Kernel-Hack-Drill: Environment For Developing Linux Kernel Exploits

Alexander Popov @a13xp0p0v published the slides from his talk at Zer0Con 2025. In this talk, he presented the kernel-hack-drill open-source project and showed how it helped him to exploit CVE-2024-50264 in the Linux kernel.

Slides: https://a13xp0p0v.github.io/img/Alexander_Popov-Kernel_Hack_Drill-Zer0Con.pdf
Project: https://github.com/a13xp0p0v/kernel-hack-drill

Love the absolute units! (And I suck at photography)

Did a post on the personal blog (i.e., “the views expressed by me do not…blah blah”) — “Trump’s Retaliation Against Chris Krebs — and the Cybersecurity Industry’s Deafening Silence”.

Unlike most years, everyone attending RSA next week has a tangible, meaningful opportunity to make a difference.

Be better than the complicit cowards (humans & vendors) in our industry, speak up, & hold folks accountable.

Otherwise, “Many Voices. One Community” is just BS RSA marketing.

https://rud.is/b/2025/04/17/trumps-retaliation-against-chris-krebs-and-the-cybersecurity-industrys-deafening-silence/

"Providers are pushed to spend less time caring for each patient as health systems move to reduce costs and increase revenue under the technological principle of maximal efficiency and output. But medicine was never intended to be another industrial complex."

This essay is beautiful and powerful.

https://www.statnews.com/2025/04/15/ai-scribes-artificial-intelligence-medicine-note-writing-physician-patient-relationship/

Today my #rust compiler told me "expected future, found a different future".

And I'm like: me too buddy, me too

[RSS] New writeup: a vulnerability in PHP's extract() function allows attackers to trigger a double-free, which in turn allows arbitrary code execution (native code)

https://ssd-disclosure.com/ssd-advisory-extract-double-free5-x-use-after-free7-x-8-x/

Can't find official identifiers for this, the GitHub advisory link is broken...

Never forget.

Maybe you should build your own website https://neocities.org

I got #X11 running on the #PinephonePro under #FreeBSD ! Shown here running my favourite #icewm window manager. Super exciting! Now to get the touch screen working 😬

https://tobykurien.com/images/microblog/post-1744879274-0.jpg https://tobykurien.com/images/microblog/post-1744879274-1.jpg https://tobykurien.com/images/microblog/post-1744879274-2.jpg

I never liked nu metal and I feel retrospectively justified by the fact that both Fred Durst and Kid Rock seem to be almost uniquely brain damaged even today.

Project: microsoft/TypeScript https://github.com/microsoft/TypeScript
File: src/services/classifier.ts:1108 https://github.com/microsoft/TypeScript/blob/cbac1ddfc73ca3b9d8741c1b51b74663a0f24695/src/services/classifier.ts#L1108

function classifyTokenType(tokenKind: SyntaxKind, token?: Node): ClassificationType | undefined

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fmicrosoft%2FTypeScript%2Fblob%2Fcbac1ddfc73ca3b9d8741c1b51b74663a0f24695%2Fsrc%2Fservices%2Fclassifier.ts%23L1108&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?github=https%3A%2F%2Fgithub.com%2Fmicrosoft%2FTypeScript%2Fblob%2Fcbac1ddfc73ca3b9d8741c1b51b74663a0f24695%2Fsrc%2Fservices%2Fclassifier.ts%23L1108&colors=light

[RSS] Dubious security vulnerability: Once I have tricked the user into running a malicious shortcut, I can install malware

https://devblogs.microsoft.com/oldnewthing/20250414-00/?p=111072

Oh, this is interesting (and a little scary)

tl;dr don’t use SSDs for long term, offline storage. The data degrades after as little as two years without the drives being powered up

https://www.tomshardware.com/pc-components/storage/unpowered-ssd-endurance-investigation-finds-severe-data-loss-and-performance-issues-reminds-us-of-the-importance-of-refreshing-backups

[RSS] The Windows Registry Adventure #6: Kernel-mode objects

https://googleprojectzero.blogspot.com/2025/04/the-windows-registry-adventure-6-kernel.html

#CISA Warns of Credential Risks Tied to #Oracle Cloud Breach:
👇
https://securityonline.info/cisa-warns-of-credential-risks-tied-to-oracle-cloud-breach/

Is it me or is it really not possible to vote on URL's on VT anymore?

can't remember where I saw it but "Using AI in education is like using a forklift in the gym. The weights do not actually need to be moved from place to place. That is not the work. The work is what happens within you" is a solid quote

Get your Apple updates folks.
https://support.apple.com/en-us/100100

CVE-2025-31200 and CVE-2025-31201 are being exploited ITW.

Today I learned something truly bizarre about Python.

What do you think this code does?

class C:
xs = [1]
ys = [1]
print([[None for y in ys] for x in xs])

Does it work and print [[None]]?
Or does it fail to access `xs` and `ys` because class scoping is weird?

Neither.

It successfully accesses `xs`, but then fails to access `ys`!

This is sort of documented (but not fully) under https://docs.python.org/3/reference/executionmodel.html#resolution-of-names.

Bonk Knob Records is very pleased to announce the release of "Not Bonk What I Call Wave: Remixes Vol 2"!

You can find it for streaming and download at all these fine places:

https://mirlo.space/bonk-knob-records/release/not-bonk

https://bonkwave.org/music/not-bonk-what-i-call-wave-remixes-vol2/

https://bonkknobrecords.bandcamp.com/album/not-bonk-what-i-call-wave-remixes-vol-2

https://bandwagon.fm/67fea099a706ef72dcec3978

Join us for the release party at 19:00 UTC / 20:00 BST / 21:00 CEST at https://party.bonkwave.org

#BonkWave #NotBonkWave