🚨Binarly is documenting the discovery of CVE-2025-3052, a memory-corruption flaw in a Microsoft-signed UEFI module that lets attackers bypass Secure Boot and run unsigned code before the OS starts.

🔗 Full details: https://www.binarly.io/blog/another-crack-in-the-chain-of-trust
🛡️ Advisory: https://www.binarly.io/advisories/brly-dva-2025-001

#cybersecurity

Submitted my first bug via GitHub's advisory reporting mechanism for hosted projects (I know, right!?!?). Much less painful than the traditional hunt the email address/chase the vendor so far.

REcover is a tool for approximately recovering the compile-unit layout from stripped binary executables.

https://github.com/huku-/recover

Back up your 2fa keys, or add a second method.

Do it now, before your phone dies/breaks/is stolen.

That's it that's the post.

This is the 100 year anniversary of humans having an idea of what the heck the sun and all the stars actually are. If you had asked a leading astronomer in 1925 what the sun was, they would say that it's basically the same as Earth, but very hot.

In Cecilia Payne's doctoral thesis she was the first to say, from spectral data, that the sun was overwhelmingly made of hydrogen and helium.

It was later described as "the most brilliant PhD thesis ever written in astronomy".

https://en.wikipedia.org/wiki/Cecilia_Payne-Gaposchkin

Have you ever spent precious time converting something like "0xde, 0xad,\r\n0xbe, 0xef" to "\xde\xad\xbe\xef"?

If so, then xer is for you:

https://github.com/v-p-b/xer

This is also my first somewhat useful #Rust project, so be gentle <3

Outlook must die, again
Gemini might have the best solution for Outlook (new) to prevent it regularly appearing back on my system. I do not want this code!!

Remove Provisioned App Packages (More Aggressive - Use with Caution):
This is a more permanent solution that attempts to remove the app not just for your user profile, but for all future user profiles on the system, and prevents it from being provisioned again automatically by the OS.

Open PowerShell as Administrator.

Get-AppxPackage -AllUsers | Where-Object {$_.Name -like "Microsoft.OutlookForWindows*"}

Look for the PackageFullName (e.g., Microsoft.OutlookForWindows_1.2024.515.0_x64__8wekyb3d8bbwe).

Remove for Current User:

Get-AppxPackage *Microsoft.OutlookForWindows* | Remove-AppxPackage

Remove Provisioned Package (Crucial for preventing reinstallation):
PowerShell

Get-AppxProvisionedPackage -Online | Where-Object {$_.PackageName -like "Microsoft.OutlookForWindows*"} | Remove-AppxProvisionedPackage -Online

Note: If you run the Remove-AppxProvisionedPackage command and it doesn't find the package, it means it's not provisioned for new users, but might still be re-added through other mechanisms like Windows Feature Experience Pack updates.

Me: (Selects option to create a new empty folder on my Win11 i5 laptop)

Laptop: OH DEAR GOD NO WHAT IS WRONG WITH YOU? I MUST CRANK ON THE FANS AND DISPLAY THE EXPLORER NOT RESPONDING BANNER TO DEAL WITH THIS UNPRECEDENTED DEMAND ON MY PROCESSORS! YOU VICIOUS, HEARTLESS BASTARD! *sob*

Me: (Smiles and quietly fantasizes again about shooting this laptop.)

“jemalloc Postmortem” https://jasone.github.io/2025/06/12/jemalloc-postmortem/

ominous voids per byte

Today we published two blog posts about an HTML specification change that makes mutation XSS harder to exploit! Long story short: `<` and `>` are now escaped in attributes.

* Blog post about security rationale behind this change: https://bughunters.google.com/blog/5038742869770240/escaping-and-in-attributes-how-it-helps-protect-against-mutation-xss
* Blog post about how it affects web developers: https://developer.chrome.com/blog/escape-attributes?hl=en

Big update: The Internet Archive has launched a new version of GifCities, the search engine for vintage GeoCities GIFs. It's now easier to explore the glitter, chaos, and charm of early web animation.

Search better. Share better. Blink more.

Learn more: https://blog.archive.org/2025/06/09/keep-on-gifin-a-new-version-of-gifcities-internet-archives-geocities-animated-gif-search-engine/

NEW: Four months after releasing iOS 18.3.1, Apple has published details about a zero-day that it fixed at the time, but did not publicize.

This is the iPhone zero-day used against the two European journalists targeted with Paragon spyware, according to Citizen Lab.

It's unclear why Apple did not publish information about this zero-day until today.

https://techcrunch.com/2025/06/12/apple-fixes-new-iphone-zero-day-bug-used-in-paragon-spyware-hacks/

Meta launched a stand-alone AI app and now it is full of sensitive content from Facebook users who appear to be unaware that they have made their conversations public: https://www.businessinsider.com/mark-zuckerberg-meta-ai-chatbot-discover-feed-depressing-why-2025-6

Forget about whether 100 men would win against 1 gorilla... the real question is how would 100 CISSP's fare against a gorilla?

🆕 New blog post!

"Checking for Symantec Account Connectivity Credentials (ACCs) with PrivescCheck"

This blog post is not so much about PrivescCheck in the end, but rather brings additional insight to the original article published by MDSec on the subject.

👉 https://itm4n.github.io/checking-symantec-account-credentials-privesccheck/

#redteam #research #pentest #pentesting

I wonder if there are tried and tested guides about _documenting_ deceptive technologies deployed in a system?

Trivially this would be something like "srv01:443 is a canary, don't decommission", but of course if the attacker sees this first, that's a problem.

/cc @haroonmeer

When we throw up our hands and say none of it matters, we're doing the fascists’ work for them. They don't need to hide their corruption if they can convince us it's pointless to look. They don't need to silence truth-tellers if we've already decided truth is meaningless.

https://www.citationneeded.news/it-matters-i-care/

[RSS] X41 Audited Ruby on Rails

https://x41-dsec.de/security/research/job/news/2025/06/11/ruby-on-rails/