Catch Christopher Domas’ keynote from RE//verse 2026! fail: jmp fail (everything I got wrong in RE and security research) gets into the dead ends, bad ideas, and wasted hours behind real progress in RE and security work. Watch now: https://youtu.be/iOq8O_phwbA?si=65EWW3XT8BTww5px

RE: https://infosec.exchange/@pancake/116256662480219188

The 6.1.2 releases are out! 🥳

@tihmstar the more you know!

In case you didn't believe it, i tested it for you.
Yes, you can in fact brick an iPhone 3Gs baseband ._.

[RSS] CVE-2026-22730: SQL Injection in Spring AI's MariaDB Vector Store

https://blog.securelayer7.net/cve-2026-22730-sql-injection-spring-ai-mariadb/

[RSS] Kanboard Authenticated SQL Injection CVE-2026-33058 Writeup

https://0dave.ch/posts/cve-2026-33058/

[RSS] Streamlining Google's OSS VRP: Key Rule Updates

https://bughunters.google.com/blog/ossvrp-rule-updates-2026

same, Hulk, same

Micropatches released for Microsoft Access Remote Code Execution Vulnerability (CVE-2025-62552)
https://blog.0patch.com/2026/03/micropatches-released-for-microsoft.html

[RSS] Attack arithmetic: how an integer overflow in PostgreSQL libpq leads to denial of service

https://swarm.ptsecurity.com/attack-arithmetic-how-an-integer-overflow-in-postgresql-libpq-leads-to-denial-of-service/

[RSS] WSL, COM Hooking, & RTTI. Introduction

https://jonny-johnson.medium.com/wsl-com-hooking-rtti-3abbf873d61f

Looking at WSL internals via COM

@david_chisnall Once your veins were running the bloodline of the Emperor, but look at you now... Twisting astartes genetics into My Little Pony is a truly merciless trick of Chaos!

https://www.propublica.org/article/microsoft-cloud-fedramp-cybersecurity-government

go to the cloud they said
it'll be fine they said

🚨LEGENDARY DROP TOMORROW... Pancake 🤝 Paul’s Security Weekly

Reverse engineering, radare, and NowSecure - you won't want to miss this one

#PaulsSecurityWeekly #radare @pancake @securityweekly

LLM agents:
"Here are some very specific instructions but let's just ignore them as the user was probably joking while smoking crack"

Also LLM agents: "There is a typo in one of the example commands. This should guide us through eternity as the Ark of our great human Master!"

New blog post: Building a Pipeline for Agentic Malware Analysis

Agentic RE + malware analysis with custom skills, MCP tooling, and persistent case state to automate intial triage

Link: https://synthesis.to/2026/03/18/agentic_malware_analysis.html

Github: https://github.com/mrphrazer/agentic-malware-analysis

#malware #reverseengineering #ai #cybersecurity

@0xabad1dea This sounds pretty much like foreign language education in the post-Soviet block

The Most Organized Threat Actors Use Your ITSM (BMC FootPrints Pre-Auth Remote Code Execution Chains) - watchTowr Labs https://labs.watchtowr.com/thanks-itsms-threat-actors-have-never-been-so-organized-bmc-footprints-pre-auth-remote-code-execution-chains/