[RSS] exploits.club Weekly Newsletter 76 - Tesla Wall Charger Bugs, Chrome PoCs, Secure Boot Arb Writes, And More

https://blog.exploits.club/exploits-club-weekly-newsletter-76-tesla-wall-charger-bugs-chrome-pocs-secure-boot-arb-writes-and-more/

[RSS] Frida 17.2.0 Released

https://frida.re/news/2025/06/18/frida-17-2-0-released/

[RSS] [Today] is the 37th birthday of the IBM Power servers and the #IBMi operating system.

https://www.rpgpgm.com/2025/06/happy-birthday-to-ibm-power-and-ibm-i.html

ClamAV 1.4.3 and 1.0.9 security patch versions published

https://blog.clamav.net/2025/06/clamav-143-and-109-security-patch.html

CVE-2025-20260
CVE-2025-20234
+1 upstream vuln in lzma-sdk

📣 Exciting opportunity in our iOS team for a Senior Vulnerability Researcher with experience in Apple platforms.

Remote or office based.

https://jobs.gohire.io/interrupt-labs-zcocopee/senior-ios-vulnerability-researcher-237538/

Do you know of examples of a software library's test suite catching a bug in its upstream dependencies? I've seen a few of these over the years, and I'd like to put together a small list. Things like:

- A programming language implementation's test suite uncovering a bug in other implementations
- A library's test suite uncovering a bug in the language implementation itself
- A framework addon's / extension's test suite uncovering a bug in the framework

Some pictures of KICKI a DEC PDP-10 model KI10 sn 522 currently in preservation.

Would you like to support us? Visit: https://icm.museum

#retrocomputing #vintagecomputing

You've been asking for the slides from my x33fcon talk this year - here they are!

I covered most modern anti-phishing protections and how to evade them, with a particular focus on how URL rewriting can be used to bypass Google Safe Browsing.

Enjoy! 🪝🐟

🔗👇

Newsletter: Issue 86 – State power sponsored by Coinbase

Coinbase’s sponsorship of Trump’s military parade angered some in the crypto world, who described the move as “deeply disturbing” and “an insult to everything our industry stands for”. But this is only the latest example of crypto companies aligning with state power.

Earlier this month, the cryptocurrency firm Ripple made a $9.4 million contribution to the San Francisco Police Department to fund a surveillance center outfitted with drones. “We’re going to be covering the entire city with drones,” enthused a SFPD Captain about the donation.

https://www.citationneeded.news/issue-86/

#crypto #cryptocurrency #USpolitics #USpol

[RSS] Sleepless Strings - Template Injection in Insomnia

https://tantosec.com/blog/2025/06/insomnia-api-client-template-injection/

[RSS] Exploiting the Tesla Wall connector from its charge port connector

https://www.synacktiv.com/en/publications/exploiting-the-tesla-wall-connector-from-its-charge-port-connector

👷 After 15 years of entrepreneurship and a few months of sabbatical I'm looking for a regular old job.

My ideal role would be primarily technical, aimed to dissect software to uncover vulnerabilities. Beyond bug mining I'd love to learn to mine better and make new kinds of pickaxes.

My public works and contact info are on my homepage:

https://scrapco.de

Get in touch if you want to know more!

Boosts are appreciated! #FediHire

The latest #IBMi LPE bulletins are now correctly attributed to @silentsignal :

https://www.ibm.com/support/pages/node/7236663 - CVE-2025-33108

https://www.ibm.com/support/pages/node/7237040 - CVE-2025-33122

ChatCVE

If anyone has any adb based root exploits for Android 8.1, that would be nice. Link below as an example of something i'm looking for.

https://github.com/j0nk0/GetRoot-Android-DirtyCow

no .exe files in the releases section though /s

Snatched from LinkedIn...it was a message I needed to hear today.

https://www.linkedin.com/posts/alexpyatkovsky_getting-a-job-these-daysespecially-if-you-activity-7340526541010780160-q60s?utm_source=share&utm_medium=member_desktop&rcm=ACoAAANn8noBhoatCaVRJgqSQDhHEuCUOhVPms4

Hey Andy, you should build that AI workforce _before_ you alienate the rest of your real worksforce. https://www.aboutamazon.com/news/company-news/amazon-ceo-andy-jassy-on-generative-ai

Todays Advice from Archive Andy

Check your DVD-Rs**

Don’t leave em laying about in random places

This is the only copy of a Wedding Video. Or, it was the only copy. Its got severe Disc Rot. Might be hard to see but it’s gone dark & is now unplayable

*also +R, -RW, +RW
Get the data off quick