yippie-kee-yay! just added teensy4.0 support to #klutshnik #zephyr - the 4.0 is smaller and cheaper than the 4.1 but comes with the same powerful cortex-m7 mcu. with this change klutshnik now runs on 4 different embedded systems: xiao_esp32s3, rpi pico2 (w) and the teensy4.1 and teensy4.0. \o/

also rewrote the provisioning interface which is now a proper shell on usb cdc-acm.

check it out on #radicle
rad:z2EBBi4vui98QV8Mk8DT3c25yZbJ4

or on the ms-trap: https://github.com/stef/klutshnik-zephyr

@crumbletiltskin since they started selling firewalls?

OffensiveCon 2026 announced:

https://www.offensivecon.org/

#fromBsky

FTR: today's star of the show is #F5

As a FIREWALL VENDOR why would you do something like this?

Hi, I'm your favorite security vendor, welcome to...

RE: https://infosec.exchange/@tiraniddo/115295709143228986

Well, Windows Administration Protection still hasn't been released even though technically 25H2 has. So none of those 6 bypasses have been fixed, but then again there's no code to bypass, so.... At least some of them are fun UAC bypasses :)

⏲️ One week left for r2con2025! Are you ready? #r2con

[RSS] Lucid Dreams II: Harness Development

https://h0mbre.github.io/Lucid_Dreams_2/

#fuzzing

@lcamtuf I'd choose that any day instead of Copilot

I'm really curious how libtiff is embedded in Windows so that CVE-2016-9535 could apparently lead to RCE in 2025

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2016-9535

@sassdawe Sorry, I need more coffee...

@sassdawe "What threat?" -> The CVE-2025-47827 Secure Boot bypass is marked as exploited itw, but I'm not sure how that relates to Lenovo.

RE: https://mastodon.social/@ratemy8k/115378205898848550

F5 popped.

Stats:
- Rewrite done in 45 mins (incl. coffee)
- LoC 200 -> 110
- Complexity ~halved (two-pass -> single-pass processing)
- I actually know what the code does

#DEFCON Creators alert!

The #DEFCONSIngapore Call For Creators is open! Got an idea for a Contest, Village or Community you'd like to see at DEF CON Singapore? Get your submission in and let's work together to bring your ideas to life. The info you need is here:

https://forms.cloud.microsoft/r/eQgGJPVffy

Let's make something amazing!

I think it was @david_chisnall who pointed out earlier that coding LLM's will become much less useful when we stop doing (expensive) training to keep up with breaking changes in API's.

Well, I just spent two hours trying to fix some code that was buggy because the API changed less than a year ago and came to the decision of reading the F manual and write that 200 LoC myself.

(to be fair, I think this would work if the LLM had access to a complier and runtime)

[RSS] The October 2025 Security Update Review [by ZDI]

https://www.thezdi.com/blog/2025/10/14/the-october-2025-security-update-review

🚀 New Sysinternals updates just dropped!
ZoomIt now supports image smoothing for crisper visuals
ProcDump for Linux adds restracking - no triggers needed

Grab the latest tools at http://sysinternals.com.

See what's new on the Sysinternals Blog: https://techcommunity.microsoft.com/blog/sysinternals-blog/zoomit-v9-10-procdump-3-5-for-linux-and-jcd-1-0-1/4461244