[RSS] exploits.club Weekly Newsletter 89 - iOS GPU Driver Bugs, Kernel Stack UAFs, Hardware Wallet Auth Bypasses, and More

https://blog.exploits.club/exploits-club-weekly-newsletter-89-ios-gpu-driver-bugs-kernel-stack-uafs-hardware-wallet-auth-bypasses-and-more/

CVE-2025-6554: The (rabbit) Hole

https://retr0.zip/blog/cve-2025-6554-the-rabbit-hole.html

So this October 2025 F5 security notification is pretty wild because of the sheer volume of vulnerabilities disclosed: more than 30 high-severity CVEs (!) and around a dozen medium-severity ones in a single release cycle. This affects almost every F5 product family, BIG-IP (all modules), BIG-IP Next, F5OS, and related components. Something we don’t see very often... and a lot of these vulnerabilities score above 8.0; remote exploitation, denial-of-service or privilege escalation. Also, the number of affected software branches (from 15.x through 17.x) means most F5 deployments are touched in some way. YMMV.
In short, this quarter’s bulletin is probably F5’s heaviest security updates ever. If you run F5 products, patch now. https://my.f5.com/manage/s/article/K000156572

[RSS] I remember taking a screen shot of a video, and when I opened it in Paint, the video was playing in it! What witchcraft is this?

https://devblogs.microsoft.com/oldnewthing/20251014-00/?p=111681

yIKEs (WatchGuard Fireware OS IKEv2 Out-of-Bounds Write CVE-2025-9242) - watchTowr Labs https://labs.watchtowr.com/yikes-watchguard-fireware-os-ikev2-out-of-bounds-write-cve-2025-9242/

With the AI-bubble looking close to bursting, here I present a pre-mortem, in which I state that much of AI is simultaneously mega-impressive and still mostly useless. The collapse of the bubble does not mean the technology will go away, however. Also, there are extremely useful AI applications already that we should not lose sight of once we are post-collapse. Plus some thoughts on 'intelligence' & evolution:
https://berthub.eu/articles/posts/an-ai-premortem/

Ever wondered how virtual machines talk to their host without relying on traditional networking?
Meet vsock (Virtual Socket) - the Linux kernel’s built-in communication layer for blazing-fast, low-latency host ↔ guest interaction.
Unlike TCP/IP, vsock skips the network stack entirely and works directly over the hypervisor, making it perfect for control channels, telemetry, and secure VM management in QEMU/KVM, VMware, and Hyper-V environments.
Read our full technical breakdown: https://ssd-disclosure.com/an-introduction-to-chrome-exploitation-webassembly-edition-2/

Windows ARM64 Internals: Deconstructing Pointer Authentication | Prelude
https://www.preludesecurity.com/blog/windows-arm64-internals-deconstructing-pointer-authentication

Depicting an iOS Vulnerability – DFSEC Research
https://blog.dfsec.com/ios/2025/10/14/Depicting-an-iOS-Vulnerability/

In the year of Our Lord Two Thousand and Twenty-Five, BIG-IP devices from F5 Inc. are vulnerable to TCP hijacking due to use of a bad TCP Initial Sequence Number generator.

https://my.f5.com/manage/s/article/K000151297

yippie-kee-yay! just added teensy4.0 support to #klutshnik #zephyr - the 4.0 is smaller and cheaper than the 4.1 but comes with the same powerful cortex-m7 mcu. with this change klutshnik now runs on 4 different embedded systems: xiao_esp32s3, rpi pico2 (w) and the teensy4.1 and teensy4.0. \o/

also rewrote the provisioning interface which is now a proper shell on usb cdc-acm.

check it out on #radicle
rad:z2EBBi4vui98QV8Mk8DT3c25yZbJ4

or on the ms-trap: https://github.com/stef/klutshnik-zephyr

@crumbletiltskin since they started selling firewalls?

OffensiveCon 2026 announced:

https://www.offensivecon.org/

#fromBsky

FTR: today's star of the show is #F5

As a FIREWALL VENDOR why would you do something like this?

Hi, I'm your favorite security vendor, welcome to...

RE: https://infosec.exchange/@tiraniddo/115295709143228986

Well, Windows Administration Protection still hasn't been released even though technically 25H2 has. So none of those 6 bypasses have been fixed, but then again there's no code to bypass, so.... At least some of them are fun UAC bypasses :)

⏲️ One week left for r2con2025! Are you ready? #r2con

[RSS] Lucid Dreams II: Harness Development

https://h0mbre.github.io/Lucid_Dreams_2/

#fuzzing