Slides like this will always have a special place in my heart! Source:

https://www.youtube.com/watch?v=goEb7eKj660

[oss-security] pam_namespace local privilege escalation (CVE-2025-6020)

https://www.openwall.com/lists/oss-security/2025/06/17/1

New post: Disclosure: Multiple Vulnerabilities in X.Org X server prior to 21.1.17 and Xwayland prior to 24.1.7 https://insinuator.net/2025/06/disclosure-multiple-vulnerabilities-xserver-xwayland/

🚀 We have just released a new Security Advisory for NASA's CFITSIO library 🛰️. Click the link for details on the Heap Overflow, Type Confusion, Out-of-Bound Writes & other vulnerabilities discovered by our Adrian Denkiewicz !

https://www.doyensec.com/resources/Doyensec_Advisory_CFITSIO_Q22025.pdf

#doyensec #appsec #security

[oss-security] "the security policy of libxml2 has been changed to disclose vulnerabilities before fixes are available"

https://www.openwall.com/lists/oss-security/2025/06/16/6

CVE-2025-49794 CVE-2025-49795 CVE-2025-49796 CVE-2025-6021 CVE-2025-6170

CVE-2025-6021 looks like the most severe (integer overflow in xmlBuildQName())

Off-By-One Conference Day 1&2 videos, without stupid redirectors:

https://www.youtube.com/playlist?list=PLiIDIO1Gp6V9t5jA1WnTVAfHNPPR9OhSx

https://www.youtube.com/playlist?list=PLiIDIO1Gp6V8_CMvMVabhyeABTW1yZrRZ

[RSS] Junk Code Engines for Polymorphic Malware

https://r0keb.github.io/posts/Junk-Code-Engines-for-Polymorphic-Malware/

The Day 2 videos are finally out 🥳🥳

https://bird.makeup/@offbyoneconf/1934401036460167285

The Day 1 videos are finally out 🥳🥳

https://bird.makeup/@offbyoneconf/1934400701767270409

this is a nice post on strace (I didn't know that strace had a --stack-traces option!) https://rrampage.github.io/2025/06/13/strace-tips-for-better-debugging/

I created a library from prefetch-tool so you can more easily experiment with side-channel #KASLR bypasses on Windows:

https://github.com/v-p-b/prefetch-lib

For dogfooding I exploited HEVD on Windows 11 24H2:

https://github.com/v-p-b/HEVD-prefetch

[oss-security] CVE-2025-4748: Erlang/OTP 17.0–28.0.0 absolute-path traversal in zip:unzip/zip:extract

https://www.openwall.com/lists/oss-security/2025/06/16/5

Exquisite bug!

Micropatches Released for WEBDAV Remote Code Execution Vulnerability (CVE-2025-33053) https://blog.0patch.com/2025/06/micropatches-released-for-webdav-remote.html

Listen up Mastodonians, because this is important:

Right now we have a unique chance to rise up and hit back against Zuckerberg and Musk. Because italian filmmaker @_elena and her friends have made an OUTSTANDING short film, which explains why people should quit the fascist social networks and come join us in the fediverse.

Hit the fascists where it hurts — make this go viral by watching it and liking it on YouTube, then hit the share button and share it everywhere!

https://www.youtube.com/watch?v=YRJHIJy5Nno

Crypto: Sponsoring military parades for the Great Leader’s birthday

Just like Satoshi envisioned it.

#VibeCoding your MFA

New vulnerability report from Talos:

Asus Armoury Crate AsIO3.sys authorization bypass vulnerability

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2150

CVE-2025-3464

New vulnerability report from Talos:

Asus Armoury Crate AsIO3.sys stack-based buffer overflow vulnerability

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2144

CVE-2025-1533

https://github.com/ubuntu/authd/security/advisories/GHSA-g8qw-mgjx-rwjr

When a user who hasn't logged in to the system before (i.e. doesn't exist in the authd user database) logs in via SSH, the user is considered a member of the root group in the context of the SSH session. That leads to a local privilege escalation if the user should not have root privileges.

radare2 is now shipping extra panel layouts in the default installation. Do you have custom layouts you enjoy in panels mode? https://github.com/radareorg/radare2/pull/24296 #reverseengineering #tui