Gentle Reminder for Newcomers :

Boosting posts keeps Mastodon alive!

Boost what you love! 💚
Boost freely! ✨

#Mastodon #Fediverse

New post on my blog! Decapping with DMSO.

https://dev-zzo.github.io/blarg/2025/12/19/decapping-dmso.html

#electronics #reverseengineering

@pancake Sounds like an oxymoron?

Learn why some vulnerabilities resist to fuzzing and persist in long-enrolled OSS-Fuzz projects, and how you can find them!

https://github.blog/security/vulnerability-research/bugs-that-survive-the-heat-of-continuous-fuzzing/

@wirepair Back in the day we were looking for E.T. or large primes on idle time, now we run ads.

Unix V4 in your browser:

https://riedstra.dev/static/unixv4/

@imreFitos Yes, this is what I observed before. Now the slight difference is that I know exactly when I closed YT and it was before the last video shown.

New Project Zero issue:

Samsung: QuramDng FixBadPixelList opcode out-of-bounds read/write

https://project-zero.issues.chromium.org/issues/448241955

CVE-2025-58479

New Project Zero issue:

Samsung: QuramDng opcodes ignore PixelType, leading to out-of-bounds read/writes

https://project-zero.issues.chromium.org/issues/447479300

CVE-2025-58478

[RSS] Blind trust: what is hidden behind the process of creating your PDF file?

https://swarm.ptsecurity.com/blind-trust-what-is-hidden-behind-the-process-of-creating-your-pdf-file/

Checking my YT history, there are videos again I never even clicked, but I guess this is an easy way to rip off advertisers a bit more.

#AdTech

Glitches in games, especially used for speedrunning, are one of the most fun aspects of hacking to watch!

As an example, check out this video "How Speedrunners BEAT Hollow Knight Silksong In 10 Minutes!" by Abyssoft

https://www.youtube.com/watch?v=M6Jnj-y0G9w

Graphcore basically slapped a bit of SRAM onto every core, *inside* the processor tile.

GPU memory (VRAM) is super far away by comparison.

The ~2,400 cores on the Graphcore C2 could all run independent tasks without waiting in batches (aka, MIMD instead of SIMT).

The “opposite” of a GPU is kinda weird.

Graphcore has a strange chip (IPU) that loves tiny batches...but is also massively parallel.

It used to cost ~$100k. Now you can get one on Ebay for $160 bucks.

The catch is it's almost impossible to use.

Time to promote this one in 1h. This was an incredible research project, and having seen the talk before at WHY, it's really well explained despite how technical it is.

Spectre in the real world: Leaking your private data from the cloud with CPU vulnerabilities
dimarts, 30 de desembre del 2025 0:15 CET (Europe/Berlin), Zero

https://events.ccc.de/congress/2025/hub/event/detail/spectre-in-the-real-world-leaking-your-private-data-from-the-cloud-with-cpu-vulnerabilities

#39c3 #fahrplan #security #spectre #meltdown #Google #Cloud

From Silicon to Darude Sand-storm: breaking famous synthesizer DSPs

https://media.ccc.de/v/39c3-from-silicon-to-darude-sand-storm-breaking-famous-synthesizer-dsps

I love CCC talks because you get to hear "pretty easy" and things like "special microscope lenses" in the same sentence :)

@fuzztech I wonder if the name collision with Security Operations Center was intentional...

Demo video of moving types and symbols from #IDA to #Ghidra with REshare:

https://video.infosec.exchange/w/7VRDzwthgrSzeAHwHvkPtt

#ReverseEngineering

Please note: There are currently problems with uploading to YouTube.
You might want to use media.ccc.de instead.

#39c3

^ta