26.0 beta5 vs. iOS 26.0 beta6 🎉

https://github.com/blacktop/ipsw-diffs/blob/main/26_0_23A5308g__vs_26_0_23A5318c/README.md

@cR0w @catsalad wow, people still submit stuff to EDB (and it gets published)? :O

The awesome people of @c3voc have released the recording of my Sunday #why2025 talk "Reverse Engineering Life: A teardown of the DNA source code of a whole bacterium"! https://media.ccc.de/v/why2025-34-reverse-engineering-life-a-teardown-of-the-dna-source-code-of-a-whole-bacterium https://www.youtube.com/watch?v=NUUFQyq4F_o

TIL Simple Sabotage Field Manual has a section about Microsoft Teams

RE: https://mastodon.social/@simple_sabotage/115010865658460649

My colleagues at Trail of Bits and I wrote an LLVM RFC about constant-time coding support in Clang and LLVM! I’d love to have folks with opinions on this topic, who are interested to, comment on the RFC 💚 https://discourse.llvm.org/t/rfc-constant-time-coding-support/87781

So far, I have already written 15 articles (1045 pages), which have been published on my blog:

blog: https://exploitreversing.com

ERS: Exploiting Reversing Series (currently at 439 pages, with continued progress underway):

[+] ERS 05: https://exploitreversing.com/2025/03/12/exploiting-reversing-er-series-article-05/
[+] ERS 04: https://exploitreversing.com/2025/02/04/exploiting-reversing-er-series-article-04/
[+] ERS 03: https://exploitreversing.com/2025/01/22/exploiting-reversing-er-series-article-03/
[+] ERS 02: https://exploitreversing.com/2024/01/03/exploiting-reversing-er-series-article-02/
[+] ERS 01: https://exploitreversing.com/2023/04/11/exploiting-reversing-er-series/

MAS: Malware Analysis Series (606 pages -- finished):

[+] MAS 10: https://exploitreversing.com/2025/01/15/malware-analysis-series-mas-article-10/
[+] MAS 09: https://exploitreversing.com/2025/01/08/malware-analysis-series-mas-article-09/
[+] MAS 08: https://exploitreversing.com/2024/08/07/malware-analysis-series-mas-article-08/
[+] MAS 07: https://exploitreversing.com/2023/01/05/malware-analysis-series-mas-article-7/
[+] MAS 06: https://exploitreversing.com/2022/11/24/malware-analysis-series-mas-article-6/
[+] MAS 05: https://exploitreversing.com/2022/09/14/malware-analysis-series-mas-article-5/
[+] MAS 04: https://exploitreversing.com/2022/05/12/malware-analysis-series-mas-article-4/
[+] MAS 03: https://exploitreversing.com/2022/05/05/malware-analysis-series-mas-article-3/
[+] MAS 02: https://exploitreversing.com/2022/02/03/malware-analysis-series-mas-article-2/
[+] MAS 01: https://exploitreversing.com/2021/12/03/malware-analysis-series-mas-article-1/

I'll soon begin writing the next articles in the Exploiting Reversing series, which will focus on vulnerability and exploitation, once I've laid all the necessary groundwork.

Enjoy reading and have a great day.

#windows #iOS #macOS #cybersecurity #infosec #chrome #kernel #malware #reverseengineering #vulnerability #research #hypervisor

OMG freetar.de is amazing!

#guitar #music

@azonenberg sounds like a registry hive to me

Ransomware Diaries Volume 7: “I Had to Take the Guilt For Everyone” – The Kaseya Hacker Breaks His Silence

https://analyst1.com/ransomware-diaries-volume-7-i-had-to-take-the-guilt-for-everyone-the-kaseya-hacker-breaks-his-silence/

“The enjoyment of one's tools is an essential ingredient of successful work.”
#DonaldKnuth

farads per isopropyl wipe

Reading all these posts about AIxCC challenge. Quite interesting and exciting material. What bothers me is saying the agents have deep understanding and next that they get stuck and need many attempts to get over the problems. This normalization of properties that don't really exist bothers me, you see it everywhere. LLMs can't think, don't have real understanding of anything. That doesn't mean they can't be very useful tools for certain domains.

Curious how a bug in Linux’s ipset subsystem could lead to full kernel compromise?

In our new article, we revisit CVE-2024-53141 to break down the bug, explore the memory layout, and show how it can be turned into a powerful privilege escalation.
Read it here: https://ssd-disclosure.com/linux-kernel-netfilter-ipset-missing-range-check-lpe/

@rebane2001 Cunningham's Law FTW!