The root cause of the Chrome 0-day logical vulnerability CVE-2025-2783, which we discovered used in attacks with sophisticated malware, also affects the Firefox! New CVE-2025-2857 has just been fixed in Firefox 136.0.4 https://www.mozilla.org/en-US/security/advisories/mfsa2025-19/

AppSec Ezine - 580th https://pathonproject.com/zb/?94fef6e1d88cee84#fBDZtrz8GV61O1oJd+9JWBeCO0Kuzyeb3/rheyA/NLA= #AppSec #Security

CVE-2025-27407: Inside the Critical GraphQL-Ruby RCE Vulnerability https://cenobe.com/blog/cve-2025-27407/

[RSS] CrushFTP Authentication Bypass: Indicators of Compromise

https://www.horizon3.ai/attack-research/crushftp-authentication-bypass-indicators-of-compromise/

CVE-2025-2825

[RSS] MindshaRE: Using Binary Ninja API to Detect Potential Use-After-Free Vulnerabilities

https://www.thezdi.com/blog/2025/3/20/mindshare-using-binary-ninja-api-to-detect-potential-use-after-free-vulnerabilities

[RSS] The Evolution of Dirty COW (1)

https://u1f383.github.io/linux/2025/03/27/the-evolution-of-COW-1.html

After its legendary curator passed away a few years ago the reel-to-reel museum reopened in Keszthely:

https://www.youtube.com/watch?v=rySEk-eXFaY

#Hungary

wait3() system call as a side-channel in setuid programs (nvidia-modprobe CVE-2024-0149)

https://seclists.org/oss-sec/2025/q1/254

Three bypasses of Ubuntu's unprivileged user namespace restrictions

https://www.openwall.com/lists/oss-security/2025/03/27/6

This weeks published vulnerability research is strong enough already, now Qualys enters the party.

Reading the latest BLASTPASS writeup I can only wonder how many engineer hours must have gone into this thing. Incredible stuff!

My small child BlogFlock (https://blogflock.com) is a social RSS feed reader - share the blogs you follow with friends and strangers!

BlogFlock will always be free to use and never show you ads.

But running a feed aggregator is expensive at scale.

On top of BlogFlock's pretty decent feature set (if I say so myself), what features or service guarantees would convince you to spend $25/year on a social feed reader?

"The designer of a new system must not only be the implementor and the first large-scale user; the designer should also write the first user manual. If I had not participated fully in all these activities, literally hundreds of improvements would never have been made, because I would never have thought of them or perceived why they were important."

-- Donald Knuth, “The Errors of TeX”

looks like the AI + MCP-assisted reverse engineering hype train is gaining steam! 🚂✨

in just the past few days, we've seen:
• @itszn13 integrating MCP into @vector35’s Binary Ninja (https://x.com/itszn13/status/1903227860648886701)
• @jh_pointer casually dropping his IDA MCP project, which I had to nerdsnipe myself into trying (https://github.com/MxIris-Reverse-Engineering/ida-mcp-server, https://x.com/bl4sty/status/1904631424663379973)
• @mrexodia rolling out a clean (judging by a quick code quality check) MCP implementation for IDA (https://github.com/mrexodia/ida-pro-mcp)
• @lauriewired dropping GhidraMCP for @nsagov’s Ghidra (https://github.com/LaurieWired/GhidraMCP)

these tools are early-stage but already hint at the potential for interactive RE software running on (semi) autopilot.

makes me wonder—should we formalize a set of MCP primitives across RE tools and unify them under one overarching framework? 🤔

of course, these aren’t silver bullets. but much like typical LLM usage, in the right hands, they could be powerful time-savers.

curious to see what comes next! might be time for hacking competitions focused on small/constrained binaries to start thinking about countermeasures against AI-assisted cheesing. 👀

https://bird.makeup/@itszn13/1903227860648886701

New Signal update just dropped

#SignalGate #USpolitics #WorldPolitics

Napalm Death is like fine wine, but with napalm.

Today we are very proud to announce that the United Nations has switched from Google Forms to CryptPad Form for collecting endorsements on the UN Open Source Principles: https://unite.un.org/news/sixteen-organizations-endorse-un-open-source-principles

CryptPad Form is a full-fledged application allowing you to build privacy-preserving questionnaires for your respondents.

Try it for free, without even registering an account, on our CryptPad.fr flagship instance!

#UnitedNations #UN #Privacy #OpenSource #Forms #Studies #FOSS

Looking to write your own MCP for a popular decompiler? Check out our unified API that allows scripting in IDA, Ghidra, Binja, and angr. In the same few Python lines, you can make a struct, retype a function, and modify local vars. Check it out: https://github.com/binsync/libbs

https://bird.makeup/@bl4sty/1904843439180493069

Anybody knows what Asimov is in MS lingo? :)

Back in 2022, there was wide scale disruption to the NHS (healthcare) in the UK due to LockBit ransomware at Advanced.

They have paid a £3m fine to the ICO, who have published their 58 page PDF investigation. Worth a read for findings.

https://cy.ico.org.uk/media2/gdlfddgc/advanced-penalty-notice-20250327.pdf

The £3m fine is due to failures to run Vulnerability Management correctly and failure to enforce MFA.

A thread about some other things:

Tuesday's cryptic message about atop turns out to be a local memory corruption issue, but details are unclear:

https://www.openwall.com/lists/oss-security/2025/03/26/2

What is clear to me is that the original "warning" was a shameful example of spreading FUD...

CVE-2025-31160 was issued to track the problem.