During the weekend, I’ve been working a bit on updating my battle-tested #semgrep ruleset for #c #vulnerability research

https://github.com/0xdea/semgrep-rules

Nothing major, just a couple of small updates. It feels good to be back doing some #security #research! Let’s see where this takes me…

The slides for my OffensiveCon talk "Finding and Exploiting 20-year-old bugs in Web Browsers" https://docs.google.com/presentation/d/1pAosPlKUw4uI5lfg7FVheTZAtI5mUy8iDeE4znprV34/edit?usp=sharing

We need a "slow computing" movement, the digital equivalent of "slow food".

We need to code better, with human care and attention to details, with true understanding of technology, achieving better performance with fewer resources.

We can do more with less if we believe in it.

When I say that I can't recommend third-party forks of either Firefox or Chrome for real world use, this kind of thing is why. *This* is the bar for what the security team for a browser needs to be able to do. A fork where the entire technical team is ten people that can't even keep up with upstream patches is sadly not in the running.

https://blog.mozilla.org/security/2025/05/17/firefox-security-response-to-pwn2own-2025/

I have an idea for a program to promote businesses that are good for the environment because they help people repair things. Places like tailors, cobblers, electronics repair are all at risk of vanishing along with the skills required to do these things.

Right at a moment when we should be making repair and longevity a bigger part of material culture.

My cobbler is very old and isn't training anyone to take over.

Just telling people to repair things won't cut it.

Thrilled to share our latest deep dive into Windows Kernel Streaming!
Just presented this research at @offensive_con.

Check it out: https://devco.re/blog/2025/05/17/frame-by-frame-kernel-streaming-keeps-giving-vulnerabilities-en/

yeah, I concur.

#CookieLaw #DataProtection

Our CfP is open for only one more week! Do you have a wonderful creation, an art installation, a workshop or a hack that you would like to give a stage? Here is your chance!
https://cfp.why2025.org

I have a keyboard and a keymap that result in the same character being printed for two different Alt- combinations. How do I remap one of the combos to print a different character, that is not available currently?

#Linux #X11

Frida 17 is out 🎉
https://frida.re/news/2025/05/17/frida-17-0-0-released/

a motherboard from my now-previous laptop doesn't boot; the LED blink sequence decodes to "BIOS flash failure". first of all what the heck? that never happens (but the symptoms when it died were consistent with it happening)

anyway, it uses plain SPI, and #GlasgowInterfaceExplorer can now analyze SPI transactions very easily

let's find out

Escaping US Tech Giants Leads European YouTuber to Open Source

https://hackaday.com/2025/05/17/escaping-us-tech-giants-leads-european-youtuber-to-open-source/

This could be us but you vibe coding

https://suberic.net/~dmm/projects/mystical/README.html

h/t @neauoire

A programming language that resembled magical circles.
docs: https://suberic.net/~dmm/projects/mystical/README.html
All sigils: https://suberic.net/~dmm/projects/mystical/docs/operators.html
by @yomikoma

Them: The real threat to reliability is all this complexity in our system!
Me: Wait, so those corrective actions that you proposed in the wake of that last incident, would they *reduce* complexity or *increase* it?
Them: …
Me: …

Pwn2Own Berlin 2025 comes to a close. We awarded $1,078,750 for 28 unique 0-days. Congrats to STAR Labs SG for winning Master of Pwn with $320,000. Thanks to @offensive_con for hosting, and thanks to all who participated. Can't wait to see you next year! #Pwn2Own #P2OBerlin

GLIBC-SA-2025-0002: CVE-2025-4802: glibc: elf: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH https://www.openwall.com/lists/oss-security/2025/05/17/2
Affects statically linked setuid binaries that call dlopen, including internally to glibc after setlocale or NSS functions such as getaddrinfo

[RSS] Coinbase flips $20M extortion demand into bounty for info on attackers

https://cyberscoop.com/coinbase-cyberattack-extortion-counter-reward/

[RSS] Expression Payloads Meet Mayhem - Ivanti EPMM Unauth RCE Chain (CVE-2025-4427 and CVE-2025-4428)

https://labs.watchtowr.com/expression-payloads-meet-mayhem-cve-2025-4427-and-cve-2025-4428/