The RE//verse YouTube channel is packed with talks from RE//verse 2025! Catch Takahiro’s deep dive into UEFI Bootkit Hunting: In-Depth Search for Unique Code Behavior here: https://youtu.be/pMZqvv_tKDs?feature=shared and be sure to subscribe so you don’t miss more like this!

VMSA-2025-0010 : VMware ESXi, vCenter Server, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228)

https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717

Small change to HTML with massive impact on eliminating mXSS attacks

https://github.com/whatwg/html/commit/e21bd3b4a94bfdbc23d863128e0b207be9821a0f

...and now the video of my talk "Finding and Exploiting 20-year-old bugs in Web Browsers" is live too https://www.youtube.com/watch?v=U1kc7fcF5Ao

🚨 New advisory was just published! 🚨

Multiple vulnerabilities were discovered in Foscam X5. These vulnerabilities allow a remote attacker to trigger code execution vulnerabilities in the product: https://ssd-disclosure.com/ssd-advisory-multiple-foscam-x5-vulnerabilities/

Wow, this was fast! #OffensiveCon25 videos are up!

https://www.youtube.com/watch?v=goEb7eKj660&list=PLYvhPWR_XYJk0p40BrX7K2z-_j_tJmvhc

We found a vulnerability in AMD CPUs that lets us load arbitrary microcode!
The recording of our OffensiveCon presentation is live at https://youtu.be/sUFDKTaCQEk
Slides at http://entrysign.top

[RSS] Telegram Gave Authorities Data on More than 20,000 Users

https://www.404media.co/telegram-gave-authorities-data-on-more-than-20-000-users/

[RSS] Remembering The ISP That David Bowie Ran For Eight Years

https://hackaday.com/2025/05/19/remembering-the-isp-that-david-bowie-ran-for-eight-years/

Discovery: The "copilot" bot user that Microsoft will soon be flooding your github repos with garbage content from is implemented in some sort of special way that exempts it from the "block" feature you would normally be able to block other users/bots with

https://github.com/orgs/community/discussions/159749

#EU reaction as Orbán is about to kill independent press and civil society in #Hungary

https://youtu.be/UIPSvIz9NDs?si=Sbe2wHqsHkqPtjm6&t=40

Microsoft takes Windows Subsystem for Linux open source after nearly a decade
WSL has also recently added official support for both Fedora and Arch distros.
https://arstechnica.com/gadgets/2025/05/microsoft-takes-windows-subsystem-for-linux-open-source-after-nearly-a-decade/?utm_brand=arstechnica&utm_social-type=owned&utm_source=mastodon&utm_medium=social

"Go Cryptography Security Audit" by Roland Shoemaker — https://go.dev/blog/tob-crypto-audit

#golang

CVE-2024-11182 also seems like a stored XSS: "attacker can send a specially crafted HTML e-mail message with JavaScript in an img tag" - The '90s called and they want their webmail bugs back!!

RE: https://mastodon.social/@cisakevtracker/114535806650652126

I found that CVE-2024-27443 doesn't qualify for XSS Reflections as it seems to be a stored XSS. Pretty neat vuln though!

https://github.com/v-p-b/xss-reflections

RE: https://mastodon.social/@cisakevtracker/114535804613431399

I have been following the INFOSEC industry and am ready to begin my startup. Any investors here interested? Here's my business plan.

[RSS] Security Bulletin: IBM i is vulnerable to a machine-in-the-middle attack due to mishandling error codes when verifying the host key by OpenSSH. [CVE-2025-26465]

https://www.ibm.com/support/pages/node/7233399?myns=swgother&mynp=OCSWG60&mynp=OCSSTS2D&mynp=OCSS9QQS&mynp=OCSSKWKM&mynp=OCSSC5L9&mynp=OCSSB23CE&mync=A&cm_sp=swgother-_-OCSWG60-OCSSTS2D-OCSS9QQS-OCSSKWKM-OCSSC5L9-OCSSB23CE-_-A

#IBMi

[RSS] Security Bulletin: IBM i is vulnerable to a privilege escalation vulnerability in IBM TCP/IP Connectivity Utilities for i [CVE-2025-33103].

https://www.ibm.com/support/pages/node/7233799?myns=swgother&mynp=OCSWG60&mynp=OCSSKWKM&mynp=OCSSC5L9&mynp=OCSSTS2D&mynp=OCSS9QQS&mynp=OCSSB23CE&mync=A&cm_sp=swgother-_-OCSWG60-OCSSKWKM-OCSSC5L9-OCSSTS2D-OCSS9QQS-OCSSB23CE-_-A

#IBMi

DOMPurify 3.2.6 has been released with several smaller fixes and improvements, thanks to all who contributed 💕

https://github.com/cure53/DOMPurify/releases/tag/3.2.6

Hopefully this will also help with the CI/CD issues that arose after the fake CVE was posted last week.

My new blog post 🥳

Improving AFD Socket Visibility for Windows Forensics & Troubleshooting

It discusses the low-level API under Winsock (IOCTLs on \Device\Afd handles) and explores the workings of the new socket inspection feature in System Informer 🔥
https://www.huntandhackett.com/blog/improving_afd_socket_visibility