[RSS] Windows IRQL explained

https://haxo.games/blog/10/windows-irql-explained

Fine, I made my own Markdown to HTML document generator (with Blackjack and hookers):

https://github.com/v-p-b/sugardocy

It takes a single MD file, and outputs a single, self-contained HTML file without downloading the kitchen sink.

Contributions are welcome, esp. if you have better taste and frontend skills than I do.

@chungyc @alios @troed That's what I'm trying to do rn, and I will probably get there at some point, but what I'm looking for is a complete solution.

[RSS] Micropatches Released for Microsoft Management Console Security Feature Bypass Vulnerability (CVE-2025-26633)

https://blog.0patch.com/2025/05/micropatches-released-for-microsoft.html

I need a tool that can generate self-contained HTML pages from #Markdown with different styles.

markdown-styles looks really close, but I wonder if there are alternatives (preferably not requiring NodeJS):

https://github.com/mixu/markdown-styles

V now supports 3 more architectures:

- loongarch64
- riscv32
- s390x (IBM Z)

I always find it a bit surprising that "looking up executables in PATH" isn't implemented in one central place (there are at least 3 implementations that I use regularly: in libc, my shell, in Go, and probably more that I don't know about)

it's a weird thing because there are actually many different implementations, but I think in general the implementations act similarly enough that you can pretend there's only 1 implementation, I've never actually run into a problem caused by this

CatSynth Pic: CoCo with massive modular 😻🎛 https://catsynth.com/2025/05/coco-with-massive-modular/ #CatsOfMastodon #eurorack #modular

Check it out. I just published TeleMessage Explorer: a new open source research tool https://micahflee.com/telemessage-explorer-a-new-open-source-research-tool/

"Much of the essence of building a program is in fact the debugging of the specification." — Fred Brooks

Hey fedi, if someone knows how to correctly define parallelized instructions in Ghidra's SLEIGH, well, I'm more than interested !

Or if you are aware of any decent documentation on how to define parallelized instructions in SLEIGH and want to share some pointers, that would be awesome too 😊

#reverse #ghidra

Types of codebases my customers send me:

- Enterprise javabean factory factory... on a SIM card

- C# programmer retasked to write an authenticated bootloader in C for an arm platform with no training

- Beautiful well-written, easy-to-read C by an experienced systems programmer, with one mind-blowing 100-out-of-100-risk-severity bug buried in miscutils.c

- There is a hermit monk in a cave in Czechia. Once every three years, he emerges with a new revision of the codebase. It is horrifying spaghetti logic that repulses the human soul, but no matter how long and how hard you look, you can't actually find anything wrong with it

Germany’s largest telecommunication provider Deutsche Telekom is owned by Chinese hackers. And its managed IT service subsidiaries are too. No media reporting on it yet. Deutsche Telekom (addicted to cheap Huawei equipment) chose not to go public. Wake up! https://blog.eclecticiq.com/china-nexus-threat-actor-actively-exploiting-ivanti-endpoint-manager-mobile-cve-2025-4428-vulnerability

CVE-2025-0927 details here!

https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/

I talked AI slop with @joshbressers on Open Source Security:

https://opensourcesecurity.io/2025/2025-05-curl_vs_ai_with_daniel_stenberg/

Interesting story about Google publishing someone's phone number on searches for them when they gave the number to Google for account verification/security:

https://danq.me/2025/05/21/google-shared-my-phone-number/

Reminds me of the time a company I worked for (AFAIK) accidentally used phone numbers obtained the same way for ad targeting and got fined $150M

[RSS] DBus and Polkit Introduction

https://u1f383.github.io/linux/2025/05/25/dbus-and-polkit-introduction.html

With analysis of CVE-2025-23222 and CVE-2021-3560

[RSS] CVE-2025-32756: Low-Rise Jeans are Back and so are Buffer Overflows [Fortinet]

https://horizon3.ai/attack-research/attack-blogs/cve-2025-32756-low-rise-jeans-are-back-and-so-are-buffer-overflows/

Mateusz Jurczyk from GP0 has been been writing a blog series on the implementation details of the Windows Registry, and there's a truly monumental amount of work on show here.

this one post alone is 24,000 words long, and covers a huge range of security issues discovered across the registry attack surface.

practically mandatory reading if you're doing Windows appsec assessments. really incredible stuff.

https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-7-attack-surface.html

Sad times, John Young of Cryptome is no longer with us:

https://www.theregister.com/2025/05/24/john_young_obituary/