[RSS] Zero Day Quest 2025: $1.6 million awarded for vulnerability research

https://msrc.microsoft.com/blog/2025/04/zero-day-quest-2025-1.6-million-awarded-for-vulnerability-research/

Russia is quietly rewriting reality — but not through tanks or troops, but by feeding disinformation and propaganda into the tools people may increasingly trust to understand the world: AI chatbots. It's gaming of the system, feeding propaganda in ways that people might never know what’s happening. Efforts to influence chatbot results are growing, as former SEO marketers now use "generative engine optimization" (GEO) to boost visibility in AI-generated responses https://www.washingtonpost.com/technology/2025/04/17/llm-poisoning-grooming-chatbots-russia/

i'm very excited about this new work my team at @trailofbits is doing: we're building an ASN.1 API for PyCA Cryptography, giving users direct access to the same memory-safe, high-performance DER parser that Cryptography already uses for X.509:

https://blog.trailofbits.com/2025/04/18/sneak-peek-a-new-asn.1-api-for-python/

[RSS] A First Glimpse of the Starlink User Ternimal

https://www.darknavy.org/blog/a_first_glimpse_of_the_starlink_user_ternimal/

[RSS] Cybersecurity (Anti)Patterns: Busywork Generators

https://spaceraccoon.dev/cybersecurity-antipatterns-busywork-generators/

Project: mpengine-x64-pdb 1.1.24090.11
File: mpengine.dll
Address: 75a287bec

yy_destructor

SVG:
dark https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a287bec.json&colors=dark
light https://tmr232.github.io/function-graph-overview/render/?graph=https%3A%2F%2Fraw.githubusercontent.com%2Fv-p-b%2Fghidra-function-graph-datasets%2Frefs%2Fheads%2Fmain%2F%2Fmpengine-x64-pdb%2F75a287bec.json&colors=light

A blog explaining V8 Parser Workflow with a case study by w1redch4d

https://w1redch4d.github.io/post/parser-workflow/

Exploiting the Nespresso smart cards for fun and profit coffee

https://pollevanhoof.be/nuggets/smart_cards/nespresso

"Here, take a Lua ruler! It starts with 1!" #mch2022

Very good thread from @inthehands, LLMs cement the patterns of today and actual engineering and long-term problem solving require slow careful iteration and improvement.

https://hachyderm.io/@inthehands/114373816449701933

WHY2025 is calling for art. Neon. Space. Synthwave. Light. Interactive magic. Show us what you’ve got. 🌌
→ https://why2025.org/post/318
#WHY2025 #ArtCall #HackersMakeArt

Attackers can use MCP servers to hack your system before tools are invoked.

We call this attack vector "line jumping." This is a critical vulnerability in which tool descriptions become prompt injection vectors during the initial tools/list request. This technique bypasses invocation controls, breaking connection isolation and rendering security checkpoints ineffective.

Even "human approval" fails: AI-enabled IDEs permit automatic execution, and users rarely recognize disguised malicious commands.

Read the blog: https://blog.trailofbits.com/2025/04/21/jumping-the-line-how-mcp-servers-can-attack-you-before-you-ever-use-them/

Fact checking my exploit against the Erlang SSH bug and the blog I'm reading uses git to checkout OTP... then proceeds to ask ChatGPT to write a tool to diff the files between the versions... in git. What's worse is that the CVE reference that they link to has always had the exact commit of the fix.

🌐 Tor Browser 14.5 is here! Major improvements include:
• Connection Assist now on Android
• Added Belarusian, Bulgarian & Portuguese
• Improved log readability
• Better performance when quitting the app
Update today! #PrivacyMatters
https://blog.torproject.org/new-release-tor-browser-145/

Reverse engineering the obfuscated TikTok VM

https://github.com/LukasOgunfeitimi/TikTok-ReverseEngineering

#HackerNews #ReverseEngineering #TikTok #VM #Obfuscation #CyberSecurity #TechInsights

Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a new Microsoft Entra ID's "leaked credentials" detection app called MACE.

https://www.bleepingcomputer.com/news/microsoft/widespread-microsoft-entra-lockouts-tied-to-new-security-feature-rollout/

I’m a bit tired of all of the ‘look, the USA did these terrible things in the past, this isn’t new’ posts.

The past was pretty awful, for most people. This wasn’t unique to the USA. Russia didn’t abolish serfdom until 1861, until the peasants were owned by the land (and this by the landowners). The UK didn’t allow all people over the age of 18 to vote until 1969.

The fact the past was terrible is not a surprise to anyone who has paid attention to any period in history in any country.

The important thing was the direction. The kind of racism and homophobia that were normal in the 1970s had at least become things that people would criticise by the late 1990s, even if they weren’t eliminated. Jim Crow laws, sodomy laws, and so on had long shadows but were at least being removed from the statute books.

Progress was a lot slower than many of us would have liked, but it was at least moving in the right direction. Not everyone was able to enjoy all of the freedoms that a modern society should convey, but more people were every year. Even bigots had smaller sets of people that they considered not to count as people each year.

The change that people are complaining about is reversing the direction of travel. The fact that things were bad in the past doesn’t contradict this. The thing we’re upset about is not that the current state is new, it’s the exact opposite: that we are returning to a state that we should have moved on from.

[oss-security] CVE-2025-29953: Apache ActiveMQ NMS OpenWire Client: deserialization allowlist bypass

https://www.openwall.com/lists/oss-security/2025/04/18/3

"servers could abuse the unbounded deserialization *in the client* to provide malicious responses that may eventually cause arbitrary code execution on the client"

"The project is considering to [...] drop this part of the NMS API altogether."