The DWARF debug format is well-known for debugging executables,
but it is also an effective format for sharing reverse engineering information
across various tools, such as IDA, BinaryNinja, Ghidra, and Radare2.

In this blog post, I introduce a new high-level API in LIEF that allows the
creation of DWARF files. Additionally, I present two plugins designed to export
program information from Ghidra and BinaryNinja into a DWARF file.

https://lief.re/blog/2025-05-27-dwarf-editor/

(Bonus: The blog post includes a DWARF file detailing my reverse engineering work on DroidGuard)

On zero days & exploit engineering, part 1

https://www.youtube.com/watch?v=QFWPxji5egI

Video by Alisa Esage

[oss-security] Xen Security Advisory 468 v3 (CVE-2025-27462,CVE-2025-27463,CVE-2025-27464) - WinPVDrivers: Excessive permissions on user-exposed devices

https://www.openwall.com/lists/oss-security/2025/05/27/1

New Rapid7 Analysis on AttackerKB topic: CVE-2024-58136

"Yii framework is a component-based MVC web application framework, providing developers with the building blocks to create complex web applications including modules for authentication, database access, REST etc ..."

Link: https://attackerkb.com/topics/622fff34-7ccf-4193-8a78-60e6b21d8811

Defcon forums have to be RCE’d once a year, I don’t make the rules!
https://chaos.social/@christopherkunz/114579265339897261

[RSS] Windows IRQL explained

https://haxo.games/blog/10/windows-irql-explained

Fine, I made my own Markdown to HTML document generator (with Blackjack and hookers):

https://github.com/v-p-b/sugardocy

It takes a single MD file, and outputs a single, self-contained HTML file without downloading the kitchen sink.

Contributions are welcome, esp. if you have better taste and frontend skills than I do.

@chungyc @alios @troed That's what I'm trying to do rn, and I will probably get there at some point, but what I'm looking for is a complete solution.

[RSS] Micropatches Released for Microsoft Management Console Security Feature Bypass Vulnerability (CVE-2025-26633)

https://blog.0patch.com/2025/05/micropatches-released-for-microsoft.html

I need a tool that can generate self-contained HTML pages from #Markdown with different styles.

markdown-styles looks really close, but I wonder if there are alternatives (preferably not requiring NodeJS):

https://github.com/mixu/markdown-styles

V now supports 3 more architectures:

- loongarch64
- riscv32
- s390x (IBM Z)

I always find it a bit surprising that "looking up executables in PATH" isn't implemented in one central place (there are at least 3 implementations that I use regularly: in libc, my shell, in Go, and probably more that I don't know about)

it's a weird thing because there are actually many different implementations, but I think in general the implementations act similarly enough that you can pretend there's only 1 implementation, I've never actually run into a problem caused by this

CatSynth Pic: CoCo with massive modular 😻🎛 https://catsynth.com/2025/05/coco-with-massive-modular/ #CatsOfMastodon #eurorack #modular

Check it out. I just published TeleMessage Explorer: a new open source research tool https://micahflee.com/telemessage-explorer-a-new-open-source-research-tool/

"Much of the essence of building a program is in fact the debugging of the specification." — Fred Brooks

Hey fedi, if someone knows how to correctly define parallelized instructions in Ghidra's SLEIGH, well, I'm more than interested !

Or if you are aware of any decent documentation on how to define parallelized instructions in SLEIGH and want to share some pointers, that would be awesome too 😊

#reverse #ghidra

Types of codebases my customers send me:

- Enterprise javabean factory factory... on a SIM card

- C# programmer retasked to write an authenticated bootloader in C for an arm platform with no training

- Beautiful well-written, easy-to-read C by an experienced systems programmer, with one mind-blowing 100-out-of-100-risk-severity bug buried in miscutils.c

- There is a hermit monk in a cave in Czechia. Once every three years, he emerges with a new revision of the codebase. It is horrifying spaghetti logic that repulses the human soul, but no matter how long and how hard you look, you can't actually find anything wrong with it

Germany’s largest telecommunication provider Deutsche Telekom is owned by Chinese hackers. And its managed IT service subsidiaries are too. No media reporting on it yet. Deutsche Telekom (addicted to cheap Huawei equipment) chose not to go public. Wake up! https://blog.eclecticiq.com/china-nexus-threat-actor-actively-exploiting-ivanti-endpoint-manager-mobile-cve-2025-4428-vulnerability

CVE-2025-0927 details here!

https://ssd-disclosure.com/ssd-advisory-linux-kernel-hfsplus-slab-out-of-bounds-write/