Posts
2503
Following
650
Followers
1469
"I'm interested in all kinds of astronomy."
repeated

in case you missed it, someone has been porting mario64 to the gameboy advance

in what i can only describe as incredible hackery

https://www.youtube.com/watch?v=kueoO3b4B-M

technically speaking, it isn't the first 3d game on the gba, there's games like "asterix and obelix xxl"

technically speaking though, porting an n64 game to the gba is even more ridiculous

1
4
0
repeated

Exploiting the CVE-2025-21756 1-day vulnerability

@v4bel and @_qwerty_po posted a kernelCTF report about exploiting a UAF in the vsock subsystem of the Linux kernel:
https://github.com/google/security-research/blob/f7dbb569a8275d4352fb1a2fe869f1afa79d4c28/pocs/linux/kernelctf/CVE-2025-21756_lts_cos/docs/exploit.md

1
4
0
repeated

Another sev:CRIT ../ ? This time in ZendTo. LMAO. PoC in the post.

https://horizon3.ai/attack-research/attack-blogs/cve-2025-34508-another-file-sharing-application-another-path-traversal/

We discovered a path traversal vulnerability in ZendTo versions 6.15-7 and prior. This vulnerability allows malicious actors to bypass the security controls of the service to access or modify potentially sensitive information of other users. This issue is patched in 6.15-8, and we encourage all users to upgrade as soon as possible.

0
2
0
Slides like this will always have a special place in my heart! Source:

https://www.youtube.com/watch?v=goEb7eKj660
0
1
10
[oss-security] pam_namespace local privilege escalation (CVE-2025-6020)

https://www.openwall.com/lists/oss-security/2025/06/17/1
0
2
3
repeated

New post: Disclosure: Multiple Vulnerabilities in X.Org X server prior to 21.1.17 and Xwayland prior to 24.1.7 https://insinuator.net/2025/06/disclosure-multiple-vulnerabilities-xserver-xwayland/

0
5
0
repeated

🚀 We have just released a new Security Advisory for NASA's CFITSIO library 🛰️. Click the link for details on the Heap Overflow, Type Confusion, Out-of-Bound Writes & other vulnerabilities discovered by our Adrian Denkiewicz !

https://www.doyensec.com/resources/Doyensec_Advisory_CFITSIO_Q22025.pdf

0
2
0
Edited 1 month ago
[oss-security] "the security policy of libxml2 has been changed to disclose vulnerabilities before fixes are available"

https://www.openwall.com/lists/oss-security/2025/06/16/6

CVE-2025-49794 CVE-2025-49795 CVE-2025-49796 CVE-2025-6021 CVE-2025-6170

CVE-2025-6021 looks like the most severe (integer overflow in xmlBuildQName())
0
5
3
repeated
repeated
repeated
Edited 1 month ago

this is a nice post on strace (I didn't know that strace had a --stack-traces option!) https://rrampage.github.io/2025/06/13/strace-tips-for-better-debugging/

1
4
0
I created a library from prefetch-tool so you can more easily experiment with side-channel #KASLR bypasses on Windows:

https://github.com/v-p-b/prefetch-lib

For dogfooding I exploited HEVD on Windows 11 24H2:

https://github.com/v-p-b/HEVD-prefetch
0
5
12
[oss-security] CVE-2025-4748: Erlang/OTP 17.0–28.0.0 absolute-path traversal in zip:unzip/zip:extract

https://www.openwall.com/lists/oss-security/2025/06/16/5

Exquisite bug!
2
9
23
repeated

Micropatches Released for WEBDAV Remote Code Execution Vulnerability (CVE-2025-33053) https://blog.0patch.com/2025/06/micropatches-released-for-webdav-remote.html

1
3
0
repeated
Edited 1 month ago

Listen up Mastodonians, because this is important:

Right now we have a unique chance to rise up and hit back against Zuckerberg and Musk. Because italian filmmaker @_elena and her friends have made an OUTSTANDING short film, which explains why people should quit the fascist social networks and come join us in the fediverse.

Hit the fascists where it hurts — make this go viral by watching it and liking it on YouTube, then hit the share button and share it everywhere!

https://www.youtube.com/watch?v=YRJHIJy5Nno

33
30
0
repeated
Edited 1 month ago

Crypto: Sponsoring military parades for the Great Leader’s birthday

Just like Satoshi envisioned it.

14
16
0
repeated
repeated

Talos Vulnerability Reports

New vulnerability report from Talos:

Asus Armoury Crate AsIO3.sys authorization bypass vulnerability

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2150

CVE-2025-3464
0
1
1
Show older